41207 matches found
Joomla! Component JquickContact 1.3.2.2.1 - SQL Injection
Joomla! Component JquickContact 1.3.2.2.1 - SQL Injection Exploit Title: Joomla! Component JquickContact 1.3.2.2.1 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor: http://coderspirit.blogspot.com.tr/2011/07/jquickcontact.html Software:...
Joomla! Component SquadManagement 1.0.3 - SQL Injection
Joomla! Component SquadManagement 1.0.3 - SQL Injection Exploit Title: Joomla! Component SquadManagement 1.0.3 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.larshildebrandt.de/ Software Link:...
Joomla! Component SimpleCalendar 3.1.9 - SQL Injection
Joomla! Component SimpleCalendar 3.1.9 - SQL Injection Exploit Title: Joomla! Component SimpleCalendar 3.1.9 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://albonico.ch/ Software Link: http://software.albonico.ch/downloads/file/3-simplecalendar-3-1-9.html Version: 3.1.9 Categor...
Joomla! Component AllVideos Reloaded 1.2.x - divid SQL Injection
Joomla! Component AllVideos Reloaded 1.2.x - divid SQL Injection Exploit Title: Joomla! Component AllVideos Reloaded 1.2.x - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://allvideos.fritz-elfert.de Software Link:...
Joomla! Component Project Log 1.5.3 - search SQL Injection
Joomla! Component Project Log 1.5.3 - search SQL Injection Exploit Title: Joomla! Component Project Log 1.5.3 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://extensions.thethinkery.net/ Software Link:...
Joomla! Component Smart Shoutbox 3.0.0 - SQL Injection
Joomla! Component Smart Shoutbox 3.0.0 - SQL Injection Exploit Title: Joomla! Component Smart Shoutbox 3.0.0 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://thekrotek.com/ Software Link: https://extensions.joomla.org/extension/smart-shoutbox/ Version: 3.0.0 Category: Webapps...
PHIMS - Hospital Management Information System - Password SQL Injection
PHIMS - Hospital Management Information System - Password SQL Injection Exploit Title: PHIMS - Hospital Management Information System - 'Password' SQL Injection Dork: N/A Date: 2018-02-16 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage:...
Joomla! Component Saxum Numerology 3.0.4 - SQL Injection
Joomla! Component Saxum Numerology 3.0.4 - SQL Injection Exploit Title: Joomla! Component Saxum Numerology 3.0.4 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.saxum2003.hu/ Software Link: http://www.saxum2003.hu/en/downloadsen/category/7-saxumnumerology-komponens.html...
Joomla! Component DT Register 3.2.7 - id SQL Injection
Joomla! Component DT Register 3.2.7 - id SQL Injection Exploit Title: Joomla! Component DT Register 3.2.7 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://www.dthdevelopment.com/ Software Link:...
Joomla! Component Staff Master 1.0 RC 1 - SQL Injection
Joomla! Component Staff Master 1.0 RC 1 - SQL Injection Exploit Title: Joomla! Component Staff Master = 1.0 RC 1 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.systemsunited.net/ Software Link: http://www.systemsunited.net/ Version: = 1.0 RC 1 Category: Webapps Tested on:...
JBoss Remoting 6.14.18 - Denial of Service
JBoss Remoting 6.14.18 - Denial of Service Exploit Title: Exploit Denial of Service JBoss Remoting 4447/9999 Date: 14-02-2018 Exploit Author: Frank Spierings Vendor Homepage: https://www.redhat.com/en/technologies/jboss-middleware/application-platform/get-started Software Link:...
Joomla! Component Form Maker 3.6.12 - SQL Injection
Joomla! Component Form Maker 3.6.12 - SQL Injection Exploit Title: Joomla! Component Form Maker 3.6.12 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://demo.web-dorado.com/ Software Link: https://extensions.joomla.org/extensions/extension/contacts-and-feedback/forms/form-maker/...
Joomla! Component Kubik-Rubik Simple Image Gallery Extended (SIGE) 3.2.3 - Cross-Site Scripting
Joomla! Component Kubik-Rubik Simple Image Gallery Extended SIGE 3.2.3 - Cross-Site Scripting Exploit Title: Joomla! Component SIGE version 3. Solution: Update to version 3.3.0 https://downloads.kubik-rubik.de/joomla-extensions/plgsigev3.3.0.zip...
Joomla! Component JS Autoz 1.0.9 - SQL Injection
Joomla! Component JS Autoz 1.0.9 - SQL Injection Exploit Title: Joomla! Component JS Autoz 1.0.9 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.joomsky.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/vehicles/js-autoz/ Software...
