Lucene search
K
Myhack58Most viewed

7620 matches found

myhack58
myhack58
added 2017/08/20 12:0 a.m.134 views

Microsoft Word vulnerability: hackers can use the automatic update link to install the malicious software-vulnerability warning-the black bar safety net

According to foreign media news, the SANS Internet Center a freelance security consultant and Handler in Microsoft Word, found a very interesting vulnerability that allows an attacker to abuse the Word program to automatically update the link function. This is one of the default start function,...

0.9AI score
Exploits0
myhack58
myhack58
added 2019/04/15 12:0 a.m.133 views

The IE 11 browser is the explosion of security vulnerabilities: remotely steal local PC file-bug warning-the black bar safety net

Recently security experts in the IE 11 browser on the found new vulnerabilities in the process. MHT saved page can allow a hacker to steal the PC on the file. More importantly. MHT file format the default processing application is the IE 11 browser, so even the Chrome as the default web browser o...

0.9AI score
Exploits0
myhack58
myhack58
added 2019/03/28 12:0 a.m.133 views

For a driver to mention the right vulnerability analysis-vulnerability warning-the black bar safety net

One, Foreword As Microsoft is constantly reinforcing core safety, enhance the native kernel components of the exploit difficulty, and now third party kernel drivers are gradually becoming the attacker's preferred target, is security analysts the focus of the study. Signed third-party driver...

7.7AI score0.00839EPSS
Exploits0
myhack58
myhack58
added 2017/06/06 12:0 a.m.133 views

How to pass the command injection vulnerability fix Yahoo subsidiary production servers-vulnerability warning-the black bar safety net

One, Foreword Time to get back to 5 May 20, the night before that, I spent several days time to study the Yahoo Messenger app, still can't figure out how it works, but annoying headache and neck pain and looking for me. So I decided to go for a walk, find a new target. Then I noticed a very...

10CVSS7.7AI score0.97485EPSS
Exploits11
myhack58
myhack58
added 2017/05/06 12:0 a.m.133 views

CVE-2017-7985&7986: detailed analysis of the Joomla! Two XSS vulnerabilities-vulnerability warning-the black bar safety net

Joomla! Is the world's most popular CMS solutions. It allows users to custom build website powerful online applications. According to incomplete statistics on the Internet more than 3% of the websites running Joomla!, At the same time its share of the global more than 9% of the CMS market share...

4.3CVSS7.4AI score0.01333EPSS
Exploits2
myhack58
myhack58
added 2015/08/19 12:0 a.m.133 views

Based on BIGINT overflow error SQL injection-vulnerability warning-the black bar safety net

I for by the MySQL error to extract data New Technologies are very interested in, and the herein to be described is one such technology. When I examine the MySQL integer processing mode when suddenly for how to make it happen overflow generated strong interest. Below, we look at MySQL is how to...

7.8AI score
Exploits0
myhack58
myhack58
added 2010/03/06 12:0 a.m.133 views

QUIK e-mail(QuarkMail latest remote vulnerability-vulnerability warning-the black bar safety net

From: http://www.aaibase.cn/Article/hk/201002/608.html Found by: me Vulnerability Description: The QUIK e-mail(QuarkMail Beijing Xiong Zhi weiye science and Technology Company launched the e-mail system, is widely used in various fields of the email solution该 产品 的 主要 客户 名单...

7.4AI score
Exploits0
myhack58
myhack58
added 2019/09/20 12:0 a.m.132 views

CVE-2019-16097:Harbor privilege elevation vulnerability alerts-a vulnerability alert-the black bar safety net

2019 9 May 19, 360CERT observed abroad security researcher Aviv Sasson found Harbor there is elevation of Privilege Vulnerability, the Harbor in the default configuration register the function is open, the attacker can register functions using the vulnerability to gain administrator privileges...

1.3AI score0.23284EPSS
Exploits5
myhack58
myhack58
added 2016/12/14 12:0 a.m.132 views

In ie8 using ROP and Heap Spray using the bounce of the shell-vulnerability warning-the black bar safety net

This exploit program is for the Windows 7 platform on the IE8 browser. The focus of our attention is one that uses the Java network launch Protocol JNLP the plug-in, this plug-in there is overflow vulnerability. In order to achieve the use, I will use the Heaplib to construct a ROP chain in order...

