11967 matches found
otowota.com XSS vulnerability
Open Bug Bounty ID: OBB-75815 Description| Value ---|--- Affected Website:| otowota.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...
Hacking Team keep track of the Flash Exploit-vulnerability warning-the black bar safety net
Background 7 months since the leaked 0day also really let the people rejoice let the people worry. Compared to Malwaredontneedcoffee from time to time the release of the sample in the inhuman confusion of the encryption, they HackTeam offer but retracted neat, variable naming Convention, comments...
rgia.su XSS vulnerability
Vulnerable URL: http://rgia.su/generalSearch.do?a=0="...
guns.ru XSS vulnerability
Vulnerable URL: http://guns.ru/cgi-bin/search.cgi/search?act=search=xss=YES=96only==y==no=simplesearche=1=500=0geo=èñêàòün=1name="...
servicos.ibama.gov.br XSS vulnerability
Vulnerable URL:...
Multiple vulnerabilities in Vulcan theme for WordPress + WAF bypass
Hello 3APA3A! Let's back to vulnerabilities, which I disclosed in April 2011, which can be used for DDoS attacks on other sites, e.g. with my DAVOSET http://seclists.org/fulldisclosure/2015/Jun/111. In addition to hundreds of themes, which I wrote about in previous years, here is another theme fo...
Linux/x86 - exec'/bin/dash' shellcode 45 bytes
Linux/x86 - exec'/bin/dash' shellcode 45 bytes. Shellcode exploit for linx86 platform / Title: Linux/x86 exec'/bin/dash' - shellcode 45 bytes Platform: linux/x8664 Date: 2015-06-15 Author: Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes ,...
FineCMS免费版无限制GETshell
简要描述: 66666666666666FineCMS免费版无限制GETshell 详细说明: http://www.jwss.cc/?q=Powered%20by%20FineCMS%E5%85%8D%E8%B4%B9%E7%89%88&pn=100 案例:http://www.luyoutu.com/ http://www.qianjin998.com/ http://dery.cn/ http://www.xiaomixifan.cn/ http://www.yyxly.com/ http://mylhealth.com/ /plugins/mbak/ebak/index.php...
SQLMap Web Front End
PHP Front end to work with the SQLMAP JSON API Server sqlmapapi.py to allow for a Web GUI to drive near full functionality of SQLMAP! Windows 2003 Server, IIS/6.0 + ASP + MS-SQL 2005 SQLMap Web GUI Requirements: Linux, Apache, PHP check your favorite distro’s wiki or forum pages, or use google PH...
CVE-2015-2723
...
Samsung's Swift Keyboard Update Mechanism Exposes 600M Devices
The Swift keyboard, installed by default on Samsung Android mobiles, exposes devices to a host of remote attacks that could be executed by attackers ranging from criminals sitting man-in-the-middle on local Wi-Fi networks, to a state actor in an upstream position at an ISP or backbone. NowSecure...
4images 1.7.11 File Inclusion
| Title : 4images 1.7.11 Multi Vulnerability | Author : indoushka | email : [email protected] | Dork : Powered by 4images 1.7.11 | Tested on: windows 8.1 Français V.Pro | Download : http://www.4homepages.de/ ======================================= Host Header Attack : Vulnerability...
[KIS-2015-02] Concrete5 <= 5.7.3.1 Multiple Reflected Cross-Site Scripting Vulnerabilities
---------------------------------------------------------------------------- Concrete5 = 5.7.3.1 Multiple Reflected Cross-Site Scripting Vulnerabilities ---------------------------------------------------------------------------- - Software Link: https://www.concrete5.org/ - Affected Versions:...
linux common exploit techniques practice-vulnerability warning-the black bar safety net
1.1 purpose of the 1.1.1 writing this article is to summarize some time ago learned,the second is to pwn also not getting the students some help,after all they learn when still encountered many difficulties the following are my actual operation,write more detailed,contains some of my own...
CVE-2015-3648
ResourceSpace (Montala Limited) is affected by a Local File Inclusion in pages/setup.php due to insufficient sanitization of the defaultlanguage parameter, allowing remote attackers to include and execute local files. The issue affects ResourceSpace up to version 7.2.6727 (vendor advisory referen...
tfmsuperstore.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-65793 Description| Value ---|--- Affected Website:| tfmsuperstore.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...
Broadlight Residential Gateway DI3124 - Unauthenticated Remote DNS Change Vulnerability
Exploit for hardware platform in category web applications Broadlight Residential Gateway DI3124 Unauthenticated Remote DNS Change Copyright 2015 c Todor Donev http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg No description for morons, script kiddies & noobs !! Disclaimer:...
WiFi HD 8.1 Denial Of Service / Directory Traversal
Exploit Title: WiFi HD 8.1 - Directory Traversal and Denial of Service Date: 2015-05-27 Exploit Author: Wh1t3Rh1n0 Michael Allen Vendor Homepage: http://www.savysoda.com Software Link: http://www.savysoda.com/WiFiHD/ Version: 8.1 Apr 1, 2015 Tested on: iPhone Disclosure Timeline: 2015-05-30: Vend...
Chmool Net 2 SQL Injection / Unauthenticated Administrative Access
| Title : chmool net V2 Mullti Vulnerability | Author : indoushka | email : [email protected] | Dork : Ahmed Ellefy c 2014 | Tested on: win8.1 Fr V.Pro 23:11 22/05/2015 | Bug : Mullti | Download : http://www.traidnt.com ======================================= By pass Admin panel :...
pcre -- multiple vulnerabilities
Venustech ADLAB reports: PCRE library is prone to a vulnerability which leads to Heap Overflow. During the compilation of a malformed regular expression, more data is written on the malloced block than the expected size output by compileregex. PCRE library is prone to a vulnerability which leads ...