5315 matches found
Adobe Gets Hacked; Hackers Steal 2.9 million Adobe Customers accounts
Hackers broke into Adobe Systems' internal network on Thursday, stealing personal information on 2.9 million customers and the source code for several of Adobe's most popular products. This an absolutely massive blow to Adobe, especially their reputation. Adobe, which makes Photoshop and other...
GLPI 0.84.1 RCE
Remote command execution vulnerability in GLPI install/install.php Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...
Bitcoin Talk forum hacked; Database for Sale by Hacker; Website currently down
Bitcoin Talk, the popular Bitcoin discussion forum, has been hacked and as it stands the site is currently unreachable. Bitcointalk has been down for nearly 6 hours. The forums have been allegedly hacked and Defaced by “The Hole Seekers” and selling 150,000 emails and hashed passwords stolen from...
Adobe Gets Hacked; Hackers Steal 2.9 million Adobe Customers accounts
Hackers broke into Adobe Systems’ internal network on Thursday, stealing personal information on 2.9 million customers and the source code for several of Adobe’s most popular products. This an absolutely massive blow to Adobe, especially their reputation. Adobe, which makes Photoshop and other...
Adobe Acrobat, ColdFusion Source Code, Customer Data Stolen
Attackers accessed customer IDs, encrypted passwords as well as source code for a number of Adobe products, Adobe chief security officer Brad Arkin announced. Arkin said Adobe is working with law enforcement on the breach in which attackers accessed source code for Adobe Acrobat, ColdFusion,...
Zenphoto 1.4.5.2 Cross Site Scripting / SQL Injection
SOJOBO-ADV-13-01 - Zenphoto 1.4.5.2 multiple vulnerabilities I. Information ================== Name : Zenphoto 1.4.5.2 multiple vulnerabilities Software : Zenphoto 1.4.5.2 and possibly below. Vendor Homepage : http://www.zenphoto.org/ Vulnerability Type : SQL Injection, Reflected Cross-Site...
Adobe Customer Information and Source Code Compromises
US-CERT is aware of the public acknowledgement of a compromise of up to 3 million Adobe customers' information, including names and detailed account information. The source code for multiple Adobe products may also have been compromised. US-CERT advises that Adobe customers be aware of possible...
CVE-2013-5572
Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldapbindpassword value in the HTML source code...
CVE-2013-5572
Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldapbindpassword value in the HTML source code...
XYCMS装修设计公司源码系统1.5多处注入漏洞
简要描述: XYCMS装修设计公司源码系统1.5 多处注入漏洞及反射型xss 详细说明: common.asp,fwxmdetail.asp未进行任何过滤就直接带入数据库查询 没有相关信息!" response.End end if % news.asp也是未进行任何过滤就带入数据库查询 漏洞证明: img src="https://images.seebug.org/upload/201309/250204389...
[Binrev] Automate Reversing Windows Binaries for Pentesters
What you can do with this? Static analysis: you can do a basic manual code review for decompiled sources to discover hidden communication channels, search for hard-coded passwords, or SQL injection vulnerabilities. Import decompiled projects to an IDE to reconstruct and modify the original source...
ymlp.com validated-email grabber from online newsletter company
Obtains email addresses from subscribers to mailinglists of clients of ymlp.com. This is 73 lines of proof-of-concept-Java 7 source code 1 file that does 10 http requests to ymlp.com to obtain one email-address. The emailaddress is printed to stdout along with logging information. This is repeate...
Sophos Web Protection Appliance 3.8.1 RCE
Remote root command execution vulnerability in Sophos Web Protection Appliance Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...
[OWASP Broken Web Applications Project VM v1.1] Collection of vulnerable web applications
The Broken Web Applications BWA Project is a collection of vulnerable web applications that is distributed on a Virtual Machine. The Broken Web Applications BWA Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in: Learning about...
Oracle Java lookUpByteBI - Heap Buffer Overflow
Exploit Title: Oracle Java lookupByteBI function heap buffer overflow Google Dork: Date: 2013-09-03 Exploit Author: GuHe Vendor Homepage: http://www.oracle.com/ Software Link: http://www.oracle.com/technetwork/java/javase/downloads/index.html Version: 7u21 and eariler Tested on: Windows 7 CVE :...
CVE-2013-4124 samba nttrans dos private exploit
Hi Forks! It's my samba private exploit and article of it. the security bug occurs while nttrans reply in samba daemon source code tree. the remote dos exploit that i copied from another nttrans exploit in 2003. and can't test it yet, check it out! CVE-2013-4124 samba dos private exploit: -...
[Introspy] Monitor app in your iDevice
The Problem In 2013, assessing the security of iOS applications still involves a lot of manual, time-consuming tasks - especially when performing a black-box assessment. Without access to source code, a comprehensive review of these application currently requires in-depth knowledge of various API...
[Arachni v0.4.4] The Web Application Security Scanner Framework
Arachni is a Free/Open Source project, the code is released under the Apache License Version 2.0 and you are free to use it as you see fit. Initially started as an educational exercise, it has since evolved into a powerful and modular framework allowing for fast, accurate and flexible...
[RIPS] A static source code analyser for vulnerabilities in PHP scripts
RIPS is a tool written in PHP to find vulnerabilities in PHP applications using static code analysis. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks potentially vulnerable functions that can be tainted b...
PineApp Mail-SeCure 3.70 test_li_connection.php RCE
Remote code execution vulnerability in PineAppMail-SeCure testliconnection.php Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...