98 matches found
GLSA-201803-09 : KDE Plasma Workspaces: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201803-09 KDE Plasma Workspaces: Multiple vulnerabilities Multiple vulnerabilities have been discovered in KDE Plasma Workspaces. Please review the referenced CVE identifiers for details. Impact : An attacker could execute arbitra...
WordPress: Arbitrary file deletion in wp-core - guides towards RCE and information disclosure
Vulnerable place 1: wp-admin/post.php $newmeta'thumb' is placed into DB not sanitized directly from user input. case 'editattachment': checkadminreferer'update-post' . $postid; // Don't let these be changed unset$POST'guid'; $POST'posttype' = 'attachment'; // Update the thumbnail filename $newmet...
Fedora 23 : webkitgtk4 (2016-c1f4334ded)
This update addresses the following vulnerabilities : - CVE-2016-1857, CVE-2016-1856 Additional fixes : - Improved the detection of supported MIME types supported by the media player. - Fix web process crash when playing adaptive streaming media. - Change the volume while thumb slider is dragged,...
Linux ARM Big Endian Command Shell, Bind TCP Inline
Listen for a connection and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 118 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def...
Android libstagefright - Integer Overflow Remote Code Execution
Exploit for Android platform in category remote exploits !/usr/bin/python2 import cherrypy import os import pwnlib.asm as asm import pwnlib.elf as elf import sys import struct with open'shellcode.bin', 'rb' as tmp: shellcode = tmp.read while lenshellcode % 4 != 0: shellcode += '\x00' heap groomin...
Google Android - libstagefright Integer Overflow Remote Code Execution
Google Android - libstagefright Integer Overflow Remote Code Execution !/usr/bin/python2 import cherrypy import os import pwnlib.asm as asm import pwnlib.elf as elf import sys import struct with open'shellcode.bin', 'rb' as tmp: shellcode = tmp.read while lenshellcode % 4 != 0: shellcode += '\x00...
MediaWiki cross-site scripting vulnerability (CNVD-2015-05871)
MediaWiki is a free and free web-based Wiki engine developed and maintained by the Wikimedia Foundation and MediaWiki volunteers, which can be used to deploy in-house knowledge management and content management systems. A cross-site scripting vulnerability exists in MediaWiki's thumb.php script. ...
DEBIAN-CVE-2015-6730
Cross-site scripting XSS vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter, which is not properly handled in an error page, related to "ForeignAPI images."...
UBUNTU-CVE-2015-6730
Cross-site scripting XSS vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter, which is not properly handled in an error page, related to "ForeignAPI images."...
Windows RT ARM Bind Shell (Port 4444)
; Title: Windows RT ARM Bind Shell Port 4444 ; Date: July 28, 2013 ; Author: Matthew Graeber @mattifestation ; Blog post: http://www.exploit-monday.com/2013/07/WinRT-ARM-Shellcode.html ; Tested on: Microsoft Surface RT Tablet w/ Windows RT 6.2.9200 ; License: BSD 3-Clause ; Syntax: MASM ; Notes: ...
Windows RT ARM - Bind Shell Port 4444
Windows RT ARM - Bind Shell Port 4444. Shellcode exploit for arm platform ; Title: Windows RT ARM Bind Shell Port 4444 ; Date: July 28, 2013 ; Author: Matthew Graeber @mattifestation ; Blog post: http://www.exploit-monday.com/2013/07/WinRT-ARM-Shellcode.html ; Tested on: Microsoft Surface RT Tabl...
Paypal gives FBI the list of IP Address of 1,000 Anomymous hackers
Paypal gives FBI the list of IP Address of 1,000 Anomymous hackers Paypal collected 1000 IP addresses of those carrying out Anonymous' DDoS attacks against PayPal last December. To be fair the names on the list will probably be the bottom feeding script kiddies rather than the hackers at the top ...
Multiple Vulnerabilities in Collabtive
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Collabtive which could be exploited to perform cross-site scripting and cross-site request forgery attacks and gain access to sensitive information. 1 Cross-site scripting XSS vulnerability in Collabtive 1.1 The...
Linux/ARM - add root user with password - 151 bytes
Linux/ARM - add root user with password - 151 bytes. Shellcode exploit for arm platform / Title: Linux/ARM - add root user with password - 151 bytes Date: 2010-11-25 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @shellstorm http://shell-storm.org Informations: ------------- -...
DEBIAN-CVE-2010-1190
thumb.php in MediaWiki before 1.15.2, when used with access-restriction mechanisms such as imgauth.php, does not check user permissions before providing scaled images, which allows remote attackers to bypass intended access restrictions and read private images via unspecified manipulations...
Android/ARM - Reverse TCP (10.0.2.2:0x3412/TCP) Shell (/system/bin/sh) Shellcode (79 bytes)
Android/ARM - Reverse TCP 10.0.2.2:0x3412/TCP Shell /system/bin/sh Shellcode 79 bytes. Shellcode exploit for ARM platform / This ARM Thumb sc connects to a given IP and port with a shell. Intended for use with Android hence /system/bin/sh. Connects to the provided IP and port with a shell no null...
CVE-2006-6441
CVE-2006-6441 affects Xerox WorkCentre/WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000. The issue allows local users to bypass security controls and boot into Alchemy via certain alternate boot media, demonstrated by a USB thumb drive. The connected s...
CVE-2006-4739
Multiple cross-site scripting XSS vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the OriginalImageData parameter to phpthumb.php...