41207 matches found
iBilling 3.7.0 - Persistent Cross-Site Scripting Reflected Cross-Site Scripting
iBilling 3.7.0 - Persistent Cross-Site Scripting Reflected Cross-Site Scripting iBilling v3.7.0 Multiple Stored and Reflected Cross Site Scripting Vulnerabilities Vendor: iBilling Product web page: http://www.ibilling.io/ Affected version: 3.7.0 Summary: The features you want, the simplicity you...
Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities
Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities Operation Technology ETAP 14.1.0 Multiple Stack Buffer Overrun Vulnerabilities Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution...
Web2py 2.14.5 - Multiple Vulnerabilities
Web2py 2.14.5 - Multiple Vulnerabilities Title - Web2py 2.14.5 Multiple Vulnerabilities LFI,XSS,CSRF Exploit Title : Web2py 2.14.5 Multiple Vulnerabilities LFI, XSS,CSRF Reported Date : 2-April-2016 Fixed Date : 4-April-2016 Exploit Author : Narendra Bhati -...
CMS Made Simple 1.12.1 2.1.3 - Web Server Cache Poisoning
CMS Made Simple 1.12.1 2.1.3 - Web Server Cache Poisoning ============================================= Web Server Cache Poisoning in CMS Made Simple ============================================= CVE-2016-2784 Product Description =================== CMS Made Simple is a great tool with many plugi...
CubeCart 6.0.10 - Multiple Vulnerabilities
CubeCart 6.0.10 - Multiple Vulnerabilities Advisory ID: HTB23298 Product: CubeCart Vendor: CubeCart Limited Vulnerable Versions: 6.0.10 and probably prior Tested Version: 6.0.10 Advisory Publication: March 2, 2016 without technical details Vendor Notification: March 2, 2016 Vendor Patch: March 16...
Trend Micro Deep Discovery Inspector 3.83.7 - Cross-Site Request Forgery
Trend Micro Deep Discovery Inspector 3.83.7 - Cross-Site Request Forgery + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-DDI-CSRF.txt Vendor: ==================== www.trendmicro.com Product:...
Linux Kernel 3.10.0-229.x (CentOS RHEL 7.1) - snd-usb-audio Crash (PoC)
Linux Kernel 3.10.0-229.x CentOS RHEL 7.1 - snd-usb-audio Crash PoC OS-S Security Advisory 2016-17 Linux snd-usb-audio Multiple Free Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Title: Local RedHat...
D-Link DIR-615 - Multiple Buffer Overflow Vulnerabilities
D-Link DIR-615 - Multiple Buffer Overflow Vulnerabilities Advisory Information Title: Dlink DIR-615 Authenticated Buffer overflow in Ping and Send email functionality Vendors contacted: William Brown , Patrick Cline [email protected] CVE: None Note: All these security issues have been...
VBox Satellite Express 2.3.17.3 - Arbitrary Write
VBox Satellite Express 2.3.17.3 - Arbitrary Write KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation Title: VBox Satellite Express Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-005 Publication Date: 2015.09.16 Publication URL:...
4 TOTOLINK Router Models - Cross-Site Request Forgery Cross-Site Scripting
4 TOTOLINK Router Models - Cross-Site Request Forgery Cross-Site Scripting Advisory Information Title: 4 TOTOLINK router models vulnerable to CSRF and XSS attacks Advisory URL: https://pierrekim.github.io/advisories/2015-totolink-0x01.txt Blog URL:...
XOOPS 2.0.11 - Multiple Vulnerabilities
XOOPS 2.0.11 - Multiple Vulnerabilities XOOPS Multiple Vulnerabilities Vendor: XOOPS Product: XOOPS Version: = 2.0.11 Website: http://www.xoops.org/ BID: 14094 14096 CVE: CVE-2005-2112 CVE-2005-2113 OSVDB: 17633 17634 17635 SECUNIA: 15843 PACKETSTORM: 38372 Description: XOOPS is a very popular...
Havij - OLE Automation Array Remote Code Execution
Havij - OLE Automation Array Remote Code Execution !/usr/bin/php ?php Title : Havij OLE Automation Array Remote Code Execution Affected Versions: All Version Founder : ITSecTeam Tested on Windows 7 / Server 2008 Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail ...
WordPress Plugin Ad Inserter 1.5.2 - Cross-Site Request Forgery
WordPress Plugin Ad Inserter 1.5.2 - Cross-Site Request Forgery ================================================================ CSRF/Stored XSS Vulnerability in Ad Inserter Plugin ================================================================ . contents:: Table Of Content Overview ======== Tit...
SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities
SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities Document Title: =============== SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1314 Release Date: ============= 2015-03-23 Vulnerability Laboratory I...
BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File RetrievalDeletion
BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File RetrievalDeletion Vulnerability title: Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet CVE: CVE-2014-5370 Vendor: New Atlanta Product: BlueDragon CFChart Servlet Affected version: 7.1.1.17759 Fixed version:...
Palo Alto Traps Server 3.1.2.1546 - Persistent Cross-Site Scripting
Palo Alto Traps Server 3.1.2.1546 - Persistent Cross-Site Scripting !/usr/bin/ruby =begin ------------------------------------------------------------------------ Product: Palo Alto Traps Server formerly Cyvera Endpoint Protection Vendor: Palo Alto Networks Vulnerable Versions: 3.1.2.1546 Tested...
EMC MR (Watch4net) - Directory Traversal
EMC MR Watch4net - Directory Traversal Abstract A path traversal vulnerability was found in EMC M&R Watch4net Device Discovery. This vulnerability allows an attacker to access sensitive files containing configuration data, passwords, database records, log data, source code, and program scripts an...
Moodle 2.5.92.6.82.7.52.8.3 - Block Title Handler Cross-Site Scripting
Moodle 2.5.92.6.82.7.52.8.3 - Block Title Handler Cross-Site Scripting Moodle 2.5.9/2.6.8/2.7.5/2.8.3 Block Title Handler Cross-Site Scripting Vendor: Moodle Pty Ltd Product web page: https://www.moodle.org Affected version: 2.8.3, 2.7.5, 2.6.8 and 2.5.9 Summary: Moodle is a learning platform...
jQuery - jui_filter_rules PHP Code Execution
jQuery - juifilterrules PHP Code Execution -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 PHP Code Execution in juifilterrules Parsing Library ====================================================== Researcher: Timo Schmid Description =========== juifilterrules1 is a jQuery plugin which allows...
ZTE-and-TP-Link-RomPager
Date: 10-05-2014 Server Version: RomPager/4.07 UPnP/1.0 Tested Routers: ZTE ZXV10 W300 TP-Link TD-W8901G TP-Link TD-W8101G TP-Link TD-8840G Firmware: FwVer:3.11.2.175TC3086 HwVer:T14.F75.0 Tested on: Kali Linux x86 !/usr/bin/env python -- coding: utf-8 -- Exploit Title: ZTE and TP-Link RomPager D...
Kolibri-Webserver-2.0
This exploit will bypass all protections in EMET 5.0 and 4.1 but DEP. Date: September 30th 2014 Author: tekwizz123 Vendor Homepage: http://www.senkas.com Software Download: http://www.senkas.com/kolibri/download.php Version: 2.0 Tested on: Windows 7 32 bit, Windows 7 64 bit, Windows XP SP3 CVE-ID...
e107 2 Bootstrap CMS - Cross-Site Scripting
e107 2 Bootstrap CMS - Cross-Site Scripting | | | || / | |/' | | || | / / | /| \ / /\ | / / \ |/ / alertString.fromCharCode88, 83, 83 or "alertdocument.cookie ======== Credits: ======== Vulnerability found and advisory written by Ahmet Agar. =========== References: =========== http://www.0x97.inf...
PHP-Calendar 0.10.1 - Arbitrary File Inclusion
PHP-Calendar 0.10.1 - Arbitrary File Inclusion PHP-Calendar Arbitrary File Inclusion Vendor: Sean Proctor Product: PHP-Calendar Version: = 0.10.1 Website: http://php-calendar.sourceforge.net/ BID: 12127 CVE: CVE-2004-1423 OSVDB: 12700 12701 SECUNIA: 22516 PACKETSTORM: 35563 Description: I was...
WordPress Plugin CM Download Manager 2.0.0 - Code Injection
WordPress Plugin CM Download Manager 2.0.0 - Code Injection Vulnerability title: Code Injection in Wordpress CM Download Manager plugin 2.0.0 CVE: CVE-2014-8877 Plugin: CM Download Manager plugin Vendor: CreativeMinds - https://www.cminds.com/ Link download:...
Konke Smart Plug K - Authentication Bypass
Konke Smart Plug K - Authentication Bypass ----------------------------------------------------------------------- Konke Smart Plug Authentication Bypass Vulnerability ----------------------------------------------------------------------- Author : gamehacker&zixian Mail : gh&zixian Date : Oct,...
BMC Track-It! - Multiple Vulnerabilities
BMC Track-It! - Multiple Vulnerabilities Multiple critical vulnerabilities in BMC Track-It! Discovered by Pedro Ribeiro [email protected], Agile Information Security ================================================================================= The application exposes several .NET remoting...
Kolibri WebServer 2.0 - Remote Buffer Overflow (EMET 5.0 EMET 4.1 Partial Bypass)
Kolibri WebServer 2.0 - Remote Buffer Overflow EMET 5.0 EMET 4.1 Partial Bypass !/bin/python import socket, sys, re Exploit Title: Kolibri POST Buffer overflow with EMET 5.0 and EMET 4.1 Partial Bypass Date: September 30th 2014 Author: tekwizz123 Vendor Homepage: http://www.senkas.com Software...
WS10 Data Server - SCADA Overflow (PoC)
WS10 Data Server - SCADA Overflow PoC Exploit Title: WS10 Data Server SCADA Exploit Overflow PoC Date: 09/23/2014 Author: Pedro Sánchez Version: 1.83 English Tested on: Windows 7 embedded. Notified the vendor, vendor never responded. In the new version this PoC stops working Vendor: Novus...
Broadcom PIPA C211 - Sensitive Information Disclosure
Broadcom PIPA C211 - Sensitive Information Disclosure Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A...
EagleGet 1.1.8.1 - Denial of Service
EagleGet 1.1.8.1 - Denial of Service Exploit Title: EagleGet 1.1.8.1 DoS Exploit Date: 03 April 2014 Exploit Author: Interference Security Vendor Homepage: http://www.eagleget.com/ Software Link: http://www.eagleget.com/download/ Version: 1.1.8.1 Tested on: Microsoft Windows XP SP3 print " Crash...
Symantec Endpoint Protection Manager 11.012.012.1 - Remote Command Execution
Symantec Endpoint Protection Manager 11.012.012.1 - Remote Command Execution import argparse import httplib """ Exploit Title: Symantec Endpoint Protection Manager Remote Command Execution Exploit Author: Chris Graham @cgrahamseven CVE: CVE-2013-5014, CVE-2013-5015 Date: February 22, 2014 Vendor...
ProjectOr RIA 3.4.0 - objectDetail.php?objectId SQL Injection
ProjectOr RIA 3.4.0 - objectDetail.php?objectId SQL Injection ============================================= INTERNET SECURITY AUDITORS ALERT 2013-017 - Original release date: July 26th, 2013 - Last revised: July 26th, 2013 - Discovered by: Vicente Aguilera Diaz - Severity: 6.8/10 CVSSv2 Base Scor...
appRain 3.0.2 - Blind SQL Injection
appRain 3.0.2 - Blind SQL Injection Advisory ID: HTB23177 Product: appRain Vendor: appRain Vulnerable Versions: 3.0.2 and probably prior Tested Version: 3.0.2 Advisory Publication: October 9, 2013 without technical details Vendor Notification: October 9, 2013 Public Disclosure: November 6, 2013...
SimpleRisk 20130915-01 - Multiple Vulnerabilities
SimpleRisk 20130915-01 - Multiple Vulnerabilities 1. Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting XSS...
Sybase EAServer 6.3.1 - Multiple Vulnerabilities
Sybase EAServer 6.3.1 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Sybase EAServer vulnerable version: =6.3.1 fixed version: vendor did not supply version...
Dovecot with Exim - sender_address Remote Command Execution
Dovecot with Exim - senderaddress Remote Command Execution Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution During a penetration test a typical misconfiguration was found in the way Dovecot is used as a local delivery agent by Exim. A common use case for the...
SonicWALL OEM Scrutinizer 9.5.2 - Multiple Vulnerabilities
SonicWALL OEM Scrutinizer 9.5.2 - Multiple Vulnerabilities Title: ====== Sonicwall OEM Scrutinizer v9.5.2 - Multiple Web Vulnerabilities Date: ===== 2013-02-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=786 VL-ID: ===== 786 Common Vulnerability Scoring System:...
Axway Secure Transport 5.1 SP2 - Directory Traversal
Axway Secure Transport 5.1 SP2 - Directory Traversal Secure Transport Path Traversal Vulnerability Public Disclosure Date: November 11, 2012 Vendors Affected: Axway http://www.axway.com Systems Affected: Secure Transport Problem: A path traversal vulnerability was identified in SecureTransport...
freeSSHd 2.1.3 - Remote Authentication Bypass
freeSSHd 2.1.3 - Remote Authentication Bypass FreeSSHD all version Remote Authentication Bypass ZERODAY Discovered & Exploited by Kingcope Year 2011 Exploit-DB Mirror: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/23080.zip Run like: ssh.exe -l valid username...
