Stored Cross-Site Scripting in simplehttpserver

Simplehttpserver prior to version 0.1.0 are vulnerable to stored cross-site scripting XSS. To be exploited an attacker needs to control the filename of a file that is used in the directory listing output. This version is patched in 0.1.0...

Microsoft Enterprise Mode Site List Manager - XML External Entity Injection Vulnerability

Exploit for windows platform in category local exploits + Credits: John Page aka hyp3rlinx Vendor ============= www.microsoft Product =========== Enterprise Mode Site List Manager versions1/2 You can use IE11 and the Enterprise Mode Site List Manager to add individual website domains and domain...

Simplehttpserver Cross-Site Scripting Vulnerability

simplehttpserver is an HTTP file server. A cross-site scripting vulnerability exists in simplehttpserver, which stems from the program's lack of filename checksums. An attacker can exploit this vulnerability to inject arbitrary web script or HTML...

Cross site scripting

simplehttpserver node module suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names...

Node.js third-party modules: [simplehttpserver] List any file in the folder by using path traversal.

I would like to report Path Traversal in simplehttpserver. It allows to list any file in another folder of web root. Module module name: simplehttpserver version: 0.1.1 npm page: https://www.npmjs.com/package/simplehttpserver Module Description 'simpehttpserver' is an simple imitation of python's...

ModbusPal 1.6b XML External Entity Injection

Exploit Title: ModbusPal XXE Injection + Date: 05-08-2018 + Exploit Author: Trent Gordon + Vendor Homepage: http://modbuspal.sourceforge.net/ + Software Link: https://sourceforge.net/projects/modbuspal/files/latest/download?source=files + Version: 1.6b + Tested on: Ubuntu 16.04 with Java 1.8.0151...

ModbusPal 1.6b - XML External Entity Injection

ModbusPal 1.6b - XML External Entity Injection + Exploit Title: ModbusPal XXE Injection + Date: 05-08-2018 + Exploit Author: Trent Gordon + Vendor Homepage: http://modbuspal.sourceforge.net/ + Software Link: https://sourceforge.net/projects/modbuspal/files/latest/download?source=files + Version:...

ModbusPal 1.6b - XML External Entity Injection Vulnerability

Exploit for java platform in category web applications + Exploit Title: ModbusPal XXE Injection + Exploit Author: Trent Gordon + Vendor Homepage: http://modbuspal.sourceforge.net/ + Software Link: https://sourceforge.net/projects/modbuspal/files/latest/download?source=files + Version: 1.6b + Test...

Stored Cross-Site Scripting

Overview All versions of simplehttpserver are vulnerable to stored cross-site scripting XSS. To be exploited an attacker needs to control the filename of a file that is used in the directory listing output. Recommendation No fix is currently available for this vulnerability. It is our...

Cross-site Scripting (XSS)

simplehttpserver is vulnerable to cross-site scripting XSS attacks. The vulnerability exists due to the lack of sanitization of file names when displaying the affected file names...

sshLooter - Script To Steal Passwords From SSH

Script to steal passwords from SSH. Install git clone https://github.com/mthbernardes/sshLooter.git cd sshLooter Configuration Edit the script on install.sh, and add your telegram bot api, and your userid. Call the @botfather on telegram to create a bot and call the @userinfobot to get your user...

Tenda AC15 Router - Remote Code Execution

!/usr/bin/env python EDB Note Source: https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/ import urllib2 import struct import time import socket from optparse import import SimpleHTTPServer import SocketServer import threading import sys import os import subprocess ARMREVSHELL =...

Node.js third-party modules: [simplehttpserver] Stored XSS in file names leads to malicious JavaScript code execution when directory listing is output in HTML

Hi Guys, simplehttpserver allows to embed HTML in file names, which in certain conditions might lead to execute malicious JavaScript. Module: 'simpehttpserver' is simple imitiation of python's SimpleHTTPServer and intended for testing, development and debugging purposes...

Cimetrics BACnet Explorer 4.0 XXE Vulnerability

Summary The BACnet Explorer is a BACnet client application that helps auto discover BACnet devices. Description BACnetExplorer suffers from an XML External Entity XXE vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected...

Diving Log 6.0 - XML External Entity Injection Vulnerability

Exploit for windows platform in category local exploits + Exploit Title: Diving Log 6.0 XXE Injection + Exploit Author: Trent Gordon + Vendor Homepage: http://www.divinglog.de + Software Link: http://www.divinglog.de/english/download/ + Disclosed at: https://thenopsled.com/divinglog.txt + Version...

Diving Log 6.0 - XML External Entity Injection

Diving Log 6.0 - XML External Entity Injection + Exploit Title: Diving Log 6.0 XXE Injection + Date: 27-11-2017 + Exploit Author: Trent Gordon + Vendor Homepage: http://www.divinglog.de + Software Link: http://www.divinglog.de/english/download/ + Disclosed at: https://thenopsled.com/divinglog.txt...

Microsoft Game Definition File Editor 6.3.9600 - XML External Entity Injection

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MS-WINDOWS-GAME-DEFINITION-FILE-MAKER-v6.3.9600-XML-EXTERNAL-ENTITY.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: =========== GDFMaker...

Microsoft Windows .NET Framework - Remote Code Execution 0day Exploit

Exploit for windows platform in category remote exploits Source: https://github.com/Voulnet/CVE-2017-8759-Exploit-sample Running CVE-2017-8759 exploit sample. Flow of the exploit: Word macro runs in the Doc1.doc file. The macro downloads a badly formatted txt file over wsdl, which triggers the WS...

Winpayloads - Undetectable Windows Payload Generation

Winpaylods is a payload generator tool that uses metasploits meterpreter shellcode, injects the users ip and port into the shellcode and writes a python file that executes the shellcode using ctypes. This is then aes encrypted and compiled to a Windows Executable using pyinstaller. Main features:...

Logpoint < 5.6.4 - Unauthenticated Root Remote Code Execution Exploit

Exploit for linux platform in category remote exploits Exploit Title: Unauthenticated remote root code execution on logpoint 5.6.4 Date: 11/06/17 Exploit Author: agix Vendor Homepage: https://www.logpoint.com Version: logpoint 5.6.4 Tested on: 5.6.2 Vendor contact 19/04 Exploit details sent to th...