0.6AI score
Exploits0
myhack58
myhack58
added 2016/08/19 12:0 a.m.132 views

BenignCertain: a can remotely extract the Cisco VPN key hack tool free leak files download address-vulnerability warning-the black bar safety net

One, Foreword In a flash, we came to this familiar yet strange Friday. In this past week, the field of network security in the most“eye-catching”the event certainly not“the NSA is a black event”Mo belong to. The United States Time 2 0 1 6 years 8 on 1 5 December, a named“The Shadow Brokers”of the...

7.3AI score
Exploits0
myhack58
myhack58
added 2019/04/25 12:0 a.m.131 views

Using Foxit Reader PDF Printer to achieve provided the right-vulnerability warning-the black bar safety net

Last year, I wrote an article about the Foxit Reader, tap the UAF vulnerability of the process, and how to exploit the vulnerability remote code execution attacks. After that, I'm in one of the articles described in Foxit Reader SDK ActiveX in a command injection vulnerability. The spirit does no...

0.3AI score0.00863EPSS
Exploits1
myhack58
myhack58
added 2019/04/16 12:0 a.m.131 views

Internet Explorer XXE vulnerability alerts-a vulnerability alert-the black bar safety net

GMT 4 on 11 May, the Foreign Security Fellow at the John Page public disclosure Internet Explorer 11 XXE vulnerability, successful exploitation of the vulnerability will lead to local file disclosure. Microsoft learned of the vulnerability, given a”temporary non-fix”results. In view of the...

7.1AI score
Exploits0
myhack58
myhack58
added 2017/05/19 12:0 a.m.131 views

Oracle's PeopleSoft products was traced to the presence of unauthorized remote code execution vulnerability-vulnerability warning-the black bar safety net

Oracle PeopleSoft In a few months ago, I was fortunate enough to get to review Oracle's PeopleSoft solutions the opportunity to review object including PeopleSoft HRMS and PeopleTool. In addition to the few not recorded in the case of CVE addition, the network did not seem to me to provide how mu...

6.4CVSS7AI score0.25832EPSS
Exploits9
myhack58
myhack58
added 2015/05/16 12:0 a.m.131 views

PHP multipart/form-data remote DOS vulnerability-vulnerability warning-the black bar safety net

PHP parse multipart/form-datahttp request the body part of the request header, the duplicate copy of the string resulting in DOS. A remote attacker by sending a maliciously constructed multipart/form-data requests, causing the server CPU resource is exhausted, so a remote DOS Server. Affect range...

0.2AI score
Exploits0
myhack58
myhack58
added 2014/09/28 12:0 a.m.131 views

bash code injection security vulnerability-vulnerability warning-the black bar safety net

! bashbuga lot of people perhaps the upper half of the occurrence of the security issues of the“heart bleed”in Heartbleed Bug event memory is quite deep, this two days, there was also a“destruction level”of vulnerability-the Bash software security vulnerabilities. This vulnerability French...

10CVSS0.1AI score0.99999EPSS
Exploits139
myhack58
myhack58
added 2019/08/14 12:0 a.m.130 views

Microsoft Patch Day: Word/DHCP/LNK remote code execution vulnerability alerts-a vulnerability alert-the black bar safety net

2019 8 May 14, Microsoft released security updates in addition to the RDP vulnerability also covers for a plurality of remote code execution high-risk vulnerabilities repair. Microsoft Word remote code execution vulnerability, the vulnerability number CVE-2019-0585。 The Windows DHCP client remote...

9.3CVSS2.9AI score0.21967EPSS
Exploits0
myhack58
myhack58
added 2019/03/28 12:0 a.m.130 views

Using Semmle QL vulnerability out Part2-vulnerability warning-the black bar safety net

First part of this series introduced the Semmle QL, as well as the Microsoft Security Response Center MSRC how to use it to review to our report the vulnerability. This article discusses a How do we take the initiative to use it examples, including Azure firmware component of a security audit. Th...