Front Accounting ERP 2.4.3 - Cross-Site Request Forgery
Front Accounting ERP 2.4.3 - Cross-Site Request Forgery...
Joomla! Component Saxum Astro 4.0.14 - SQL Injection
Joomla! Component Saxum Astro 4.0.14 - SQL Injection Exploit Title: Joomla! Component Saxum Astro 4.0.14 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.saxum2003.hu/ Software Link: https://extensions.joomla.org/extensions/extension/living/astrology-a-horoscope/saxumastro/...
Joomla! Component Gallery WD 1.3.6 - SQL Injection
Joomla! Component Gallery WD 1.3.6 - SQL Injection Exploit Title: Joomla! Component Gallery WD 1.3.6 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://web-dorado.com/ Software Link: https://extensions.joomla.org/extensions/extension/photos-a-images/galleries/gallery-wd/ Software...
Joomla! Component Saxum Picker 3.2.10 - SQL Injection
Joomla! Component Saxum Picker 3.2.10 - SQL Injection Exploit Title: Joomla! Component Saxum Picker 3.2.10 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.saxum2003.hu/ Software Link: https://extensions.joomla.org/extensions/extension/sports-a-games/games/saxumpicker/...
Joomla! Component JTicketing 2.0.16 - SQL Injection
Joomla! Component JTicketing 2.0.16 - SQL Injection Exploit Title: Joomla! Component JTicketing 2.0.16 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://techjoomla.com/ Software Link: https://extensions.joomla.org/extensions/extension/calendars-a-events/events/jticketing/ Versio...
Microsoft Edge Chakra JIT - Array Type Confusion via InitProto Instructions
Microsoft Edge Chakra JIT - Array Type Confusion via InitProto Instructions / If a native array is used as a prototype, it is converted to a Var array by the Js::JavascriptNativeFloatArray::SetIsPrototype method. In the JIT compiler, it uses InitProto instructions to set object literals' prototyp...
Pdfium - Pattern Shading Integer Overflows
Pdfium - Pattern Shading Integer Overflows This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in cpdfrenderstatus.cpp re...
Microsoft Edge Chakra JIT - Memory Corruption
Microsoft Edge Chakra JIT - Memory Corruption / Let's consider the following example code. function opt let arr = ; return arr'x'; // Optimize the "opt" function. for let i = 0; i inline Js::Var ExecuteImplicitCallJs::RecyclableObject function, Js::ImplicitCallFlags flags, Fn implicitCall // For...
Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace
Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace Related to issue 1490 . When parsing ShadingPatterns; according to the specification they shouldn't be permitted to have a pattern colorspace as their base colorspace, but this is not validated, leading to out-of-bounds...
Chrome V8 - Runtime_RegExpReplace Integer Overflow
Chrome V8 - RuntimeRegExpReplace Integer Overflow / Here's a snippet of the method. ASSIGNRETURNFAILUREONEXCEPTION isolate, captureslengthobj, Object::ToLengthisolate, captureslengthobj; const int captureslength = PositiveNumberToUint32captureslengthobj; ... if functionalreplace const int argc =...
Microsoft Edge Chakra JIT - GlobOpt::OptTagChecks Must Consider IsLoopPrePass Properly (2)
Microsoft Edge Chakra JIT - GlobOpt::OptTagChecks Must Consider IsLoopPrePass Properly 2 It seems this is the patch for the bug. https://github.com/Microsoft/ChakraCore/pull/4226/commits/874551dd00ff6f404e593c7e0162efb54b953f5a The following two cases will bypass the fix. 1: function opt let obj ...
Microsoft Edge Chakra JIT - LdThis Type Confusion
Microsoft Edge Chakra JIT - LdThis Type Confusion / LdThis instructions' value type is assumed to be "Object". Since "this" can be other objects like an array, it has to be assumed to be "LikelyObject", otherwise, operations to "this" will not be checked properly. PoC: / function optarr arr0 = 1....
Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass
Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass / Here's a snippet of ExecuteImplicitCall which is responsible for updating the ImplicitCallFlags flag. template inline Js::Var ExecuteImplicitCallJs::RecyclableObject function, Js::ImplicitCallFlags flags, Fn implicitCall...
