Результаты поиска

Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path Tested on 19.10. Ubuntu's aufs kernel patch includes the following change (which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c)...

Microsoft Windows - Global Reparse Point Security Feature Bypass/Elevation of Privilege Windows: Global Reparse Point Security Feature Bypass/Elevation of Privilege Platform: Windows 10 1709 (functionality not present prior to this version) Class: Security Feature Bypass/Elevation of Privilege...

Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfs Tested on Ubuntu 19.10, kernel "5.3.0-19-generic #20-Ubuntu". Ubuntu ships a filesystem "shiftfs" in fs/shiftfs.c in the kernel tree that doesn't exist upstream. This filesystem can be mounted from user namespaces, meaning that...

Oracle Primavera P6 Enterprise Project Portfolio Management - HTTP Response Splitting # Exploit Title: Oracle Primavera P6 Enterprise Project Portfolio Management HTTP Response Splitting # Date: 16-02-2018 # Exploit Author: Marios Nicolaides - RUNESEC # Reviewers: Simon Loizides and Nicolas...

Cisco Prime Infrastructure Health Monitor HA TarArchive - Directory Traversal / Remote Code Execution #!/usr/bin/python """ Cisco Prime Infrastructure Health Monitor HA TarArchive Directory Traversal Remote Code Execution Vulnerability Steven Seeley (mr_me) of Source Incite - 2019 SRC...

Microsoft Windows Kernel - 'nt!RtlpCopyLegacyContextX86' Stack Memory Disclosure /* We have discovered a new Windows kernel memory disclosure vulnerability in the creation and copying of a CONTEXT structure to user-mode memory. Two previous bugs in the nearby code area were reported in issues...

Joomla! Component ccNewsletter 2.x.x 'id' - SQL Injection # # # # # Exploit Title: Joomla Component ccNewsletter 2.x.x 'id' - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: https://www.chillcreations.com/ # Software Link: https://extensions.joomla.org/extension/ccnewsletter/ #...

PHIMS - Hospital Management Information System - 'Password' SQL Injection # Exploit Title: PHIMS - Hospital Management Information System - 'Password' SQL Injection # Dork: N/A # Date: 2018-02-16 # Exploit Author: Borna nematzadeh (L0RD) or [email protected] # Vendor Homepage...

PSNews Website 1.0.0 - 'Keywords' SQL Injection # Exploit Title: PSNews Website (Same Backend with Mobile Apps) 1.0.0 - 'Keywords' SQL Injection # Dork: N/A # Date: 2018-02-16 # Exploit Author: Borna nematzadeh (L0RD) or [email protected] # Vendor Homepage...

Joomla! Component Staff Master 1.0 RC 1 - SQL Injection # # # # # Exploit Title: Joomla! Component Staff Master <= 1.0 RC 1 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: http://www.systemsunited.net/ # Software Link: http://www.systemsunited.net/ # Version: <= 1.0 RC 1 #...

Joomla! Component Timetable Responsive Schedule For Joomla! 1.5 - 'alias' SQL Injection # # # # # Exploit Title: Joomla! Component Timetable Responsive Schedule For Joomla 1.5 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: http://quanticalabs.com/joomla/ # Software Link...

Joomla! Pinterest Clone Social Pinboard 2.0 - SQL Injection # # # # # Exploit Title: Joomla! Pinterest Clone Social Pinboard 2.0 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: https://www.apptha.com/ # Software Link: https://www.apptha.com/joomla/social-pinboard-script #...

Joomla! Component NeoRecruit 4.1 - SQL Injection # # # # # Exploit Title: Joomla! Component NeoRecruit 4.1 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: http://neojoomla.com/ # Software Link...

Joomla! Component Project Log 1.5.3 - 'search' SQL Injection # # # # # Exploit Title: Joomla! Component Project Log 1.5.3 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: https://extensions.thethinkery.net/ # Software Link...

Joomla! Component Smart Shoutbox 3.0.0 - SQL Injection # # # # # Exploit Title: Joomla! Component Smart Shoutbox 3.0.0 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: https://thekrotek.com/ # Software Link: https://extensions.joomla.org/extension/smart-shoutbox/ # Version...

Joomla! Component JomEstate PRO 3.7 - 'id' SQL Injection # # # # # Exploit Title: Joomla! Component JomEstate PRO <= 3.7 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: http://comdev.eu/ # Software Link...

Joomla! Component JquickContact 1.3.2.2.1 - SQL Injection # # # # # Exploit Title: Joomla! Component JquickContact 1.3.2.2.1 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor: http://coderspirit.blogspot.com.tr/2011/07/jquickcontact.html # Software...

Joomla! Component JTicketing 2.0.16 - SQL Injection # # # # # Exploit Title: Joomla! Component JTicketing 2.0.16 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: https://techjoomla.com/ # Software Link...

Joomla! Component InviteX 3.0.5 - 'invite_type' SQL Injection # # # # # Exploit Title: Joomla! Component InviteX 3.0.5 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: http://techjoomla.com/ # Software Link...

Joomla! Component JB Bus 2.3 - 'order_number' SQL Injection # # # # # Exploit Title: Joomla! Component JB Bus 2.3 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: http://joombooking.com/ # Software Link...

Joomla! Component jGive 2.0.9 - SQL Injection # # # # # Exploit Title: Joomla! Component JGive 2.0.9 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: http://techjoomla.com/ # Software Link: https://extensions.joomla.org/extensions/extension/e-commerce/donations/jgive/ #...

eMerge E3 Access Controller 4.6.07 - Remote Code Execution (Metasploit) # Exploit Title: eMerge E3 Access Controller 4.6.07 - Remote Code Execution (Metasploit) # Google Dork: NA # Date: 2018-11-11 # Exploit Author: LiquidWorm # Vendor Homepage...

Joomla! Component Form Maker 3.6.12 - SQL Injection # # # # # Exploit Title: Joomla! Component Form Maker 3.6.12 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: http://demo.web-dorado.com/ # Software Link...

Joomla! Component Gallery WD 1.3.6 - SQL Injection # # # # # Exploit Title: Joomla! Component Gallery WD 1.3.6 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: https://web-dorado.com/ # Software Link...

Joomla! Component Google Map Landkarten 4.2.3 - SQL Injection # # # # # Exploit Title: Joomla! Component Google Map Landkarten <= 4.2.3 - SQL Injection # Dork: N/A # Date: 16.02.2018 # Vendor Homepage: http://www.joomla-24.de/ # Software Link...