360 matches found
CVE-2022-29439
Cross-Site Request Forgery CSRF vulnerability in Image Slider by NextCode plugin = 1.1.2 at WordPress allows deleting slides...
CVE-2022-27346
Ecommece-Website v1.1.0 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?slides. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
E-Commerce Website 1.1.0 Shell Upload Exploit
Full-Ecommece-Website-Slides-Unrestricted-File-Upload-RCE-POC Author: D4rkP0w4r Description = Upload web shell at Slides in admin panel Step to Reproduct Login to admin - Slides - upload web shell - Submit Exploit Upload web shell at Slides When upload success access...
IDA2Obj - Static Binary Instrumentation
IDA2Obj is a tool to implement SBI StaticBinary Instrumentation. The working flow is simple: Dump object files COFF directly from one executable binary. Link the object files into a new binary, almost the same as the old one. During the dumping process, you can insert any data/code at any locatio...
in marcoax/magutticms
Description RCE via 'upload file image or document' on maguttiCms 8.62 allows remote authenticated administrators to execute arbitrary PHP code Proof of Concept // PoC.req POST /admin/api/uploadifiveSingle HTTP/1.1 Host: 127.0.0.1:8000 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.15;...
FalconEye - Real-time detection software for Windows process injections
FalconEye is a windows endpoint detection software for real-time process injections. It is a kernel-mode driver that aims to catch process injections as they are happening real-time. Since FalconEye runs in kernel mode, it provides a stronger and reliable defense against process injection...
U.S. Dept Of Defense: SSN leak due to editable slides
Summary: A presentation slide contains a screenshot of a records brief which contains an SSN Description: The slides try to redact the PII of the records with a blue block but we can remove it by editing the slides to remove the offending blue block Impact Critical Step-by-step Reproduction...
BlueHat v18 Content Now Available
Last month we wrapped up another great BlueHat event. As an organizer, it is great to hear that the content is so strong that we have participants have to make hard choices on what to attend. BlueHat is about the community we build and the experiences we share. To further support that we are maki...
RecuperaBit - A Tool For Forensic File System Reconstruction
A software which attempts to reconstruct file system structures and recover files. Currently it supports only NTFS. RecuperaBit attempts reconstruction of the directory structure regardless of: missing partition table unknown partition boundaries partially-overwritten metadata quick format You ca...
Google Slides - BSD license, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application Google Slides published at the 'play' market has multiple vulnerabilities...
MS15-061 Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
No description provided by source. include include / Exploiting MS15-061 with reverse engineering Win32k.sys by steps : 1: hook PEB callback Function 2: trigger vulnerability make proper Window to lead vulnerable function 3: replace fake object with NtUserDefSetText in Desktop heap inside PEB...
NSA can eavesdrop traffic in Real Time, more PRISM slides leaked
The NSA surveillance program PRISM story was started with four leaked slides from the Washington Post weeks before and today they has revealed four more annotated slides about the NSA operation, along with detailing the various levels of scrutiny from the FBI and NSA that happen before, during an...
NSA can eavesdrop traffic in Real Time, more PRISM slides leaked
The NSA surveillance program PRISM story was started with four leaked slides from the Washington Post weeks before and today they has revealed four more annotated slides about the NSA operation, along with detailing the various levels of scrutiny from the FBI and NSA that happen before, during an...
Android Security - Boot Camp Workshop & Presentation #2
Document Title: =============== Android Security - Boot Camp Workshop & Presentation 2 References: =========== Mirror: http://www.vulnerability-lab.com/resources/documents/471.rar Release Date: ============= 2012-03-07 Vulnerability Laboratory ID VL-ID: ==================================== 471...
Android Security - Boot Camp Workshop & Presentation #1
Document Title: =============== Android Security - Boot Camp Workshop & Presentation 1 References: =========== http://www.vulnerability-lab.com/resources/documents/454.rar Release Date: ============= 2012-02-26 Vulnerability Laboratory ID VL-ID: ==================================== 454 Discovery...
FlipDot HackerSpace Kassel - 2011 StartUP Slides
Document Title: =============== FlipDot HackerSpace Kassel - 2011 StartUP Slides References: =========== Download: http://www.vulnerability-lab.com/resources/videos/374.flv View: http://www.youtube.com/watch?v=yOBjGFLArdU Release Date: ============= 2012-01-06 Vulnerability Laboratory ID VL-ID:...
FlipDot HackerSpace Kassel - 2011 StartUP Slides
Document Title: =============== FlipDot HackerSpace Kassel - 2011 StartUP Slides References: =========== Download: http://www.vulnerability-lab.com/resources/videos/374.flv View: http://www.youtube.com/watch?v=yOBjGFLArdU Release Date: ============= 2012-01-06 Vulnerability Laboratory ID VL-ID:...
[ppt] Zeronights. Пачка презентаций с конференции.
Целая пачка презентаций: http://www.slideshare.net/DefconRuss...eronights-2011 Особо советую: Don’t touch it, unless it falls in pieces business applications hack in extreme conditions Root via XSS How to hack a telecom and stay alive Splitting, smuggling and cache poisoning come back Ну и видео ...
BruCON Agnitio workshop Slides and Video Demonstration - Download
BruCON Agnitio workshop Slides and Video Demonstration - Download Workshop by David Rook Security Ninja at BruCON 2011 in Belgium. You can Download Slide from here. Required for the Agnitio hands on demos: A 32bit Windows Operating System XP or 7 preferably – VM will be fine .NET framework 3.5...
SCADA Trojans: Attacking the Grid + Advantech vulnerabilities
Hi! You can download the slides of the research I was presenting at RootedCon'11 in Madrid "SCADA Trojans: Attacking the grid". A journey into attacking the power grid. I presented: - 0days in Advantech/BroadWin WebAccess SCADA product - Weak Design/Vulnerabilities in CSE-Semaphore TBOX RTUs -...