0.8AI score
Exploits0
myhack58
myhack58
added 2017/10/19 12:0 a.m.130 views

Adobe ColdFusion arbitrary command execution flaws vulnerability 0day(CVE–2017–11283, CVE–2017–11284)early warning-vulnerability warning-the black bar safety net

Adobe ColdFusion in 2017 9 November 12 released a network security update in refer to the previous version, there is a serious deserialization flaws vulnerability bug(CVE-2017-11283, CVE-2017-11284, and may incur long-distance code to fulfill. When applying the Flex integration-do on Remote Adobe...

9.1AI score0.42721EPSS
Exploits3
myhack58
myhack58
added 2017/10/12 12:0 a.m.130 views

Microsoft windows October release of the 62 flaws vulnerability bug patch, and repair of the National researchers submitted the 0-day flaw vulnerability bug-vulnerability warning-the black bar safety net

Microsoft on Tuesday's Patch Tuesday on the breath announced a 62 bug. the bug of the patch, which contains a has been applied to the major Office 0-day exploits flaws in the bug, this is by memory of the destruction occasioned by the long-distance code to perform vulnerability flaws bug(...

7.3AI score0.81627EPSS
Exploits13
myhack58
myhack58
added 2017/08/23 12:0 a.m.130 views

lighttpd domain processing denial of service vulnerability environment from the reproduction to the analysis-vulnerability warning-the black bar safety net

A. lighttpd domain processing denial of service vulnerability of the environment to build 1 Install lighttpd Because this vulnerability requires that a fixed version,so we need to manually install. wget http://download.lighttpd.net/lighttpd/releases-1.4.x/ lighttpd-1.4.31.tar.gz tar-zxvf...

5CVSS0.1AI score0.12038EPSS
Exploits7
myhack58
myhack58
added 2016/02/17 12:0 a.m.130 views

WebDAV local mention the right Vulnerability, CVE-2 0 1 6-0 0 5 1. THE POC & EXP-vulnerability warning-the black bar safety net

Vulnerability information The vulnerability exists in the Microsoft Web Distributed Authoring and Versioning WebDAV, if Microsoft Web Distributed Authoring and Versioning WebDAV client to validate the input properly, then which will present elevation of privilege vulnerability. Successful...

7.2CVSS1.9AI score0.23383EPSS
Exploits12
myhack58
myhack58
added 2007/01/20 12:0 a.m.130 views

Network Security Series knowledge of CGI exploits collection under-vulnerability warning-the black bar safety net

4 2. exprcalc. cfm ● Type: the attack type ● The level of risk: low ● Description: if in a Web directory containing: | /cfdocs/expeval/exprcalc. cfm /cfdocs/expeval/sendmail. cfm /cfdocs/expeval/eval. cfm /cfdocs/expeval/openfile. cfm /cfdocs/expeval/displayopenedfile. cfm...

0.2AI score
Exploits0
myhack58
myhack58
added 2019/07/25 12:0 a.m.129 views

Xstream remote code execution vulnerability-vulnerability warning-the black bar safety net

One, the Foreword XStream is a commonly used Java class libraries used to serialize an object into XML, JSON or deserialize the object. Second, the vulnerability profile Xstream 1.4.10 version exists deserialization vulnerability CVE-2013-7285 patch bypass. Third, the vulnerability to hazards The...

7.5CVSS9.6AI score0.94774EPSS
Exploits9
myhack58
myhack58
added 2019/05/15 12:0 a.m.129 views

Used to bypass the posture formed SSRF acquiring India's biggest stock broker company AWS password credentials-vulnerability warning-the black bar safety net

Hello everyone, today share of it is the author in response to India's biggest stock broker company for security testing, by different levels of the bypassing techniques Bypass, and eventually acquired the company AWS password credentials in the process. Where to WAF bypassing, as well as further...

0.1AI score
Exploits0
myhack58
myhack58
added 2017/08/17 12:0 a.m.129 views

Travel to the dark of the door! Debugee in QEMU-vulnerability warning-the black bar safety net

I haven't to secure guest posting, just recently the contact vulnerability discovery, and have been reading some of the classic fuzzer source code, at the same time also began to contact the virtualization escape this piece of content, at this time happened to come across two very classic exploit...

