334 matches found
D-Link DVGN5402SP - Multiple Vulnerabilities
Exploit for hardware platform in category web applications Exploit Title: DLink DVGN5402SP Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.dlink.com/ Versions Reported: Multiple - See below CVE-IDs: CVE-2015-7245 + CVE-2015-7246 + CVE-2015-7247 DLink DVGN5402SP File...
D-Link DVGN5402SP - Multiple Vulnerabilities
D-Link DVGN5402SP - Multiple Vulnerabilities Exploit Title: DLink DVGN5402SP Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.dlink.com/ Versions Reported: Multiple - See below CVE-IDs: CVE-2015-7245 + CVE-2015-7246 + CVE-2015-7247 DLink DVGN5402SP File Path Traversal...
D-Link DVGN5402SP - Multiple Vulnerabilities
Exploit Title: DLink DVGN5402SP Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.dlink.com/ Versions Reported: Multiple - See below CVE-IDs: CVE-2015-7245 + CVE-2015-7246 + CVE-2015-7247 DLink DVGN5402SP File Path Traversal, Weak Credentials Management, and Sensitive...
D-Link DVG-N5402SP Path Traversal / Information Disclosure
DLink DVGN5402SP File Path Traversal, Weak Credentials Management, and Sensitive Info Leakage Vulnerabilities Timelines Reported to CERT + Vendor: August 2015 Dlink released beta release: Oct 23, 2015 New fix release: MD5 GRNV6.1U23J-83-DL-R1B114-SGNormal.EN.img = 04fd8b901e9f297a4cdbea803a9a43c...
SeaWell Networks Spectrum - Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: SeaWell Networks Spectrum - Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: http://www.seawellnetworks.com/spectrum/ Versions Reported: Spectrum SDC 02.05.00, Build 02.05.00.0016 CVE-ID: CVE-2015-8282...
SeaWell Networks Spectrum SDC 02.05.00 Traversal / Privilege Escalation
Exploit Title: SeaWell Networks Spectrum - Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: http://www.seawellnetworks.com/spectrum/ Versions Reported: Spectrum SDC 02.05.00, Build 02.05.00.0016 CVE-ID: CVE-2015-8282 CVE-2015-8283 CVE-2015-8284 About SeaWell Networks Spectru...
SeaWell Networks Spectrum - Multiple Vulnerabilities
Exploit Title: SeaWell Networks Spectrum - Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: http://www.seawellnetworks.com/spectrum/ Versions Reported: Spectrum SDC 02.05.00, Build 02.05.00.0016 CVE-ID: CVE-2015-8282 CVE-2015-8283 CVE-2015-8284 About SeaWell Networks Spectru...
Pornhub: Publicly exposed SVN repository, ht.pornhub.com
After I found the subversion repository I visited the following location https://netreact.eu/hubtraffic I could see the usernames in the repo and the following weak credentials gave me access: stefan:123456 An attacker can commit code to this location which could be mirrored on the main site and...
LinEnum - Local Linux Enumeration & Privilege Escalation Checks
LinEnum will automate many of the checks that I’ve documented in the Local Linux Enumeration & Privilege Escalation Cheatsheet. It’s a very basic shell script that performs over 65 checks, getting anything from kernel information to locating possible escalation points such as potentially useful...
Android App SSL Certificate Validation Errors Enumerated
A growing compilation of close to 350 Android applications that fail to perform SSL certificate validation over HTTPS has been put together by the CERT Coordination Center at the Software Engineering Institute at Carnegie Mellon University. Researcher Will Dormann created a large spreadsheet host...
欧朋LDAP服务匿名访问,内部大量泄露等!
简要描述: RT! 详细说明: LDAP匿名访问: 59.151.111.93:389 漏洞证明: 我看到有些公司的邮件系统直接用LDAP明文存储邮箱密码的,结果从高管到员工的邮箱可能全部被控制.发现真是进入企业内部的好通道啊! 总有几个员工弱口令的: https://mail.oupeng.com [email protected] kongcongcong [email protected] renyongy wifi: Hubei446 Beijing7 Guangdong3 Guangxi0 Xinjiang0 Fujian42 看出每月密码更换规则没?...
PostgreSQL Default Credentials (PostgreSQL Protocol)
It was possible to login into the remote PostgreSQL as user postgres using weak credentials. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CP...
MySQL / MariaDB Default Credentials (MySQL Protocol)
It was possible to login into the remote MySQL using default credentials. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2008-2291
axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials...