XWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile

Impact One can execute any wiki content with the right of IconThemeSheet author by creating an icon theme with the following content: async async="true" groovy println"Hello from Groovy!" /groovy /async Can be done by creating a new page or even through the user profile for users not having edit...

Cross-site Scripting (XSS) - Stored in pimcore/pimcore

✍️ Description pimcore is a Open Source Data & Experience Management Platform PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce this package is vulnerable for Stored XSS custom meta data 🕵️‍♂️ Proof of Concept 💥 Impact This vulnerability is capable of Stored XSS...

OpenSMTPD 6.6.1 - Local Privilege Escalation Exploit

Exploit Title: OpenSMTPD 6.6.1 - Local Privilege Escalation Date: 2020-02-02 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.opensmtpd.org/ Version: OpenSMTPD 6.4.0 - 6.6.1 Tested on: OpenBSD 6.6, Debian GNU/Linux bullseye/sid with opensmtpd 6.6.1p1-1 CVE: CVE-2020-7247 !/usr/bin/perl...

CVE-2018-15004

The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/cp3636a:7.0/NRD90M/093031423:user/release-keys contains a platform app with a package name of com.qualcomm.qti.modemtestmode versionCode=24, versionName=7.0 that contains an exported service app component named...

Cisco Adaptive Security Appliance Denial of Service Vulnerability (CNVD-2015-06862)

The Cisco ASA 5500 Series Adaptive Security Appliances are modular platforms for delivering security and VPN services, providing firewall, IPS, anti-X, and VPN services. The Cisco Adaptive Security Appliance ASA has a security vulnerability in its implementation. A remote attacker could cause a...

Microsoft Windows Server 2008 R1 Denial Of Service

Hi all. Here's a cute little local DoS attack against Windows Server 2008 R1, which will allow any user who can execute unprivileged code to BSoD your server with about three lines of C. I have reported this to Microsoft, but because of the limited scope of the issue - DoS-only, and server 2008 R...

BitDefender Update Server - Unauthorized Remote File Access Vulnerability

BitDefender Update Server - Unauthorized Remote File Access Vulnerability ==================================================== Affected Products: - BitDefender Security for Fileservers - BitDefender Enterprise Manager BDEM - All BitDefender Products, using their internal update server product...

Lotus Domino R6 Webmail - Remote Password Hash Dumper

Lotus Domino R6 Webmail - Remote Password Hash Dumper !/bin/bash $Id: raptordominohash,v 1.3 2007/02/13 17:27:28 raptor Exp $ raptordominohash - Lotus Domino R5/R6 HTTPPassword dump Copyright c 2007 Marco Ivaldi Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores...

Multiple Vendor Telnet Client - Env_opt_add Heap Buffer Overflow

Multiple Vendor Telnet Client - Envoptadd Heap Buffer Overflow source: https://www.securityfocus.com/bid/12919/info Multiple vendors' Telnet client applications are reported prone to a remote buffer-overflow vulnerability. This vulnerability reportedly occurs in the 'envoptadd' function in the...