Lucene search
K

26 matches found

Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.659 views

Microsoft IIS Shortname Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS shortname vulnerability scanner', 'Description' = %q The vulnerability is caused by a tilde character "" in a GET or OPTIONS reques...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.200 views

MS14-052 Microsoft Internet Explorer XMLDOM Filename Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MS14-052 Microsoft Internet Explorer XMLDOM Filename Disclosure", 'Description' = %q This module will use the Microsoft XMLDOM object to enumerat...

6.5CVSS7AI score0.58023EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.243 views

MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass', 'Description' = %q This module bypasses basic authentication for Internet Informatio...

6.8CVSS7AI score0.31118EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2023/07/14 7:48 p.m.61 views

Metasploit Weekly Wrap-Up

Authentication bypass in Wordpress Plugin WooCommerce Payments This week's Metasploit release includes a module for CVE-2023-28121 by h00die. This module can be used against any wordpress instance that uses WooCommerce payments 5.6.1. This module exploits an auth by-pass vulnerability in the...

10CVSS8.2AI score0.90655EPSS
Exploits20
WPVulnDB
WPVulnDB
added 2019/09/05 12:0 a.m.54 views

WordPress <= 5.2.2 - Cross-Site Scripting (XSS) in URL Sanitisation

Description According to the WordPress release notes: "Props to Soroush Dalili @irsdl from NCC Group for disclosing an issue with URL sanitization that can lead to cross-site scripting XSS attacks." PoC Thanks to @irsdl's Hacker1 disclosure: JS - Numerical Entities JS - Hex Entities...

6.1CVSS6AI score0.02198EPSS
Exploits2References3
Metasploit
Metasploit
added 2018/08/30 8:46 a.m.64 views

Microsoft IIS shortname vulnerability scanner

The vulnerability is caused by a tilde character "" in a GET or OPTIONS request, which could allow remote attackers to disclose 8.3 filenames short names. In 2010, Soroush Dalili and Ali Abbasnejad discovered the original bug GET request. This was publicly disclosed in 2012. In 2014, Soroush...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Adobe Reader/Acrobat 10.0.1 DoS Exploit

No description provided by source. Title: Adobe Reader/Acrobat Memory Corruption Denial of Service Report to Vendor: 24 Feb 2011 Application Name: Adobe Reader/Acrobat Version: 10.0.1, other versions can be vulnerable before applying the 14 June 2011 Patch References: -...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

gleamtech filevista/fileultimate 4.6 - Directory Traversal

No description provided by source. Hello I have recently released this vulnerability in a talk: http://soroush.secproject.com/blog/2012/11/file-in-the-hole/ - Title: GleamtechFileVista/FileUltimate 4.6 Directory Traversal can lead to file upload attack - Credit goes to: Soroush Dalili -...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/05/07 12:0 a.m.25 views

Microsoft Internet Explorer 'MSXML'错误文件枚举漏洞

BUGTRAQ ID: 59657 Microsoft Internet Explorer是微软公司推出的一款网页浏览器。 Internet Explorer 10.0.9200.16540(Windows 7 Professional)内的XMLDOM存在文件枚举漏洞和拒绝服务漏洞,XMLDOM会根据文件或目录的存在情况,在错误信息里泄露客户端驱动/网络的信息,攻击者可利用此漏洞获取有用信息,例如系统root目录的文件存在情况等。 0 Microsoft Internet Explorer 10.x 厂商补丁: Microsoft ---------...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2012/11/12 12:0 a.m.59 views

CKFinder 2.3 / FCKEditor 2.6.8 SWF Cross Site Scripting

Hello The latest versions of CKFinder 2.3 and FCKEditor2.6.8 are accepting SWF as a valid extension. As a result, it is possible to make a website vulnerable to an XSS attack by uploading a malicious SWF file. Source: http://soroush.secproject.com/blog/2012/11/xss-by-uploadingincluding-a-swf-file...

0.3AI score
Exploits0
Mozilla
Mozilla
added 2012/10/09 12:0 a.m.51 views

DOS and crash with full screen and history navigation — Mozilla

Security researcher Soroush Dalili reported that a combination of invoking full screen mode and navigating backwards in history could, in some circumstances, cause a hang or crash due to a timing dependent use-after-free pointer reference. This crash may be potentially exploitable...

