7925 matches found
Prithvi - A Report Generation Tool For Security Assessment
A Report Generation Tool for Security Assessment Usage This project of ours could be used for report generation and its very easy to use. It includes following features 1. We can add Owasp Types and recommendation with details. 2. We can add Multiple Projects and work on it separately. 3. We can...
CVE-2018-7271
An issue was discovered in MetInfo 6.0.0. In install/install.php in the installation process, the config/configdb.php configuration file filtering is not rigorous: one can insert malicious code in the installation process to execute arbitrary commands or obtain a web shell...
vBulletin Security Forum Setup - Hardening & Configuration
Document Title: =============== vBulletin Security Forum Setup - Hardening & Configuration References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2119 Download: https://www.vulnerability-lab.com/resources/documents/2119.txt Release Date: ============= 2018-02-20 Vulnerability...
Parat - Python Based Remote Administration Tool (RAT)
Parat is a simple remote administration tool RAT written in python. Also you can read wiki! Change log: Compatible with both python 2 and 3 versionsdont forget that may causes some error.so please share us any errors Do you want to try? Copy and paste on your terminal: git clone...
Ring video doorbells information leakage vulnerability
Ring formerly known as DoorBot video doorbells is a video-enabled smart doorbell from Ring, USA. A security vulnerability exists in Ring video doorbells. The vulnerability can be exploited by a remote attacker to obtain wireless network configuration information by pressing and holding the Setup...
Build Your Own IPsec VPN Server: Auto Setup Scripts
Set up your own IPsec VPN server in just a few minutes, with both IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS. All you need to do is provide your own VPN credentials, and let the scripts handle the rest. An IPsec VPN encrypts your network traffic, so that nobody between you and the VP...
DVWA - Damn Vulnerable Web Application
Damn Vulnerable Web Application DVWA is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid...
Software Defined Radio Attack Tool: RFCrack
RFCrack is my personal RF test bench, it was developed for testing RF communications between any physical device that communicates over sub Ghz frequencies. IoT devices, Cars, Alarm Systems etc… Testing was done with the Yardstick One on OSX, but RFCrack should work fine in linux. Current support...
CVE-2014-1631
Eventum before 2.3.5 allows remote attackers to reinstall the application via direct request to /setup/index.php...
Code injection
htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter...
lanGhost - A LAN dropbox chatbot controllable via Telegram
A LAN dropbox chatbot controllable via Telegram Installation: You will need a Raspberry Pi with fresh Raspbian/Kali on the SD card, because you don't want anything else running in the background. Boot up the Pi, get an SSH sell or connect a monitor and a keyboard and enter these commands: $ sudo...
CVE-2017-1000503
A race condition during Jenkins 2.81 through 2.94 inclusive; 2.89.1 startup could result in the wrong order of execution of commands during initialization. This could in rare cases result in failure to initialize the setup wizard on the first startup. This resulted in multiple security-related...
CVE-2018-0507
Untrusted search path vulnerability in FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.11 and earlier versions, FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.11 and earlier versions allow an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2018-0507
The CVE-2018-0507 entry maps to an untrusted search path vulnerability in the installer components of FLET'S VIRUS CLEAR Easy Setup & Application Tool (ver.11 and earlier) and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool (ver.11 and earlier). The root cause is insecure loading of Dynamic L...
Guide to create XML profiles to Zebra devices
Guide to create XML profiles to Zebra devices...
ovirt-hosted-engine-setup information disclosure vulnerability
ovirt-hosted-engine-setup is a web hosting engine installation tool. An information disclosure vulnerability exists in versions of ovirt-hosted-engine-setup prior to 2.2.7. An attacker can exploit this vulnerability to obtain the root user password in a log file...
CVE-2017-1000503
A race condition during Jenkins 2.81 through 2.94 inclusive; 2.89.1 startup could result in the wrong order of execution of commands during initialization. This could in rare cases result in failure to initialize the setup wizard on the first startup. This resulted in multiple security-related...
CVE-2017-1000503
A race condition during Jenkins 2.81 through 2.94 inclusive; 2.89.1 startup could result in the wrong order of execution of commands during initialization. This could in rare cases result in failure to initialize the setup wizard on the first startup. This resulted in multiple security-related...
Information disclosure
An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's password in the log file...
CVE-2018-1000018
An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's password in the log file...