7874 matches found
Design/Logic Flaw
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp password parameter...
CVE-2019-20526
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp password parameter...
CVE-2019-20525
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp driver parameter...
Design/Logic Flaw
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp serverURL parameter...
Easy File Sharing Web Server 7.2 Local Buffer Overflow Exploit
Exploit Title: Easy File Sharing Web Server 7.2 - SMTP 'Password' Local Buffer Overflow SEH Author: Felipe Winsnes Vendor Homepage: http://www.sharing-file.com/ Software Link: http://www.sharing-file.com/download.php Version: 7.2 Tested on: Windows 7 Proof of Concept: 1.- Run the python script...
Easy File Sharing Web Server 7.2 Local Buffer Overflow
Exploit Title: Easy File Sharing Web Server 7.2 - SMTP 'Password' Local Buffer Overflow SEH Date: 03/16/2020 Author: Felipe Winsnes Vendor Homepage: http://www.sharing-file.com/ Software Link: http://www.sharing-file.com/download.php Version: 7.2 Tested on: Windows 7 Proof of Concept: 1.- Run the...
CVE-2019-20528
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp username parameter...
CVE-2019-20528
Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp username parameter...
Betwixt - Web Debugging Proxy Based On Chrome DevTools Network Panel
Betwixt will help you analyze web traffic outside the browser using familiar Chrome DevTools interface. Installing Download the latest release for your operating system, build your own bundle or run Betwixt from the source code. Setting up In order to capture traffic, you'll have to direct it to...
CVE-2020-0819
An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations, aka 'Windows Device Setup Manager Elevation of Privilege Vulnerability'...
CVE-2020-0819
An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations, aka 'Windows Device Setup Manager Elevation of Privilege Vulnerability'...
Privilege escalation
An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations, aka 'Windows Device Setup Manager Elevation of Privilege Vulnerability'...
CVE-2020-0819
CVE-2020-0819 describes an elevation of privilege vulnerability in Windows Device Setup Manager caused by improper handling of file operations. The CVE is documented across multiple sources (NVD/NVD entry) with a base CVSS v3.1 score of 7.8 (HIGH) and CVSS v2 score of 7.2 (HIGH), indicating local...
CVE-2020-0819
An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations, aka 'Windows Device Setup Manager Elevation of Privilege Vulnerability'...
Microsoft Windows Device Setup Manager Privilege Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Device Setup Manager is one of the device setup managers, which is mainly used for...
Windows Device Setup Manager Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafte...
NewStart CGSL MAIN 4.05 : php Vulnerability (NS-SA-2020-0018)
The remote NewStart CGSL host, running version MAIN 4.05, has php packages installed that are affected by a vulnerability: - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past...
Nextcloud: xss on setup config page
Nextcloud version: 18.0.1 In setup config page,setting mysql Username with payloadalert1, and set others. F739076 then submit . F739077 this gif will show poc: F739069 Impact This is because the code does not filter dangerous characters. so dangerous characters need to be escaped...
Debian DLA-2114-1 : linux-4.9 security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2018-13093, CVE-2018-13094 Wen Xu from SSLab at Gatech reported several NULL pointer dereference flaws that may be triggered when mounting and...
Exploit for Classic Buffer Overflow in Exim
Exim RCE CVE-2018-6789 Learning Environment Description...