Web-Hacking-Playground - Web Application With Vulnerabilities Found In Real Cases, Both In Pentests And In Bug Bounty Programs

Web Hacking Playground is a controlled web hacking environment. It consists of vulnerabilities found in real cases, both in pentests and in Bug Bounty programs. The objective is that users can practice with them, and learn to detect and exploit them. Other topics of interest will also be addresse...

SUSE CVE-2004-1311

Integer overflow in the realsetupandgetheader function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based...

SUSE CVE-2005-4772

liby2util in Yet another Setup Tool YaST in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013...

SUSE CVE-2007-1006

Multiple format string vulnerabilities in the gmmainwindowflashmessage function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet...

SUSE CVE-2008-3457

Cross-site scripting XSS vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify...

SUSE CVE-2008-5188

The 1 ecryptfs-setup-private, 2 ecryptfs-setup-confidential, and 3 ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process...

SUSE CVE-2009-1151

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action...

SUSE CVE-2009-4004

Buffer overflow in the kvmvcpuioctlx86setupmce function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.32-rc7 allows local users to cause a denial of service memory corruption or possibly gain privileges via a KVMX86SETUPMCE IOCTL request that specifies a large number o...

SUSE CVE-2009-4605

scripts/setup.php aka the setup script in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the 1 configuration and 2 v0 parameters, which might allow remote attackers to conduct cross-site request forgery CSRF attacks via unspecified vectors...

SUSE CVE-2010-1635

The chainreply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service NULL pointer dereference and process crash via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request wit...

SUSE CVE-2010-1642

The replysesssetupandXspnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service process crash, via a \xff\xff security blob length in a Session Setup AndX request...

SUSE CVE-2010-3858

The setupargpages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIGSTACKGROWSDOWN is used, does not properly restrict the stack memory consumption of the 1 arguments and 2 environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of...

SUSE CVE-2011-4782

Cross-site scripting XSS vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter...

SUSE CVE-2011-5053

The Wi-Fi Protected Setup WPS protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remote attackers to discover the PIN value, and consequently discover the Wi-Fi network password or...

SUSE CVE-2012-1190

Cross-site scripting XSS vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name...

SUSE CVE-2012-2137

Buffer overflow in virt/kvm/irqcomm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service crash and possibly execute arbitrary code via vectors related to Message Signaled Interrupts MSI, irq routing entries, and an incorrect check by the...

SUSE CVE-2012-5638

The setuplogging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations...

SUSE CVE-2013-0349

The hidpsetuphid function in net/bluetooth/hidp/core.c in the Linux kernel before 3.7.6 does not properly copy a certain name field, which allows local users to obtain sensitive information from kernel memory by setting a long name and making an HIDPCONNADD ioctl call...

SUSE CVE-2013-1418

The setupserverrealm function in main.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted request...

SUSE CVE-2013-4541

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...