11967 matches found
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the Contact Form Generator plugin 2.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 create a field, 2 update a field, 3 delete a field, 4 create a form, 5 update a...
Google Chrome < 44.0.2403.89 Multiple Vulnerabilities
Binary data 8853.pasl...
iTunes 10.6.1.7 - '.PLS' Title Buffer Overflow
No description provided by source. nsehlonger = "\xeb\x1E\x90\x90" nsehshorter = "\xeb\x06\x90\x90" seh = 0x72d119de pop pop ret from msacm32.drv shell = "\xdd\xc1\xd9\x74\x24\xf4\xbb\x2b\x2b\x88\x37\x5a\x31\xc9" + "\xb1\x33\x83\xea\xfc\x31\x5a\x13\x03\x71\x38\x6a\xc2\x79" +...
Joomla GoogleSearch (CSE) 3.0.2 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit title: Joomla Component GoogleSearch CSE 3.0.2 - XSS Vulnerability Author: Bet0 Twitter: https://twitter.com/Bet0Shinoda Website: www.mc-crew.or.id Google Dork: inurl:"index.php?option=comgooglesearchcse" Date: 29 Agustus 2015 Vendor...
Edimax PS-1206MF - Web Admin Authentication Bypass
Edimax PS-1206MF - Web Admin Authentication Bypass Title: Edimax PS-1206MF - Web Admin Auth Bypass Date: 30.08.15 Vendor: edimax.com Firmware version: 4.8.25 Author: Smash Contact: smash at devilteam.pl HTTP authorization is not being properly verified while sendind POST requests to .cgi, remote...
MS SQL Server 2000/2005 SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer Exploit
Exploit for windows platform in category remote exploits % Function PaddingintLen Dim strRet, intSize intSize = intLen/2 - 1 For I = 0 To intSize Step 1 strRet = strRet & unescape"%u4141" Next Padding = strRet End Function Function PackDWORDstrPoint strTmp = replacestrPoint, "0x", "" PackDWORD =...
Pluck CMS 4.7.3 - Multiple Vulnerabilities
Pluck CMS 4.7.3 - Multiple Vulnerabilities Title: Pluck 4.7.3 - Multiple vulnerabilities Date: 28.08.15 Vendor: pluck-cms.org Affected versions: = 4.7.3 current Tested on: Apache2.2 / PHP5 / Deb32 Author: Smash | smaash.net Contact: smash at devilteam.pl Few vulnerabilities. Bugs: - local file...
ZSNES 1.51 Stack-Based Buffer Overflow
Exploit Author: Juan Sacco - http://www.exploitpack.comp Tested on: GNU/Linux - Kali Linux 2.0 Description: ZSNES v1.51 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could...
Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow Exploit
Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow Version: 1.6 Date: 2015-08-23 Author: Tracy Turben email protected Software Link: http://www.efssoft.com/ Tested on: Win7x32-EN,Win7x64-EN from...
Vifi Radio 1 Cross Site Request Forgery
. | | / | | \ \ | | \ / | |\ / / /\ \ / \ | Y / ^ / / || / / / / /\ /\ \ \ \ | / \ / http://h4x0resec.blogspot.com / \ | \ \ / // / \ / / / / Vifi Radio v1 - CSRF Arbitrary Change Password Exploit My + Discovered by: KnocKout Contact : [email protected] HomePage :...
Details Surface on Patched Sandbox Violation Vulnerability in iOS
Apple patched an issue last week in iOS that could have allowed attackers to bypass the third-party app-sandbox protection mechanism on devices and read arbitrary managed preferences via a special app. The issue, which was present in versions of iOS prior to 8.4.1, stems from a vulnerability with...
vBulletin < 4.2.2 - Memcache Remote Code Execution
vBulletin's memcache setting is vulnerable in certain versionsall before 4.2.2 to an RCE. vBulletin seem to have refused to classify it as a vulnerability or post anything about it, or put anything in the announcements on their website. They say "PL2 4.2.2 should prevent the use of localhost,"...
vBulletin 4.2.2 Memcache Remote Code Execution Exploit
vBulletin versions prior to 4.2.2 suffer from a memcache related remote code execution vulnerability. Not really a 0day since it's fixed in some versions, but still an exploit that doesn't seem to be "that" public. Please note, I didn't find this. vBulletin's memcache setting is vulnerable in...
Microsoft Windows HTA (HTML Application) - Remote Code Execution Exploit
Microsoft Windows HTA HTML Application remote code execution exploit that leverages MS14-064. !/usr/bin/php poc'."\n\n"; $reza = socketcreateAFINET, SOCKSTREAM, 0 or die'Failed to create socket!'; socketbind$reza, 0,$port; socketlisten$...
marfinbank.ua XSS vulnerability
Vulnerable URL: http://marfinbank.ua/web/mb-ru.nsf/search/Search?SearchView=%3Cimg%20src=%22123%22%20onerror=%22alert%28%27XSSPOSED%27%29;%22%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
Design/Logic Flaw
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vector...
fanpop.com XSS vulnerability
Vulnerable URL: http://www.fanpop.com/search Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2608 Google Pagerank| 6 VIP website status:| Yes Check fanpop.com SSL connection:| Grade...
Researchers Uncover Chinese VPN Service Used by APT Crews for Cover
Building a business can be expensive and time-consuming, and owners will look for ways to save money wherever they can. Researchers from RSA Security have found a VPN provider in China that is taking this to an unusual extreme: hacking Windows servers around the world for use as VPN nodes on a...
BIND9 - TKEY PoC Exploit
Exploit for multiple platform in category dos / poc / PoC for BIND9 TKEY assert Dos CVE-2015-5477 Usage: tkill What it does: - First sends a "version" query to see if the server is up. - Regardless of the version response, it then sends the DoS packet. - Then it waits 5 seconds for a response. If...
mobile.topshop.com XSS vulnerability
Vulnerable URL: http://mobile.topshop.com/webapp/wcs/stores/servlet/CatalogNavigationSearchResultCmd?langId=-1=13058=34058=1=1=1=20=20=1="-eval"al"%2b"e"%2b"rt"xssposed""-"=noredirect Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS...