41207 matches found
Geneko Routers - Path Traversal
Geneko Routers - Path Traversal Vulnerability Summary The following advisory describes a Unauthenticated Path Traversal vulnerability found in Geneko GWR routers series. Geneko GWG is compact and cost effective communications solution that provides cellular capabilities for fixed and mobile...
Mozilla Firefox - table Use-After-Free
Mozilla Firefox - table Use-After-Free body display: table function freememory try fuzzPriv.forceGC; catcherr alert'Please install domFuzzLite3'; function go var s = document.getSelection; window.find"1",true,false,true,false; s.modify"extend","forward","line";...
F5 BIG-IP SSL Virtual Server - Ticketbleed Memory Disclosure
F5 BIG-IP SSL Virtual Server - Ticketbleed Memory Disclosure / Exploit Title: Ticketbleed CVE-2016-9244 F5 BIG-IP SSL virtual server Memory Leakage Date: 10.02.2017 Exploit Author: Ege Balcı Vendor Homepage: https://f5.com/ Version: 12.0.0 - 12.1.2 && 11.4.0 - 11.6.1 Tested on: Multiple CVE :...
Google Android - WifiNative::setHotlist Stack Overflow
Google Android - WifiNative::setHotlist Stack Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=958 The following code in frameworks/opt/net/wifi/service/jni/comandroidserverwifiWifiNative.cpp doesn't validate the parameter params.numbssid, and then copies that number of...
Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)
Microsoft Edge Scripting Engine - Memory Corruption MS16-129 !-- Source: http://www.security-assessment.com/files/documents/advisory/edgechakramemcorruption.pdf Name: Microsoft Edge Scripting Engine Memory Corruption Vulnerability MS16-129 CVE: CVE-2016-7202 Vendor Website:...
Microsoft Windows (x86) - afd.sys Local Privilege Escalation (MS11-046)
Microsoft Windows x86 - afd.sys Local Privilege Escalation MS11-046 / Exploit Title: Windows x86 all versions AFD privilege escalation MS11-046 Date: 2016-10-16 Exploit Author: Tomislav Paskalev Vulnerable Software: Windows XP SP3 x86 Windows XP Pro SP2 x64 Windows Server 2003 SP2 x86 Windows...
Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution
Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution KL-001-2016-007 : Cisco Firepower Threat Management Console Remote Command Execution Leading to Root Access Title: Cisco Firepower Threat Management Console Remote Command Execution Leading to Root Access Advisory ID:...
IPFire 2.19 Core Update 101 - Remote Command Execution
IPFire 2.19 Core Update 101 - Remote Command Execution Exploit Title: IPFire 2.19 Update Core 101 XSS to CSRF to Remote Command Execution Date: 04/05/2016 Author: Yann CAM @ Synetis - ASafety Vendor or Software Link: www.ipfire.org Version: lesser-than 2.19 Core Update 101 Category: Remote Comman...
Microsoft Excel - Out-of-Bounds Read Code Execution (MS16-042)
Microsoft Excel - Out-of-Bounds Read Code Execution MS16-042 Title: Microsoft Office Excel Out-of-Bounds Read Remote Code Execution Application: Microsoft Office Excel Affected Products: Microsoft Office Excel 2007,2010,2013,2016 Software Link: https://products.office.com/en-ca/excel Date: April...
Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities
Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities Infor CRM 8.2.0.1136 Multiple HTML Script Injection Vulnerabilities Vendor: Infor Product web page: http://www.infor.com Affected version: 8.2.0.1136 Summary: Infor® CRM, formerly Saleslogix, is an award-winning customer...
GE Industrial Solutions UPS SNMP Adapter 4.8 - Multiple Vulnerabilities
GE Industrial Solutions UPS SNMP Adapter 4.8 - Multiple Vulnerabilities Exploit Title: GE Industrial Solutions - UPS SNMP Adapter Command Injection and Clear-text Storage of Sensitive Information Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: http://www.geindustrial.com/ Versions...
Microsoft Internet Explorer 11 - MSHTML!CObjectElement Use-After-Free (MS15-124)
Microsoft Internet Explorer 11 - MSHTML!CObjectElement Use-After-Free MS15-124 small -ms-block-progression: lr; -ms-filter: "vv";...