9.3CVSS8.9AI score0.05201EPSS
Exploits0References2Affected Software5
securityvulns
securityvulns
added 2012/07/09 12:0 a.m.51 views

.Net Framework Tilde Character DoS - Sorry, exploit-db link corrected

Link: http://soroush.secproject.com/downloadable/iistildedos.txt Exploit-db link: www.exploit-db.com/exploits/19575 ---------------------------- Security Research - .Net Framework Tilde Character DoS Website : http://soroush.secproject.com/blog/ I. BACKGROUND --------------------- "The .NET...

0.1AI score
Exploits0
Metasploit
Metasploit
added 2012/06/25 8:48 p.m.79 views

MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass

This module bypasses basic authentication for Internet Information Services IIS. By appending the NTFS stream name to the directory name in a request, it is possible to bypass authentication. This module requires Metasploit: https://metasploit.com/download Current source:...

6.8CVSS7.2AI score0.31118EPSS
Exploits3
Mozilla
Mozilla
added 2012/03/13 12:0 a.m.52 views

XSS with Drag and Drop and Javascript: URL — Mozilla

Firefox prevents the dropping of javascript: links onto a frame to prevent malicious sites from tricking users into performing a cross-site scripting XSS attacks on themselves. Security researcher Soroush Dalili reported a way to bypass this protection...

4.3CVSS1.7AI score0.01778EPSS
Exploits0References2Affected Software5
OpenVAS
OpenVAS
added 2011/05/05 12:0 a.m.25 views

Mandriva Update for mozilla-thunderbird MDVSA-2011:080 (mozilla-thunderbird)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

10CVSS8.6AI score0.06858EPSS
Exploits2References3
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.127 views

Mozilla Foundation Security Advisory 2011-16

Mozilla Foundation Security Advisory 2011-16 Title: Directory traversal in resource: protocol Impact: Moderate Announced: April 28, 2011 Reporter: Soroush Dalili Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.17 Firefox 3.5.19 Thunderbird 3.1.10 SeaMonkey 2.0.14 Description...

5CVSS0.7AI score0.02795EPSS
Exploits1
securityvulns
securityvulns
added 2010/07/24 12:0 a.m.85 views

Mozilla Foundation Security Advisory 2010-47

Mozilla Foundation Security Advisory 2010-47 Title: Cross-origin data leakage from script filename in error messages Impact: Moderate Announced: July 20, 2010 Reporter: Soroush Dalili Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.7 Firefox 3.5.11 Thunderbird 3.1.1 Thunderbird...

5CVSS0.01069EPSS
Exploits1
Mozilla
Mozilla
added 2010/07/20 12:0 a.m.39 views

Cross-origin data leakage from script filename in error messages — Mozilla

Security researcher Soroush Dalili reported that potentially sensitive URL parameters could be leaked across domains upon script errors when the script filename and line number is included in the error message...

5CVSS1.4AI score0.01069EPSS
Exploits1References2Affected Software3
seebug.org
seebug.org
added 2010/05/31 12:0 a.m.25 views

Mozilla Firefox出错处理信息泄露漏洞

BUGTRAQ ID: 40401 Firefox是非常流行的开源WEB浏览器。 Firefox的window.onerror处理器允许读取重新定向的目标URL。如果通过HTML script标签引用了重新定向站点的话,就可以读取目标URL中所包含的会话特定查询参数。 Mozilla Firefox 3.6.3 Mozilla Firefox 3.5.9 厂商补丁: Mozilla ------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.mozilla.org/ XSUH Cross Site URL...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2009/12/29 12:0 a.m.43 views

Microsoft IIS Semi-Colon Execution

Microsoft IIS 0Day Vulnerability in Parsing Files semi-colon bug Application: Microsoft Internet Information Services - IIS All versions Impact: Highly Critical for Web Applications Finding Date: April 2007 Report Date: Dec. 2009 Found by: Soroush Dalili Irsdl 4t yahoo d0t com Website:...

7.4AI score
Exploits0
Rows per page
Query Builder