Adobe Acrobat and Reader Security bypass (APSB18-02: CVE-2018-4872)

This vulnerability is a security bypass vulnerability that leads to the Acrobat Reader sandbox escape. In this case, the cross call from the sandbox process to the embedded Internet Explorer process allows opening of a URL without a prompt for certain URLs. Due to the vulnerability, it is possibl...

Uber: Text Only Content Spoofing on ubermovement.com Community Page

Text Only Content Spoofing on ubermovement.com Community Page Vulnerable URL: http://ubermovement.com/community?tag=%20Stories%20have%20false%20information.%20Visit%20http://attacker.com%20for%20real%20stories. Content Spoofing is an attack technique that allows an attacker to inject a malicious...

Netwin SurgeFTP Sever 23d6 - Stored Cross Site Scripting Vulnerabilities

Exploit for windows platform in category web applications Exploit Netwin SurgeFTP Sever Stored Cross Site Scripting Vulnerabilities Date: 11/18/2015 Exploit Author: UnN0n Vendor: NetWin Software Link: http://netwinsite.com/cgi-bin/keycgi.exe?cmd=download&product=surgeftp Version: 23d6 Tested on:...

Netwin SurgeFTP Sever 23d6 - Persistent Cross-Site Scripting

Exploit Netwin SurgeFTP Sever Stored Cross Site Scripting Vulnerabilities Date: 11/18/2015 Exploit Author: UnN0n Vendor: NetWin Software Link: http://netwinsite.com/cgi-bin/keycgi.exe?cmd=download&product=surgeftp Version: 23d6 Tested on: Windows 7 x6464bit Info Surgeftp web-interface suffers wit...

Netwin SurgeFTP Sever 23d6 - Persistent Cross-Site Scripting

Netwin SurgeFTP Sever 23d6 - Persistent Cross-Site Scripting Exploit Netwin SurgeFTP Sever Stored Cross Site Scripting Vulnerabilities Date: 11/18/2015 Exploit Author: UnN0n Vendor: NetWin Software Link: http://netwinsite.com/cgi-bin/keycgi.exe?cmd=download&product=surgeftp Version: 23d6 Tested o...