Movable Type Pro 5.13en - Persistent Cross-Site Scripting
Movable Type Pro 5.13en - Persistent Cross-Site Scripting -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Source URL: http://www.cloudscan.me/2012/10/cve-2012-1503-movable-type-pro-513en.html Keywords: CVE-2012-1503, Movable Type Pro 5.13en, Stored XSS, JavaScript Injection, Vendor Unresponsive,...
subrion CMS 2.2.1 - Multiple Vulnerabilities
subrion CMS 2.2.1 - Multiple Vulnerabilities Advisory ID: HTB23113 Product: Subrion CMS Vendor: The Subrion development team Vulnerable Versions: 2.2.1 and probably prior Tested Version: 2.2.1 Vendor Notification: September 5, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL...
Open Journal Systems (OJS) 2.3.6 - Multiple Script Arbitrary File Upload
Open Journal Systems OJS 2.3.6 - Multiple Script Arbitrary File Upload source: https://www.securityfocus.com/bid/52666/info Open Journal Systems is prone to following multiple vulnerabilities because the software fails to sufficiently sanitize user-supplied input: 1. An arbitrary-file-deletion...
Endian UTM Firewall 2.4.x 2.5.0 - Multiple Web Vulnerabilities
Endian UTM Firewall 2.4.x 2.5.0 - Multiple Web Vulnerabilities Title: ====== Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities Date: ===== 2012-03-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=228 VL-ID: ===== 228 Introduction: ============= Einfac...
Mozilla Firefox - Array.reduceRight() Integer Overflow (1)
Mozilla Firefox - Array.reduceRight Integer Overflow 1 Title: Mozilla Firefox Array.reduceRight Integer Overflow Exploit Date: 12 Oct 2011 Author: Matteo Memelli ryujin -AT- offensive-security.com CVE-2011-2371 Full exploit package:...
NETGEAR Wireless Cable Modem Gateway - Authentication Bypass Cross-Site Request Forgery
NETGEAR Wireless Cable Modem Gateway - Authentication Bypass Cross-Site Request Forgery Sense of Security - Security Advisory - SOS-11-011 Release Date. 20-Sep-2011 Last Update. - Vendor Notification Date. 22-Mar-2011 Product. NETGEAR Wireless Cable Modem Gateway CG814WG Affected versions. Hardwa...
iSupport 1.8 - SQL Injection
iSupport 1.8 - SQL Injection iSupport 1.8 SQL Injection Vulnerability Date: 2011-06-23 Author: Brendan Coles Advisory: http://itsecuritysolutions.org/2011-06-23-iSupport-1.8-SQL-Injection-Vulnerability/ Software: iSupport Version: = 1.8 Homepage: http://www.idevspot.com/iSupport.php Google Dork:...
7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities
7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities Sources: http://aluigi.org/adv/igss1-adv.txt http://aluigi.org/adv/igss2-adv.txt http://aluigi.org/adv/igss3-adv.txt http://aluigi.org/adv/igss4-adv.txt http://aluigi.org/adv/igss5-adv.txt http://aluigi.org/adv/igss6-adv.txt...
KingView 6.5.3 SCADA - ActiveX
KingView 6.5.3 SCADA - ActiveX Exploit Title: KingView 6.5.3 SCADA ActiveX Date: March 07 2011 Author: Carlos Mario Penagos Hollmann Software Link: http://download.kingview.com/software/kingview%20English%20Version/kingview6.53EN.rar Version: 6.53 English Tested on: Windows xp sp3 running on VMwa...
SmarterMail 7.2.3925 - LDAP Injection
SmarterMail 7.2.3925 - LDAP Injection Vendor: smartertools.com SmarterMail 7.x 7.2.3925 Date: 2010-10-01 Author : David Hoyt sqlhacker – Hoyt LLC Contact : [email protected] Home : http://cloudscan.me Dork : insite: SmarterMail Enterprise 7.2 Bug : LDAP Injection + Cross Site Scripting STORED Test...
Foxit Reader 4.0 - .pdf Multiple Stack Based Buffer Overflow Jailbreak
Foxit Reader 4.0 - .pdf Multiple Stack Based Buffer Overflow Jailbreak import sys,zlib def getFFShellcodesc: ffsc = '' if lensc%4 != 0: sc += 4-lensc%4'\x00' for i in range0,lensc,4: ffsc += '\xff'+sci+3+sci+2+sci+1+sci return ffsc outputHeader = ''' FreeType Compact Font Format CFF Multiple Stac...