D-Link DIR-645 - Multiple UPNP Vulnerabilities
D-Link DIR-645 - Multiple UPNP Vulnerabilities Advisory Information Title: Dlink DIR-645 UPNP Buffer Overflow Vendors contacted: William Brown Dlink Release mode: Released CVE: None Note: All these security issues have been discussed with the vendor and vendor indicated that they have fixed issue...
ZHONE S3.0.501 - Multiple Vulnerabilities
ZHONE S3.0.501 - Multiple Vulnerabilities Vantage Point Security Advisory 2015-002 ======================================== Title: Multiple Vulnerabilities found in ZHONE Vendor: Zhone Vendor URL: http://www.zhone.com Device Model: ZHONE ZNID GPON 2426A 24xx, 24xxA, 42xx, 42xxA, 26xx, and 28xx...
Liferay 6.1.0 CE - Privilege Escalation
Liferay 6.1.0 CE - Privilege Escalation Exploit Title: Liferay 6.1.0 CE GA1 Privilege Escalation Date: 18/05/2015 Exploit Author: Massimo De Luca - mentat.is Vendor Homepage: https://www.liferay.com Software Link:...
Mango Automation 2.6.0 - Multiple Vulnerabilities
Mango Automation 2.6.0 - Multiple Vulnerabilities Mango Automation 2.6.0 CSRF File Upload And Arbitrary JSP Code Execution Vendor: Infinite Automation Systems Inc. Product web page: http://www.infiniteautomation.com/ Affected version: 2.5.2 and 2.6.0 beta build 327 Summary: Mango Automation is a...
TYPO3 Extension Akronymmanager 0.5.0 - SQL Injection
TYPO3 Extension Akronymmanager 0.5.0 - SQL Injection Advisory: SQL Injection in TYPO3 Extension Akronymmanager An SQL injection vulnerability in the TYPO3 extension "Akronymmanager" allows authenticated attackers to inject SQL statements and thereby read data from the TYPO3 database. Details...
Apache JackRabbit - WebDAV XML External Entity
Apache JackRabbit - WebDAV XML External Entity !/usr/bin/env python """ Exploit Title: Jackrabbit WebDAV XXE Date: 25-05-2015 Software Link: http://jackrabbit.apache.org/jcr/ Exploit Author: Mikhail Egorov Contact: 0ang3el gmail com Website: http://0ang3el.blogspot.com CVE: CVE-2015-1833 Category...
vBulletin 4.x5.x - AdminCPApiLog via xmlrpc API (Authenticated) Persistent Cross-Site Scripting
vBulletin 4.x5.x - AdminCPApiLog via xmlrpc API Authenticated Persistent Cross-Site Scripting CVE-2014-2021 - vBulletin 5.x/4.x - persistent XSS in AdminCP/ApiLog via xmlrpc API post-auth ================================================================================================ Overview...
Ultra Electronics 7.2.0.197.4.0.7 - Multiple Vulnerabilities
Ultra Electronics 7.2.0.197.4.0.7 - Multiple Vulnerabilities Ultra Electronics / AEP Networks - SSL VPN Netilla / Series A / Ultra Protect Vulnerabilities http://www.osisecurity.com.au/advisories/ultra-aep-netilla-vulnerabilities Release Date: 02-Oct-2014 Software: Ultra Electronics - Series A...
Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation
Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation """ Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-002 Publication Date: 2014-07-18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt 1...
ACME micro_httpd - Denial of Service
ACME microhttpd - Denial of Service """ Exploit Title: Buffer Overflow in microhttpd by ACME Date: 4/7/2014 Exploit Author: Yuval tisf Nativ Vendor Homepage: http://www.acme.com/software/microhttpd/ Software Link: http://www.acme.com/software/microhttpd/ Version: June 2012 CVE: CVE-2014-4927 Test...
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Path Traversal/Remote Code Execution product: WD Arkeia Virtual Appliance AVA vulnerable version: All Arkeia...
Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities
Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated access & manipulation of settings product: Huawei E5331 MiFi mobile hotspot...
SpagoBI 4.0 - Privilege Escalation
SpagoBI 4.0 - Privilege Escalation 01. Advisory Information Title: Remote Privilege Escalation in SpagoBI Date published: 2013-02-28 Date of last update: 2013-02-28 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: High 02. Vulnerability Information CVE reference:...
