EUVD-2014-5670

Malware in sbrugna...

Ant Smasher, Best Free Game - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Ant Smasher, Best Free Game published at the 'play' market has multiple vulnerabilities...

Zombie Smasher - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Zombie Smasher published at the 'play' market has multiple vulnerabilities...

Cockroach Smasher Top Free App - Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Cockroach Smasher Top Free App published at the 'play' market has multiple vulnerabilities...

CVE-2014-5783

The Bouncy Bill Monster Smasher ed aka mominis.GenericAndroid.BouncyBillMonsterSmasherEdition application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5783

The CVE-2014-5783 entry concerns the Android app “Bouncy Bill Monster Smasher ed” (version 1.0.3). The underlying issue is that the app does not verify X.509 certificates when connecting to SSL servers, enabling MITM attackers to spoof servers and access sensitive information via a crafted certif...

Voila CMS Cross Site Scripting

Exploit Title:Voila Cms Xss Vulnerability. Exploit Author:Darksnipper & Dr.v!ru$ Home:www.cybercoders.org Email:[email protected] Cms Link:http://www.voilasyria.com Tested On : windows 7 & linux. Dork:intext:powerd by voila P.o.c open http://site.com/path/view/search/viewSearch.php put in sear...

youtubeclone-xss.txt

Discovered by Smasher CMS: Youtube Clone Script Site: http://warwolfz.altervista.org WarWolfZ Security Crew. Hello i don't know if this vuln is already out , but i've searched in securityfocus and is not present. Bug found in loadmessage.php at line 4: Ex:...

Youtube Clone Xross Site Scripting (load_message.php)

Discovered by Smasher CMS: Youtube Clone Script Site: http://warwolfz.altervista.org WarWolfZ Security Crew. Hello i don't know if this vuln is already out , but i've searched in securityfocus and is not present. Bug found in loadmessage.php at line 4: ?php echo $lang'pleasewait'; ? Ex:...

Garment Center (index.cgi) Local File Inclusion

Discovered by Smasher + WarWolfz Crew. + http://warwolfz.altervista.org/ Hey wassup....i've found a vulnerability in Garmentcenter in index.cgi... PoC: /index.cgi?page=LFI Ex. http://site1.com/index.cgi?page=../../../../../../../../etc/passwd00 Regards. Smasher...

Multiple bluetooth devices and applications DoS (Sony Ericsson, Nokia, etc)

Multiple vulnerabilities discovered with Bluetooth Stack Smasher utility...

Nokia N70 - L2CAP Packets Remote Denial of Service

source: https://www.securityfocus.com/bid/16666/info Nokia N70 is reportedly prone to a remote denial-of-service vulnerability. A successful attack can allow an attacker to corrupt memory and to trigger a denial-of-service condition. Arbitrary code execution may be possible as well, but this has...

[ Secuobs - Tools release ] BSS (Bluetooth Stack Smasher) fuzzer

Software BSS - Bluetooth Stack Smasher Version 0.6 Location BSS could be downloaded on http://www.secuobs.com/news/05022006-bluetooth10.shtml Credits Pierre Betouin - [email protected] Bug was found on following devices : hcidump, Sony/ericsson K600i/V600i/W800i, Nokia N70 & SAMSUNG E73...