Результаты поиска

Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in posix_spawn on 32-bit Platforms posix_spawn is a complex syscall which takes a lot of arguments from userspace. The third argument is a pointer to a further arguments descriptor in userspace with the following...

Apple macOS/iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime Management in IOTimeSyncClockManagerUserClient /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1377 IOTimeSyncClockManagerUserClient provides the userspace interface for the...

Apple macOS - 'getrusage' Stack Leak Through struct Padding /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1405 For 64-bit processes, the getrusage() syscall handler converts a `struct rusage` to a `struct user64_rusage` using `munge_user64_rusage()`, then copies the...

Apple macOS/iOS - Kernel Double Free due to IOSurfaceRootUserClient not Respecting MIG Ownership Rules I have previously detailed the lifetime management paradigms in MIG in the writeups for: CVE-2016-7612 [https://bugs.chromium.org/p/project-zero/issues/detail?id=926] and CVE-2016-7633...

Apple macOS XNU Kernel - Memory Disclosure due to bug in Kernel API for Detecting Kernel Memory Disclosures /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1372 the kernel libproc API proc_list_uptrs has the following comment in it's userspace header: /* * Enumerate...

Muslim Matrimonial Script 3.02 - 'succid' SQL Injection # # # # # # Exploit Title: Muslim Matrimonial Script 3.02 - SQL Injection # Dork: N/A # Date: 10.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link: https://www.phpscriptsmall.com/product/matrimonial-script/ #...

Resume Clone Script 2.0.5 - SQL Injection # # # # # # Exploit Title: Resume Clone Script 2.0.5 - SQL Injection # Dork: N/A # Date: 10.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link: https://www.phpscriptsmall.com/product/resume-builder-script/ # Version: 2.0.5 #...

Vanguard 1.4 - SQL Injection # # # # # # Exploit Title: Vanguard - Marketplace Digital Products PHP 1.4 - SQL Injection # Dork: N/A # Date: 11.12.2017 # Vendor Homepage: https://www.codegrape.com/user/Vanguard/portfolio # Software Link...

Apple macOS - 'necp_get_socket_attributes' so_pcb Type Confusion /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1392&desc=2 When getsockopt() [edited; original report said "setsockopt"] is called on any socket with level SOL_SOCKET and optname SO_NECP_ATTRIBUTES...

MLM Forced Matrix 2.0.9 - 'newid' SQL Injection # # # # # # Exploit Title: MLM Forced Matrix 2.0.9 - SQL Injection # Dork: N/A # Date: 10.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link: https://www.phpscriptsmall.com/product/mlm-forced-matrix/ # Version: 2.0.9 #...

Car Rental Script 2.0.4 - 'val' SQL Injection # # # # # # Exploit Title: Car Rental Script 2.0.4 - SQL Injection # Dork: N/A # Date: 10.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link: https://www.phpscriptsmall.com/product/car-rental-script/ # Version: 2.0.4 #...

Groupon Clone Script 3.01 - 'state_id' / 'search' SQL Injection # # # # # # Exploit Title: Groupon Clone Script 3.01 - 'state_id' 's' SQL Injection # Dork: N/A # Date: 10.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link...

Multiplex Movie Theater Booking Script 3.1.5 - 'moid' / 'eid' SQL Injection # # # # # # Exploit Title: Multiplex Movie Theater Booking Script 3.1.5 - SQL Injection # Dork: N/A # Date: 09.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link...

Single Theater Booking Script 3.2.1 - 'findcity.php?q' SQL Injection # # # # # # Exploit Title: Single Theater Booking Script 3.2.1 - SQL Injection # Dork: N/A # Date: 09.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link...

Advanced Real Estate Script 4.0.7 - SQL Injection # # # # # # Exploit Title: Advanced Real Estate Script 4.0.7 - SQL Injection # Dork: N/A # Date: 10.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link: https://www.phpscriptsmall.com/product/advanced-real-estate-script/...

Responsive Realestate Script 3.2 - 'property-list?tbud' SQL Injection # # # # # # Exploit Title: Responsive Realestate Script 3.2 - SQL Injection # Dork: N/A # Date: 09.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link...

Multireligion Responsive Matrimonial 4.7.2 - 'succid' SQL Injection # # # # # # Exploit Title: Multireligion Responsive Matrimonial 4.7.2 - SQL Injection # Dork: N/A # Date: 09.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link...

Responsive Events & Movie Ticket Booking Script 3.2.1 - 'findcity.php?q' SQL Injection # # # # # # Exploit Title: Responsive Events & Movie Ticket Booking Script 3.2.1 - SQL Injection # Dork: N/A # Date: 09.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link...

Professional Service Script 1.0 - 'service-list?city' SQL Injection # # # # # # Exploit Title: Professional Service Script 1.0 - SQL Injection # Dork: N/A # Date: 09.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link...

Readymade PHP Classified Script 3.3 - 'subctid' / 'mctid' SQL Injection # # # # # # Exploit Title: Readymade PHP Classified Script 3.3 - SQL Injection # Dork: N/A # Date: 09.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link...

Readymade Video Sharing Script 3.2 - SQL Injection # # # # # # Exploit Title: Readymade Video Sharing Script 3.2 - SQL Injection # Dork: N/A # Date: 09.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link: https://www.phpscriptsmall.com/product/php-video-sharing-script/...

Online Exam Test Application Script 1.6 - 'exams.php?sort' SQL Injection # # # # # # Exploit Title: Online Exam Test Application Script 1.6 - 'Exams.php 'sort' SQL Injection # Dork: N/A # Date: 08.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link...

Opensource Classified Ads Script 3.2 - SQL Injection <!-- # # # # # # Exploit Title: Opensource Classified Ads Script 3.2 - SQL Injection # Dork: N/A # Date: 09.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link...

PHP Multivendor Ecommerce 1.0 - 'sid' / 'searchcat' / 'chid1' SQL Injection # # # # # # Exploit Title: PHP Multivendor Ecommerce 1.0 - SQL Injection # Dork: N/A # Date: 09.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link...

Secure E-commerce Script 2.0.1 - 'searchcat' / 'searchmain' SQL Injection # # # # # # Exploit Title: Secure E-commerce Script 2.0.1 - SQL Injection # Dork: N/A # Date: 09.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link...