DEBIAN-CVE-2013-7203

gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup...

Code injection

gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup...

Update Rollup 11 for Azure Site Recovery

Describes the fixes that are included in Update Rollup 11 for Microsoft Azure Site Recovery Provider version 5.1.1500 and for Azure Site Recovery Unified Setup VMware to Azure version 9.0.4083.1.IntroductionThis article describes the fixes that are included in Update Rollup 11 for the...

CVE-2018-17207

An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files installer.php and installer-backup.php, an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution...

Provisioning services--Connection Timeout Expired when adding a new server to an existing farm

The following error can be seen trying to add a PVS server to an exisiting farm. "Connection timeout expired. The timeout period elapsed while attempting to consume the pre-login handshake acknowledgement. The could be because the pre-login handshake failed or the server was unable to respond pac...

CLI for Ephemeral Penetration Testing: hideNsneak

This application assists in managing attack infrastructure for penetration testers by providing an interface to rapidly deploy, manage, and take down various cloud services. These include VMs, domain fronting, Cobalt Strike servers, API gateways, and firewalls. hideNsneak provides a simple...

Duplicator <= 1.2.40 - Unauthenticated Arbitrary Code Execution

If installer files, installer.php and installer-backup.php, are not removed by the administrators, a code injection during the database setup step allows to execute arbitrary code on the server. PoC actionajax=3step=3=nowhere=test=test=test'; fileputcontents"test.php", ' '; /=12345&...

Tenda ADSL Router D152 - Cross-Site Scripting

Tenda ADSL Router D152 - Cross-Site Scripting Exploit Title: Tenda D152 ADSL Router - Cross-Site Scripting Exploit Author: Sandip Dey Date: 2018-07-21 Vendor Homepage: http://www.tendacn.com Hardware Link:...

Tenda ADSL Router D152 Cross Site Scripting

Exploit Title: Tenda D152 ADSL Router - Cross-Site Scripting Exploit Author: Sandip Dey Date: 2018-07-21 Vendor Homepage: http://www.tendacn.com Hardware Link:...

Unspecified Vulnerability in Philips e-Alert

Philips e-Alert is an electronic alert solution for MRI systems from Philips in the Netherlands, which is used to monitor and alert on MRI system performance. A security vulnerability exists in Philips e-Alert R2.1 and prior versions, which stems from the program setting incorrect permissions for...

D-Link DIR-615 - Denial of Service (PoC)

Exploit Title: D-Link DIR-615 - Denial of Service PoC Date: 2018-08-09 Vendor Homepage: http://www.dlink.co.in Hardware Link: https://www.amazon.in/D-Link-DIR-615-Wireless-N300-Router-Black/dp/B0085IATT6 Version: D-Link DIR-615 Category: Hardware Exploit Author: Aniket Dinda Tested on: Linux kali...

D-Link DIR-615 - Denial of Service (PoC)

D-Link DIR-615 - Denial of Service PoC Exploit Title: D-Link DIR-615 - Denial of Service PoC Date: 2018-08-09 Vendor Homepage: http://www.dlink.co.in Hardware Link: https://www.amazon.in/D-Link-DIR-615-Wireless-N300-Router-Black/dp/B0085IATT6 Version: D-Link DIR-615 Category: Hardware Exploit...

D-Link DIR-615 Denial Of Service

Exploit Title: D-Link DIR-615 - Denial of Service PoC Date: 2018-08-09 Vendor Homepage: http://www.dlink.co.in Hardware Link: https://www.amazon.in/D-Link-DIR-615-Wireless-N300-Router-Black/dp/B0085IATT6 Version: D-Link DIR-615 Category: Hardware Exploit Author: Aniket Dinda Tested on: Linux kali...

EPSON WF-2750 HTML Injection Vulnerability

The EPSON WF-2750 is a printer device from the Japanese company Epson EPSON. An HTML injection vulnerability exists in the AirPrint Setup page of the web interface in EPSON WF-2750 printers using firmware version JP02I2, which originates when the printer web server fails to properly check the...

Design/Logic Flaw

On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites...

CVE-2018-14899

On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites...

CVE-2018-14899

On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites...

CVE-2018-14899

On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites...

CVE-2018-14899

CVE-2018-14899 affects the EPSON WF-2750 printer with firmware JP02I2. The Web interface AirPrint Setup page is vulnerable to HTML injection, enabling redirection of users to malicious sites. Multiple connected sources (NVD entry, CNVD, CNVD-style EUVD/NASL references, and Nessus/OT plugin contex...

CVE-2018-10938

A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipsov4optptr function in net/ipv4/cipsoipv4.c leading to a denial-of-service. A certain non-default...