5CVSS8AI score0.13288EPSS
Exploits1
myhack58
myhack58
added 2017/08/14 12:0 a.m.129 views

Then talk about CVE-2017-7047 Triple_Fetch and iOS 10.3.2 sandbox escape-vulnerability warning-the black bar safety net

Ian Beer@google released a CVE-2017-7047TripleFetch of exp and it is1, The chenliang@keenlab also published on TripleFetch analysis2, but due to this vulnerability and exp there are a lot of highlights, so also the remaining lot can dig deep into the details. Thus, our simple analysis of...

6.8CVSS8.3AI score0.06726EPSS
Exploits4
myhack58
myhack58
added 2017/07/08 12:0 a.m.128 views

Discuz plug-in Bluegrass today wechat voting rights limit and brush votes vulnerability with python scripting-vulnerability warning-the black bar safety net

Two days before the bunch of friends online canvassing, feeling that something in the programmer before it is an irony(me is the programmer before me, when a programmer there are always people that you will be stolen QQ, attack, repair the computer。。。。) Directly into the theme, with to Tools: 1...

7.6AI score
Exploits0
myhack58
myhack58
added 2017/03/17 12:0 a.m.128 views

Github enterprise remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

Right now, almost everyone in the use of GitHub. If you have a lot of Green Paper or for your own code very paranoid, then you can run your own GitHub. Paid$ 2500 dollars, you can get a GitHub Enterprise version for 10 users for one year. In fact, Github enterprise is a virtual machine, but...

7.2AI score
Exploits0
myhack58
myhack58
added 2011/04/18 12:0 a.m.129 views

Phpspy 2 0 1 0 shell authentication bypass exploit-vulnerability warning-the black bar safety net

Phpspy 2 0 1 0 shell is angel webshll 3 Musketeers sword. 2 0 1 0 version in phpspy 2 0 0 9 basis. Once again streamlined, optimized code. Achieve oracle, sybase, db2, support, etc.。。。。 phpspy code there are many unscientific place. However functionally the letter is already PHPshell inside, one ...

0.6AI score
Exploits0
myhack58
myhack58
added 2009/03/14 12:0 a.m.128 views

Port reuse shellcode-exploit warning-the black bar safety net

Port reuse shellcode Author: thorn The hard disk has a lot of use a variety of techniques to achieve the port reuse shellcode, are based on the previous write. Turned out a relatively dwarfish, patch to the here. Want to expand your friends can own change. This shellcode can also be easily extend...

8AI score
Exploits0
myhack58
myhack58
added 2019/09/12 12:0 a.m.127 views

In-depth exploration found in the wild iOS exploit chain III-vulnerability warning-the black bar safety net

Overview This article exploits the chain's target is iOS 11-11. 4. 1, spanning nearly 10 months. This is what we observed first having a separate sandbox escape exploits chain. The sandbox escape vulnerability is libxpc in more serious security problem, wherein the reconstruction will lead to a W...

0.3AI score
Exploits0
myhack58
myhack58
added 2019/07/25 12:0 a.m.127 views

Comodo Antivirus explosion multiple vulnerabilities-vulnerability warning-the black bar safety net

Comodo is a company located in the United States software company, headquartered in Jersey City, was established in 1998, is a world-renowned IT security service provider and SSL certificate providers. Researchers at Comodo Antivirus / Comodo Antivirus Advanced and other products found in the...

7.2CVSS0.6AI score0.00558EPSS
Exploits5
myhack58
myhack58
added 2019/03/19 12:0 a.m.127 views

Through the Server Info in a buffer overflow to achieve the Steam client RCE-vulnerability warning-the black bar safety net

In Steam and other V social game such as CSGO, Half-Life, TF2, built-in a looking for a server browser server browser, and a game server. In order to obtain information about these server information, the server browser using a method called server query server queries a specific UDP communicatio...

