SPIP versions 3.1.2 and below suffer from a cross site scripting vulnerability.
82f26ce8d2e06a0310943f86601d4af8ea95702997bd1830df30452763eead8f
SPIP versions 3.1.2 and below suffer from a cross site request forgery vulnerability.
ac70a9fadf7bb6167051a6bc6282e4fffb3814c2ba5b4c38bd4c9d0a3de2e8c3
This is the thirteenth issue of POC || GTFO.
c881c67557af52864654791a2a494f329a2fa397236bf0e961508f0769b0a3f5
The isolated private namespace created by ierutils has a insecure DACL which allows any appcontainer process to gain elevated permissions on the namespace directory which could lead to elevation of privilege.
91dd2dafe62503e1402e801a11454398d381c47becea95deca59b0c271104cab
The isolated private namespace created by ierutils has an insecure boundary descriptor which allows any non-appcontainer sandbox process (such as chrome) or other users on the same system to gain elevated permissions on the namespace directory which could lead to elevation of privilege.
68f3b1ea316257c0328816712b240f725ef353f02ec723df39644a2236351e6b
NtLoadKeyEx takes a flag to open a registry hive read only, if one of the hive files cannot be opened for read access it will revert to write mode and also impersonate the calling process. This can leading to elevation of privilege if a user controlled hive is opened in a system service.
1a8fcebf49504f53a251ec53b447f0516cf99661d4e5a20f9ace8c025cf0207b
XhP CMS version 0.5.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
ec85b46e76b4a151784024e788e9659bb714be40cff3825547925be32ebc1c47
Cisco Security Advisory - A vulnerability in the Identity Firewall feature of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending a crafted NetBIOS packet in response to a NetBIOS probe sent by the ASA software. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
ec71423c8a13380eb28398b2ca96acf7cd796aa893ce8fd1eda95fa5b8b341ea
Red Hat Security Advisory 2016-2082-01 - Red Hat Storage Console is a new Red Hat offering for storage administrators that provides a graphical management platform for Red Hat Ceph Storage 2. Red Hat Storage Console allows users to install, monitor, and manage a Red Hat Ceph Storage cluster. Security Fix: A flaw was found in the way authentication details were passed between rhscon-ceph and rhscon-core. An authenticated, local attacker could use this flaw to recover the cleartext password.
3a9748381fe7e0aeef711fb28a1dcb07552bd2e859c93cc001261330adb97920
Red Hat Security Advisory 2016-2079-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions.
42291419234b4a70c11c7b17d62668758ec3fd60b82421825806aa232d148151
Yasir Portal version 5.0 suffers from a database disclosure vulnerability.
ae36b0fd644394cdeadcd4ec4c39056b097c02d02086f7b71f427dc793e027c0
Redkod version 3.0 suffers from a database disclosure vulnerability.
8cab3ea537a593afc8d3f929f92866f55f95190c2b6b4e0c189346fcd3b6d8dc
KonyaSoft version 2.3 suffers from a database disclosure vulnerability.
a752f2afc2e586461e83519b112fb383642d9a36eb3ceafd6c861cb3e5dccb8a
OneBlog version 2.0 suffers from a cross site scripting vulnerability.
40852ce46c11a726609faa40c50dfaf39133c1b04e755ef98573b179ac671600
VBScan is a black box vBulletin vulnerability scanner written in perl.
00e39bc657609445485e8b9e1a7f43f7a5fd58e9bb73c6a7bea7b3302685a728
Cgiemail version 1.6 suffers from a source code disclosure vulnerability.
3c4b08f9d7c5d6871607a87e25580453ed6a22c97ac5665e0efe7bd6d6eedf3f
IObit Advanced SystemCare version 10.0.2 suffers from an unquoted service path privilege escalation vulnerability.
c203c721f18ed5263154d782e25a010af6b697495148789e2a23cf56d3d0af8e
EZGallery Resim Galerisi Scripti version 2.0 suffers from a database disclosure vulnerability.
de054af692c419d980f135c5bf88b395d678644eff023e359949dbb3012cea0c
MyDesign Haber Scripti version 7 suffers from a database disclosure vulnerability.
d02f793c9cdc9acf473a3ce8d7239a7f068e693d093364a2138bf10527abbced
PC Toplama version 2.0 suffers from a database disclosure vulnerability.
578a744f2415fb4b0b897fc1f4288cb8522b1f3ab8c0fb39ce504d80174925e4
MyDesign Defter version 1.7 suffers from a database disclosure vulnerability.
24df67d461657655de4e9147e08ec5e5758da5d15082cb85ffd388bca07c73f8
Besni Okul Portal version 2.0 suffers from a database disclosure vulnerability.
3aa17712cc3fbcffc82912c3c414e6a63f5b6a36d11ae53c0c0f10a127ee3ccb
Simge versions 1.0 and 2.0 suffer from a database disclosure vulnerability.
5a7412f18df3fc66fa580cfe64da17ee18efc32014688d2e51510de9ee261372
CloudShare version 1.6 suffers from a remote shell upload vulnerability.
0abe220826a82493d6abfa4005f6e2e83165291ef60fd60d795d18f342d1f1ab
This Metasploit module exploits a command injection vulnerability on WiFi Pineapples versions 2.0 and below and pineapple versions prior to 2.4. We use a combination of default credentials with a weakness in the anti-csrf generation to achieve command injection on fresh pineapple devices prior to configuration. Additionally if default credentials fail, you can enable a brute force solver for the proof-of-ownership challenge. This will reset the password to a known password if successful and may interrupt the user experience. These devices may typically be identified by their SSID beacons of 'Pineapple5_....'; details derived from the TospoVirus, a WiFi Pineapple infecting worm.
f541430f19dac4f0494fce74a1f639f98b5978e237ef67e38fdf6c2074172475