28 matches found
Exploit for Incorrect Authorization in Polkit_Project Polkit
Exploit for CVE-2021-3560 Polkit - Local Privilege Escalatio...
Arunna 1.0.0 Cross Site Request Forgery
Exploit Title: Arunna 1.0.0 - 'Multiple' Cross-Site Request Forgery CSRF Date: November 29, 2021 Exploit Author: =LL= Detailed Bug Description: https://lyhinslab.org/index.php/2021/11/29/how-white-box-hacking-works-xss-csrf-in-arunna/ Vendor Homepage: https://github.com/arunna Software Link:...
Heap-based Buffer Overflow in vim/vim
Description Greetings, A Heap-based Buffer Overflow issue was discovered in Vim. The POC file is reduced to the absolute minimum to reproduce the problem. Please see sanitizer output and the "trimmed" POC file link below. System info OS version : Ubuntu 20.04.2 LTS + Clang 12 with ASan Vim Versio...
Heap-based Buffer Overflow in vim/vim
Description Greetings, A Heap-based Buffer Overflow issue was discovered in Vim. The POC file is reduced to the absolute minimum to reproduce the problem. Please see sanitizer output and the "trimmed" POC file link below. System info OS version : Ubuntu 20.04.2 LTS + Clang 12 with ASan Vim Versio...
None in vim/vim
Description Greetings, A Use After Free issue was discovered in Vim. The POC file is reduced to the absolute minimum to reproduce the problem. Please see sanitizer output and the "trimmed" POC file link below. System info OS version : Ubuntu 20.04.2 LTS + Clang 12 with ASan Vim Version :...
Support Board 3.3.4 - 'Message' Stored Cross-Site Scripting (XSS)
Exploit Title: Support Board 3.3.4 - 'Message' Stored Cross-Site Scripting XSS Date: 16/10/2021 Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.4 Tested on: Ubuntu 20.04.2...
Support Board 3.3.4 - (Message) Stored Cross-Site Scripting Vulnerability
Exploit Title: Support Board 3.3.4 - 'Message' Stored Cross-Site Scripting XSS Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.4 Tested on: Ubuntu 20.04.2 LTS, Windows 10 PO...
Support Board 3.3.3 - Multiple SQL Injection (Unauthenticated) Vulnerability
Exploit Title: Support Board 3.3.3 - 'Multiple' SQL Injection Unauthenticated Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.3 Tested on: Ubuntu 20.04.2 LTS ----- PoC 1:...
Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
Exploit Title: Client Management System 1.1 - 'cname' Stored Cross-site scripting XSS Date: 2021-08-04 Exploit Author: Mohammad Koochaki Vendor Homepage: https://phpgurukul.com/client-management-system-using-php-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10841...
Client Management System 1.1 - (cname) Stored Cross-site scripting Vulnerability
Exploit Title: Client Management System 1.1 - 'cname' Stored Cross-site scripting XSS Exploit Author: Mohammad Koochaki Vendor Homepage: https://phpgurukul.com/client-management-system-using-php-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10841 Version: 1.1 Teste...
Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)
Exploit Title: Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting XSS Date: 2021-08-02 Exploit Author: Mohammad Koochaki Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...
Online Hotel Reservation System 1.0 - (Multiple) Cross-site scripting Vulnerability
Exploit Title: Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting XSS Exploit Author: Mohammad Koochaki Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...
in lavv17/lftp
โ๏ธ Description Whilst testing lftp built from commit d67fc1 with Clang 13 +ASan on Ubuntu 20.04.2 LTS, we discovered a crafted file which triggers a null pointer dereference and segfault. ๐ต๏ธโโ๏ธ Proof of Concept echo "aiYgAQEBNA==" | base64 -d /tmp/file.fuzz && ./lftp -f /tmp/file.fuzz The above POC...
Heap-based Buffer Overflow in squell/id3
โ๏ธ Description While testing id3 built from commit 0de713 with Clang 13 +ASan on Ubuntu 20.04.2, we discovered a POC which triggers a heap-buffer-overflow in tag::unbinarize. This particular flaw was discovered with the help of honggfuzz. ๐ต๏ธโโ๏ธ Proof of Concept echo...
Heap-based Buffer Overflow in rup0rt/pcapfix
โ๏ธ Description Whilst testing the 'devel' branch of pcapfix, specifically commit fb723ccompiled with clang-13 and -fsanitize=address on Ubuntu 20.04.2 LTS, we discovered a POC which triggers a heap-buffer-overflow. ๐ต๏ธโโ๏ธ Proof of Concept git clone https://github.com/Rup0rt/pcapfix cd pcapfix...
Heap-based Buffer Overflow in rup0rt/pcapfix
โ๏ธ Description Whilst testing pcapfix built from commit 5c2965 with Clang 13 +ASan on Ubuntu 20.04.2 LTS, we discovered a PCAPNG file which triggers a heap-buffer-overflow during a memcpy operation. ๐ต๏ธโโ๏ธ Proof of Concept echo "Cg0NCgAAAADT1MOysvgUAAAAAEpaggAAoPWPsvgUAAAAAAAAAAAA" | base64 -d...
Heap-based Buffer Overflow in squell/id3
โ๏ธ Description Archive.org is a worthy cause to support. ๐ During testing of id3 compiled from commit a899ea with Clang 13+ASan on Ubuntu 20.04.2, we discovered a payload which triggers a heap-buffer-overflow in ID3put. This particular bug was found using the AFL fuzzer. ๐ต๏ธโโ๏ธ Proof of Concept echo...
in squell/id3
โ๏ธ Description Archive.org is a worthy cause to support. ๐ During testing of id3 compiled from commit a899ea with Clang 13+ASan on Ubuntu 20.04.2, we discovered a payload which triggers a negative-size-param: size=-4 error when calling memcpy. This particular bug was discovered with the AFL fuzzer...
in thisistherk/fast_obj
โ๏ธ Description Whilst experimenting with the test code built from commit d97389 with Clang 11 +UBSan on Ubuntu 20.04.2 LTS, we discovered an OBJ file which produces a signed integer overflow and a pointer overflow followed by a SIGSEGV ๐ต๏ธโโ๏ธ Proof of Concept echo...
PHP 8.1.0-dev Backdoor Remote Command Injection Exploit
Exploit Title: PHP 8.1.0-dev backdoor | Remote Command Injection Unauthenticated Exploit Author: Richard Jones Vendor Homepage: https://www.php.net/ Software Link: https://github.com/vulhub/vulhub/tree/master/php/8.1-backdoor Version: PHP 8.1.0-dev Tested on: Linux Ubuntu 20.04.2 LTS...