Tina4 Stack 1.0.3 - SQL Injection / Database File Download

Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps Test...

Tina4 Stack 1.0.3 - SQL Injection Database File Download

Tina4 Stack 1.0.3 - SQL Injection Database File Download Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link:...

Tina4 Stack 1.0.3 SQL Injection

Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps Test...

Novahot - A Webshell Framework For Penetration Testers

novahot is a webshell framework for penetration testers. It implements a JSON-based API that can communicate with trojans written in any language. By default, it ships with trojans written in PHP, ruby, and python. Beyond executing system commands, novahot is able to emulate interactive terminals...

SaltOS Erp Crm 3.1 r8126 - Database File Download

SaltOS Erp Crm 3.1 r8126 - Database File Download Exploit Title: SaltOS Erp, Crm 3.1 r8126 - Database File Download Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: http://download.saltos.org/?app=saltos&format=xul&arch=win32 Version:...

SaltOS Erp Crm 3.1 r8126 - Database File Download

Exploit Title: SaltOS Erp, Crm 3.1 r8126 - Database File Download Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: http://download.saltos.org/?app=saltos&format=xul&arch=win32 Version: 3.1 r0 / 3.x Category: Webapps Tested on:...

SaltOS Erp Crm 3.1 r8126 Database Download

Exploit Title: SaltOS Erp, Crm 3.1 r8126 - Database File Download Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: http://download.saltos.org/?app=saltos&format=xul&arch=win32 Version: 3.1 r0 / 3.x Category: Webapps Tested on:...

FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Vulnerability

Exploit for hardware platform in category web applications Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Auhor: Gjoko 'LiquidWorm' Krstic Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected version: Firmware: 1.32.16, 1.17.13 OS...

sqlite3/ossfuzz: Use-of-uninitialized-value in corruptSchema

Detailed report: https://oss-fuzz.com/testcase?key=5153397250981888 Project: sqlite3 Fuzzer: libFuzzersqlite3ossfuzz Fuzz target binary: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: corruptSchema sqlite3InitCallback...

Seagate Personal Cloud SRN21C 4.3.16.0 4.3.18.0 - SQL Injection

Seagate Personal Cloud SRN21C 4.3.16.0 4.3.18.0 - SQL Injection ------------------------------------------------------------------------ Seagate Media Server multiple SQL injection vulnerabilities ------------------------------------------------------------------------ Yorick Koster, September 20...

Seagate Personal Cloud SRN21C 4.3.16.0 / 4.3.18.0 - SQL Injection

------------------------------------------------------------------------ Seagate Media Server multiple SQL injection vulnerabilities ------------------------------------------------------------------------ Yorick Koster, September 2017...

Seagate Personal Cloud SRN21C SQL Injection Vulnerability

Seagate Personal Cloud model SRN21C running firmware versions 4.3.16.0 and 4.3.18.0 suffer from remote SQL injection vulnerabilities in the media server. ------------------------------------------------------------------------ Seagate Media Server multiple SQL injection vulnerabilities...

Seagate Personal Cloud SRN21C SQL Injection

------------------------------------------------------------------------ Seagate Media Server multiple SQL injection vulnerabilities ------------------------------------------------------------------------ Yorick Koster, September 2017...

sqlite (>=0.19.7 <=0.21.1), sqlite3-sys (>=0.6.7 <=0.9.2) +3 more potentially affected by unknown CVE via temporary (=0.5.1)

temporary CARGO version =0.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on temporary and may be impacted: - sqlite =0.19.7, =0.6.7, =0.11.0, =0.2.6, =0.2.7 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2018-0022...

sqlite3/ossfuzz: Use-of-uninitialized-value in sqlite3ExprCollSeq

Detailed report: https://oss-fuzz.com/testcase?key=5684890744913920 Project: sqlite3 Fuzzer: libFuzzersqlite3ossfuzz Fuzz target binary: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: sqlite3ExprCollSeq...

sqlite3/ossfuzz: Index-out-of-bounds in yy_find_shift_action

Detailed report: https://oss-fuzz.com/testcase?key=5747500265766912 Project: sqlite3 Fuzzer: libFuzzersqlite3ossfuzz Fuzz target binary: ossfuzz Job Type: libfuzzerubsansqlite3 Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State: yyfindshiftaction sqlite3Parser...

npm-test-sqlite3-trunk code execution vulnerability

npm-test-sqlite3-trunk is a module for providing asynchronous non-blocking SQLite3 bindings. A security vulnerability exists in npm-test-sqlite3-trunk, which originates when a program downloads a binary file over an unencrypted HTTP connection. A remote attacker can exploit this vulnerability by...

Airba.sh - A POSIX-compliant, Fully Automated WPA PSK Handshake Capture Script Aimed At Penetration Testing

Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing. It is compatible with Bash and Android Shell tested on Kali Linux and Cyanogenmod 10.2 and uses aircrack-ng to scan for clients that are currently connected to access points AP. Those...

sqlite3/ossfuzz: Use-of-uninitialized-value in whereLoopAddAll

Detailed report: https://oss-fuzz.com/testcase?key=6257131337547776 Project: sqlite3 Fuzzer: libFuzzersqlite3ossfuzz Fuzz target binary: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: whereLoopAddAll sqlite3WhereBegin...

10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title : 10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow SEH Exploit Author : Hashim Jawad - ihack4falafel Vendor Homepage : https://www.10-strike.com/ Vulnerable Software:...