176 matches found
phpMyAdmin 4.8.1 Code Execution / Local File Inclusion Vulnerabilities
Exploit for php platform in category web applications Exploit Title: phpMyAdmin 4.8.1 - Local File Inclusion to Remote Code Execution Exploit Author: VulnSpy Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.0...
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion (2)
Exploit Title: phpMyAdmin 4.8.1 - Local File Inclusion to Remote Code Execution Date: 2018-06-21 Exploit Author: VulnSpy Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.0, 4.8.1 Tested on: php7 mysql5 CVE :...
Cacti cross-site scripting vulnerability (CNVD-2017-32248)
Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A cross-site scripting vulnerability exists in the...
Network OSINT Gathering Tool: XRay
XRay is a tool for network OSINT gathering, its goal is to make some of the initial tasks of information gathering and network mapping automatic. How Does it Work? XRay is a very simple tool, it works this way: 1. It’ll bruteforce subdomains using a wordlist and DNS requests. 2. For every...
CVE-2016-4755
Terminal in Apple OS X before 10.12 uses weak permissions for the .bashhistory and .bashsession files, which allows local users to obtain sensitive information via unspecified vectors...
PHP ext/session/session.c Denial of Service Vulnerability
PHP is a widely used general-purpose scripting language that is particularly well suited for web development and can be embedded in HTML. A denial of service vulnerability exists in PHP versions prior to 5.5.38, 5.6.x prior to 5.6.24, and 7.x prior to 7.0.9 in which the ext/session/session.c...
KiTTY Portable 0.65.1.1p - Local Saved Session Overflow (Egghunter XP / Denial of Service 7/8.1/10)
Exploit Title: KiTTY Portable Local Code Execution Win7 - Denial Of Service Win8.1 - Denial Of Service Win10 - Denial Of Service...
Vesta Control Panel 0.9.8 - OS Command Injection
Vesta Control Panel 0.9.8 - OS Command Injection Advisory ID: HTB23261 Product: Vesta Control Panel Vendor: http://vestacp.com Vulnerable Versions: 0.9.8 and probably prior Tested Version: 0.9.8 Advisory Publication: May 20, 2015 without technical details Vendor Notification: May 20, 2015 Vendor...
Vesta Control Panel 0.9.8 OS Command Injection
Advisory ID: HTB23261 Product: Vesta Control Panel Vendor: http://vestacp.com Vulnerable Versions: 0.9.8 and probably prior Tested Version: 0.9.8 Advisory Publication: May 20, 2015 without technical details Vendor Notification: May 20, 2015 Vendor Patch: June 3, 2015 Public Disclosure: June 17,...
CVE-2013-3737
The CVE-2013-3737 issue affects the MobileUI (RT-Extension-MobileUI) for Request Tracker (RT) installations. It concerns MobileUI >=?
BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit
No description provided by source. !/usr/bin/python ----------------------------------------------------------------------------- Exploit Title: BulletProof FTP Client 2010 - Buffer Overflow SEH Exploit Date: Sep 05 2014 Vulnerability Discovery: Gabor Seljan Exploit Author: Robert Kugler Software...
[SuperPutty Password Decryptor] SuperPutty Session Login Password Recovery Software
SuperPutty Password Decryptor is the Free desktop tool to instantly recover all the login passswords from SuperPutty session history. SuperPutty is a Windows GUI Application that allows PuTTY SSH Client to be opened in Tabs. It also stores the session details allowing users to automatically login...
session file spoofing vulnerability(marginalia non-cross-directory ideas)-vulnerability warning-the black bar safety net
Herein, the theoretical significance may be greater than the practical significance, only there is no way the time to provide ideas. 0x00 session description 0x01 Use Conditions 0x02 use ideas 0x03 vulnerability proof 0x04 prevention methods 0x00 session description Generally the web authenticati...
DEBIAN-CVE-2013-3374
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
CVE-2013-3374
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
CVE-2013-3374
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
Design/Logic Flaw
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
UBUNTU-CVE-2013-3374
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
CVE-2013-3374
Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...
CVE-2013-3374
RT (Request Tracker) is affected by an unspecified vulnerability in the Apache::Session::File session store, impacting RT 3.8.x before 3.8.17 and RT 4.0.x before 4.0.13. The issue enables remote attackers to obtain sensitive information (user preferences and caches) via unknown vectors related to...