Apple iMessage Zero-Click Key Theft / Remote Code Execution

This is a strategic public disclosure of a zero-click iMessage exploit chain that was discovered live on iOS 18.2 and remained unpatched through iOS 18.4. It enabled Secure Enclave key theft, wormable remote code execution, and undetectable crypto wallet exfiltration. Despite responsible...

rsync <= 2.5.1 - Remote Exploit

No description provided by source. / 7350fuqnut - rsync = 2.5.1 remote exploit -- linux/x86 ver. current version 2.5.5 but bug was silently fixed it appears so vuln versions still ship, maybe security implemecations were not recognized. we can write NULL bites below &line0 by supplying negative...

WordPress Count per Day plugin <= 2.17 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Count per Day plugin getresults'SELECT FROM '.$tableprefix.'cpdnotes WHERE 1 '.$where.' ORDER BY date DESC', ARRAYA; 0day.today 2018-02-16...

fujitsu-serverview-exec.txt

Advisory: Fujitsu-Siemens ServerView Remote Command Execution RedTeam Pentesting discovered a remote command execution in the Fujitsu- Siemens ServerView during a penetration test. The DBAsciiAccess CGI script is vulnerable to a remote command execution because of a parameter which is not properl...

[Full-disclosure] Fujitsu-Siemens ServerView Remote Command Execution

Advisory: Fujitsu-Siemens ServerView Remote Command Execution RedTeam Pentesting discovered a remote command execution in the Fujitsu- Siemens ServerView during a penetration test. The DBAsciiAccess CGI script is vulnerable to a remote command execution because of a parameter which is not properl...