Microsoft Edge Chakra JIT - NewScObjectNoCtor Array Type Confusion
Microsoft Edge Chakra JIT - NewScObjectNoCtor Array Type Confusion / This is similar to the previous issues 1457, 1459 MSRC 42551, MSRC 42552. If a JavaScript function is used as a consturctor, it sets the new object's "proto" to its "prototype". The JIT compiler uses NewScObjectNoCtor instructio...
Microsoft Edge Chakra JIT - Array.prototype.reverse Array Type Confusion
Microsoft Edge Chakra JIT - Array.prototype.reverse Array Type Confusion / This is simillar to the previous issue 1457. But this time, we use Array.prototype.reverse. Array.prototype.reverse can be inlined and may invoke EnsureNonNativeArray to convert the prototype of "this" to a Var array. Call...
T9uSX62CBPeacuH
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
f3KOTJ0fqueVFEI
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
g6LJ13AJmUiI3LV
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
dwUjN2s6BF1pLOo
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
Br6Q8A5La1vHEXc
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
LZiu47KuvVGGiya
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
1dr3WheuN0QMcPU
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
dzQhdsmL3yNgUKJ
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
imjlGlBKdX7OY6y
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
2Lulc8bMIZt16Pt
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
Dell EMC Isilon OneFS - Multiple Vulnerabilities
Dell EMC Isilon OneFS - Multiple Vulnerabilities Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Dell EMC Isilon OneFS Multiple Vulnerabilities 1. Advisory Information Title: Dell EMC Isilon OneFS Multiple Vulnerabilities Advisory ID: CORE-2017-0009 Advisory URL:...
Social Oauth Login PHP - Authentication Bypass
Social Oauth Login PHP - Authentication Bypass Exploit Title: Social Oauth Login PHP - Authentication Bypass Dork: N/A Date: 2018-02-12 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://www.codester.com/items/4554/social-oauth-login-php Version: All...
userSpice 4.3 - Cross-Site Scripting
userSpice 4.3 - Cross-Site Scripting Application UserSpice PHP user management Vulnerability userSpice alert"1"&csrf=8b1339546d6af1e7536da0a705302e9c&updatebio= Vulnerable code: id?" class="nounderline"id?...
SOA School Management - access_login SQL Injection
SOA School Management - accesslogin SQL Injection Exploit Title: SOA - School Management Software with Integrated Parents/Students Portal & Mobile App - 'accesslogin' SQL Injection Dork: N/A Date: 2018-02-14 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage:...
Tenda AC15 Router - Remote Code Execution
Tenda AC15 Router - Remote Code Execution !/usr/bin/env python EDB Note Source: https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/ import urllib2 import struct import time import socket from optparse import import SimpleHTTPServer import SocketServer import threading import sys...
NAT32 2.2 Build 22284 - Remote Command Execution
NAT32 2.2 Build 22284 - Remote Command Execution + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CVE-2018-6940.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Product:...
NAT32 2.2 Build 22284 - Cross-Site Request Forgery
NAT32 2.2 Build 22284 - Cross-Site Request Forgery + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CSRF-CVE-2018-6941.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Produc...
GNU binutils 2.26.1 - Integer Overflow (PoC)
GNU binutils 2.26.1 - Integer Overflow PoC Exploit Title: Objdump - Integer Overflow Crash POC Date: 12.02.2018 Exploit Author: r4xis Tested Version: 2.26.1 Vuln Version: \nint mainprintf"HelloWorld!\n"; return 0;" f = open"helloWorld.c", 'w' f.writehello f.close os.system"gcc -c helloWorld.c -o...
TypeSetter CMS 5.1 - Host Header Injection
TypeSetter CMS 5.1 - Host Header Injection Exploit Title: TypeSetter CMS 5.1 Host Header Injection Date: 10-02-2018 Exploit Author: Navina Asrani Contact: https://twitter.com/NavinaSanjay Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://www.typesettercms.com/ Version: 5.1...
News Website Script 2.0.4 - search SQL Injection
News Website Script 2.0.4 - search SQL Injection Exploit Title:News Website Script - SQL Injection Error Based Google Dork: NA Date: 12.02.2018 Exploit Author: Varun Bagaria Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: http://under24usd.com/demo/newstoday/index.php Version: 2.0...
TypeSetter CMS 5.1 - Cross-Site Request Forgery
TypeSetter CMS 5.1 - Cross-Site Request Forgery Exploit Title: TypeSetter CMS 5.1 Cross Site Request Forgery Date: 10-02-2018 Exploit Author: Navina Asrani Contact: https://twitter.com/NavinaSanjay Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://www.typesettercms.com/...