0.7AI score
Exploits0
myhack58
myhack58
added 2016/01/15 12:0 a.m.127 views

Python-rsa signature forgery-vulnerability warning-the black bar safety net

! By looking at the python-rsa source code, we found that it is the presence of a vulnerability is based on Bleichenbacher'0 6 attack research out for the RSA signature forgery of a simple variant, is due to the public key index is too low. The vulnerability can lead to arbitrary information to...

0.3AI score
Exploits0
myhack58
myhack58
added 2018/12/13 12:0 a.m.126 views

phpMyAdmin released a security update to fix 3 vulnerabilities-vulnerability warning-the black bar safety net

phpMyAdmin release new versions that fix multiple security vulnerabilities phpMyAdmin released yesterday the new version 4. 8. 4, fixes multiple security vulnerabilities. Previous, 12 on 9, phpMyAdmin official has released the update notice, to remind the user to 11, afternoon to evening for...

0.7AI score0.03254EPSS
Exploits0
myhack58
myhack58
added 2017/08/14 12:0 a.m.126 views

Well-known terminal simulation software, XSHELL, multiple versions exist the back door, or to upload user Server account password-loophole warning-the black bar safety net

Xshell is a powerful,famous terminal simulation software, is widely used for server operations and management,Xshell supports SSH, SFTP, TELNET, RLOGIN and SERIAL functions. It offers industry-leading performance and powerful function, in the free terminal emulation software has an irreplaceable...

7.2AI score
Exploits0
myhack58
myhack58
added 2015/05/11 12:0 a.m.126 views

Apache Tomcat denial of service vulnerability(CVE-2 0 1 4-0 2 3 0)-vulnerability warning-the black bar safety net

Affected system: The Apache Group Tomcat 8.0.0-RC1 – 8.0.8 Apache Group Tomcat 7.0.0 – 7.0.54 Apache Group Tomcat 6.0.0 – 6.0.43 Description: CVECAN ID: CVE-2 0 1 4-0 2 3 0 Apache Tomcat is a popular open source JSP application server program. Not reading the request body, i.e. the response to th...

7.8CVSS5.6AI score0.20318EPSS
Exploits0
myhack58
myhack58
added 2007/07/20 12:0 a.m.126 views

Fuzzing in Microsoft Word overflow analysis and use-vulnerability and early warning-the black bar safety net

This article has been published in the hacker line of Defense of the 2 0 0 7 years 7 monthly. The author and the hacker line of Defense on the retention of copyright, reproduced, please indicate the original source. For the reader: overflow of lovers Pre-knowledge: Assembly language, buffer...

8.6AI score
Exploits0
myhack58
myhack58
added 2019/05/16 12:0 a.m.125 views

vaeThink v1. 0. 1 code execution vulnerability mining analysis-vulnerability warning-the black bar safety net

0x01 introduction This article is for a niche CMS(vaeThink v1. 0. 1 for analysis, code execution vulnerability discovery and audit process of the record, the CMS is based on ThinkPHP5 development. As a code audit entry rookie, also want to be able to practice and learn the process of recording an...

0.2AI score
Exploits0
myhack58
myhack58
added 2019/02/22 12:0 a.m.125 views

Hidden for 19 years WinRAR code execution vulnerability-vulnerability warning-the black bar safety net

The researchers found WinRAR logic vulnerabilities that can full access to the victims computer control. The exploit only requires from the compressed file to extract it can work, more than 5 million users affected. More importantly, the vulnerability has been there 19 years, forcing WinRAR...

0.3AI score
Exploits0
myhack58
myhack58
added 2018/06/08 12:0 a.m.125 views

Wages table actually into hacking weapons Flash emergency patch-bug warning-the black bar safety net

6 month 7 day night, the official Adobe announcement, announced the emergency release security patches fix latest be found the Flash of high-risk vulnerabilities, and the discovery of this vulnerability using the 360 core security advanced Threat Response Team public Acknowledgements. As the...

1.2AI score
Exploits0
myhack58
myhack58
added 2017/03/31 12:0 a.m.125 views

fastjson remote code execution vulnerability technical analysis and protection solution-vulnerability warning-the black bar safety net

! 2017-year 3 December 15, fastjson official released a security Bulletin indicating fastjson in 1. 2. 24 and the prior version there is a remote code execution high-risk security vulnerabilities. An attacker can use this vulnerability to remotely execute malicious code to invade the server...