Stem Innovation - IZON Hard-Coded Credentials
Stem Innovation - IZON Hard-Coded Credentials Stem Innovation ‘IZON’ Hard-coded Credentials CVE-2013-6236 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- Stem Innovation's IP camera called ‘IZON’ utilizes numerous hard-coded credentials within it...
Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling (MS13-067)
Microsoft SharePoint 2013 Cloud - Persistent Exception Handling MS13-067 Title: ====== Microsoft SharePoint 2013 Cloud - Persistent Exception Handling Web Vulnerability Date: ===== 2013-09-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=812 Security Bulletin: MS13-06...
AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities
AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ AVTECH DVR multiple vulnerabilities 1. Advisory Information Title: AVTECH DVR multiple vulnerabilities Advisory ID: CORE-2013-0726 Advisory URL:...
Cisco ASA 8.4.4.6 8.2.5.32 - Ethernet Information Leak
Cisco ASA 8.4.4.6 8.2.5.32 - Ethernet Information Leak !/usr/bin/env python CVE-2003-0001 'Etherleak' exploit ================================= Exploit for hosts which use a network device driver that pads ethernet frames with data which vary from one packet to another, likely taken from kernel...
WaveSurfer 1.8.8p4 - Memory Corruption (PoC)
WaveSurfer 1.8.8p4 - Memory Corruption PoC !/usr/bin/perl WaveSurfer 1.8.8p4 This script creates a crafted WAV file which leads the application to crash DoS. my $crafted = "\x52\x49\x46\x46\x20\x12\x01\x00\x57\x41\x56\x45\x66\x6D\x74\x20"...
traq 2.3.5 - Multiple Vulnerabilities
traq 2.3.5 - Multiple Vulnerabilities ==================================================================== Vulnerable Software: traq-2.3.5 Official Site: TraqProject.org ==================================================================== About Software: Traq is a PHP powered project manager,...
PluXml 5.1.5 - Local File Inclusion
PluXml 5.1.5 - Local File Inclusion Advisory ID: HTB23086 Product: PluXml Vendor: pluxml.org Vulnerable Versions: 5.1.5 and probably prior Tested Version: 5.1.5 Vendor Notification: 11 April 2012 Vendor Patch: 16 April 2012 Public Disclosure: 2 May 2012 Vulnerability Type: Local File Inclusion CV...
Symfony2 - Local File Disclosure
Symfony2 - Local File Disclosure Sense of Security - Security Advisory - SOS-12-002 Release Date. 05-Mar-2012 Last Update. - Vendor Notification Date. 24-Feb-2012 Product. Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10 Severity Rating. Medium Impact. Exposure of sensitive information...
Oracle GlassFish Server - Administration Console Authentication Bypass
Oracle GlassFish Server - Administration Console Authentication Bypass Oracle GlassFish Server Administration Console Authentication Bypass 1. Advisory Information Title: Oracle GlassFish Server Administration Console Authentication Bypass Advisory ID: CORE-2010-1118 Advisory URL:...
siemens tecnomatix factorylink 8.0.1.1473 - Multiple Vulnerabilities
siemens tecnomatix factorylink 8.0.1.1473 - Multiple Vulnerabilities Sources: http://aluigi.org/adv/factorylink1-adv.txt http://aluigi.org/adv/factorylink2-adv.txt http://aluigi.org/adv/factorylink3-adv.txt http://aluigi.org/adv/factorylink4-adv.txt http://aluigi.org/adv/factorylink5-adv.txt...
Clear iSpotClearspot 2.0.0.0 - Cross-Site Request Forgery
Clear iSpotClearspot 2.0.0.0 - Cross-Site Request Forgery Trustwave's SpiderLabs Security Advisory TWSL2010-008: Clear iSpot/Clearspot CSRF Vulnerabilities https://www.trustwave.com/spiderlabs/advisories/TWSL2010-008.txt Published: 2010-12-10 Version: 1.0 Vendor: Clear http://www.clear.com...
GNU glibc - regcomp() Stack Exhaustion Denial of Service
GNU glibc - regcomp Stack Exhaustion Denial of Service // source: https://www.securityfocus.com/bid/45233/info GNU glibc is prone to a denial-of-service vulnerability due to stack exhaustion. Successful exploits will allow attackers to make the affected computer unresponsive, denying service to...