1.2AI score
Exploits0
myhack58
myhack58
added 2012/12/21 12:0 a.m.125 views

portable-phpMyAdmin(WordPress plugin authentication bypass-vulnerability warning-the black bar safety net

Part1. Description portable-phpMyAdmin is Wordpress a plug-in, direct access to plug-ins when there are no validation Wordpress session and permissions. Since this plugin has quite a lot of management functions, without a custom over the portable-phpMyAdmin plugin provides a full phpMyAdmin conso...

7.5CVSS6.4AI score0.23745EPSS
Exploits6
myhack58
myhack58
added 2019/06/25 12:0 a.m.124 views

Router 0day vulnerability discovery practical-vulnerability warning-the black bar safety net

! Last year 7 month in the company's internal share over this issue, said to also almost a year, too lazy to now only issued to. In 2018, 3, 4 on more than two or three months time, spent more and more time to engage in a domestic router, dug some holes, after also don't get it. Also wrote a litt...

0.1AI score
Exploits0
myhack58
myhack58
added 2019/04/18 12:0 a.m.124 views

iSCSI unauthorized access vulnerability, tens of thousands of iSCSI are likely to be affected-vulnerability warning-the black bar safety net

! Overview iSCSI Internet Small Computer System Interface Internet small computer system interface, also known as IP-SAN, is an Internet-based and SCSI-3 protocols storage technology, by the IETF, proposed, and 2003 2 May 11, became the official standard. 2019 4 December 17, white cap sinks a...

0.8AI score
Exploits0
myhack58
myhack58
added 2019/01/18 12:0 a.m.124 views

Router exploitation of the Stack Overflow entry a-vulnerability warning-the black bar safety net

MIPS instruction set is mainly used in some embedded IOT devices, such as Router, camera. To these devices for binary vulnerability mining you need to have the MIPS to have a certain familiar. The MIPS instruction set of Stack Overflow and the x86 instruction set is different, so the exploits is...

0.2AI score
Exploits0
myhack58
myhack58
added 2018/11/29 12:0 a.m.124 views

DVWA Pro-test CSRF vulnerability-vulnerability warning-the black bar safety net

CSRF is a cross-site request forgery, i.e., a user at A site after login in the same client of the Site B using the vulnerability to get A site's Cookie and other authentication information, and forgery as legitimate identity request to A site. This article in the local environment, carry out the...

0.1AI score
Exploits0
myhack58
myhack58
added 2017/04/20 12:0 a.m.124 views

ShadowBroker release of NSA tools in the Esteemaudit vulnerability reproduction process-vulnerability warning-the black bar safety net

Recently the infamous equation tissue kit again is disclosed, TheShadowBrokers in steemit. com blog provides related message. The following is one of Esteemaudit vulnerability reproduction process. Preparation IP System information Use Note 192.168.146.132 Windows xp Attack aircraft Need Ann...

1.2AI score
Exploits0
myhack58
myhack58
added 2019/04/02 12:0 a.m.123 views

About CVE-2019-9766 buffer overflow vulnerability penetration module preparation and testing-vulnerability warning-the black bar safety net

CVE-2019-9766 exposed about Free MP3 CD Ripper buffer overflow vulnerability in the conversion file, Free MP3 CD Ripper 2.6 in a stack-based buffer overflow vulnerability allows user-assisted remote attackers via a specially crafted. mp3 file to execute arbitrary code. This article describes in...

6.8CVSS8.2AI score0.07959EPSS
Exploits2
myhack58
myhack58
added 2019/03/01 12:0 a.m.123 views

The use of DVRF learn firmware analysis series a-vulnerability warning-the black bar safety net

With a variety of hardware devices vulnerabilities more and more people concern, as well as by a malicious attacker a large advantage. As a Security Researcher, Learning Analytics firmware vulnerability, a timely warning to patch vulnerabilities is becoming increasingly important. This series of...

7.5AI score
Exploits0
Total number of security vulnerabilities5000