APBoard 2.1.0 - board.php?id SQL Injection
APBoard 2.1.0 - board.php?id SQL Injection APBoard 2.1.0 / board.php?id= SQL Injection Author : secret - [email protected] Homepage : http://swissfaking.net/ Date : 05 August, 2010 / // // // \ / // / / // \ / | / |/ / \ \ / / / / / , // / / / / / / , // | / / //// ///||// //////||//...
Joomla! Component com_dateconverter 0.1 - SQL Injection
Joomla! Component comdateconverter 0.1 - SQL Injection ----------------------------------------------------------------------------------------- Joomla Component comdateconverter SQL Injection Vulnerability -----------------------------------------------------------------------------------------...
e107 - Code Exection
e107 - Code Exection Exploit Title: e107 Code Exec Date: 05/22/10 Author: [email protected] Software Link: http://e107.org/edownload.php Version: e107 agent"Mozilla/5.0"; if $proxy print " Using proxy $proxy \n"; $ua-envproxy'1'; my $req = new HTTP::Request POST = $path;...
Alibaba Clone Platinum - offers_buy.php SQL Injection
Alibaba Clone Platinum - offersbuy.php SQL Injection / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...
gitWeb 1.5.2 - Remote Command Execution
gitWeb 1.5.2 - Remote Command Execution Exploit Title: gitWeb remote command execution Date: 2009.06.19 Author: S2 Crew Hungary Software Link: - Version: GIT 1.5.2 Tested on: debian linux, GIT 1.5.2 CVE: CVE-2008-5516 - CVE-2008-5517 Code: The cgi script doesn't show the command output blind...
Horde 3.3.5 - PHP_SELF Cross-Site Scripting
Horde 3.3.5 - PHPSELF Cross-Site Scripting ============================================= INTERNET SECURITY AUDITORS ALERT 2009-012 - Original release date: October 13th, 2009 - Last revised: December 16th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3701 - Severity: 6.3/10 CVSS Bas...
WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter
WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter Exploit Title: WP-Polls 2.x Incorrect Flood Filter Date: 30/11/2009 Author: Jbyte jbyte-security.blogspot.com Software Link: http://lesterchan.net/wordpress/readme/wp-polls.html Version: 2.x Tested on: Windows 7/windows xp/ ubuntu 9.04/ ubunt...
CuteNews and UTF-8 CuteNews - Multiple Vulnerabilities
CuteNews and UTF-8 CuteNews - Multiple Vulnerabilities MorningStar Security - Advisory http://www.morningstarsecurity.com/ Multiple security issues in Cute News and UTF-8 Cute News 1. Advisory Information...
Linux Kernel 2.6.19 (Debian 4) - udp_sendmsg Local Privilege Escalation (3)
Linux Kernel 2.6.19 Debian 4 - udpsendmsg Local Privilege Escalation 3 / hoagieudpsendmsg.c LOCAL LINUX KERNEL ROOT EXPLOIT include include include include include include include include / this code will be called from NFHOOK via output callback in kernel mode / void setcurrenttaskuidsgidstozero...
Real Helix DNA - RTSP SETUP Request Handler
Real Helix DNA - RTSP SETUP Request Handler -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Real Helix DNA RTSP and SETUP request handler vulnerabilities 1. Advisory Information Title: Real Helix DNA RTSP and SETUP...
DMXReady Registration Manager 1.1 - Contents Change
DMXReady Registration Manager 1.1 - Contents Change Title : DMXReady Registration Manager http://target/path//applications/RegistrationManager/incregistrationmanager.asp Edit - http://target/path//admin/RegistrationManager/addcategory.asp : milw0rm.com 2009-01-14...
DMXReady Account List Manager 1.1 - Contents Change
DMXReady Account List Manager 1.1 - Contents Change Title : DMXReady Account List Manager http://target/path//applications/AccountListManager/incaccountlistmanager.asp Edit - http://target/path//admin/AccountListManager/addcategory.asp : milw0rm.com 2009-01-13...
Fantastico - index.php Local File Inclusion
Fantastico - index.php Local File Inclusion source: https://www.securityfocus.com/bid/32578/info Fantastico is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts ...