Результаты поиска

PHP Classifieds Rental Script - Blind SQL Injection [x]========================================================================================================================================[x] | Title : PHP Classifieds Rental Script Blind SQL Vulnerabilities | Software : PHP Classifieds...

B2B Portal Script - Blind SQL Injection [x]========================================================================================================================================[x] | Title : B2B Portal Script Blind SQL Vulnerabilities | Software : B2B Portal Script | Vendor ...

MLM Unilevel Plan Script 1.0.2 - SQL Injection ###################### # Application Name : MLM Unilevel Plan Script v1.0.2 # Exploit Author : Cyber Warrior | Bug Researchers Group | N4TuraL # Author Contact : https://twitter.com/byn4tural # Vendor Homepage : http://www.i-netsolution.com/ #...

Fortitude HTTP 1.0.4.0 - Unquoted Service Path Privilege Escalation # Exploit Title: Fortitude HTTP 1.0.4.0 Unquoted Service Path Elevation of Privilege # Date: 05/10/2016 # Exploit Author: Tulpa # Contact: [email protected] # Author website: www.tulpa-security.com # Author twitter...

Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution KL-001-2016-007 : Cisco Firepower Threat Management Console Remote Command Execution Leading to Root Access Title: Cisco Firepower Threat Management Console Remote Command Execution Leading to Root Access Advisory ID...

Advance MLM Script - SQL Injection [x]========================================================================================================================================[x] | Title : Advance MLM Script SQL Vulnerabilities | Software : Advance MLM Script | Vendor ...

Disk Savvy Enterprise 9.0.32 - 'Login' Remote Buffer Overflow #!/usr/bin/python print "Disk Savvy Enterprise 9.0.32 Buffer Overflow Exploit" print "Author: Tulpa / tulpa[at]tulpa-security[dot]com" #Author website: www.tulpa-security.com #Author twitter: @tulpa_security #Exploit will land...

WebRTC - FEC Out-of-Bounds Read There is an out-of-bounds read in FEC processing in WebRTC. If a very short RTP packet is received, FEC will assume the packet is longer and process data outside of the allocated buffer. This bug causes the following ASAN crash: ==109993==ERROR...

Abyss Web Server X1 2.11.1 - Unquoted Service Path Privilege Escalation # Exploit Title: Abyss Web Server X1 2.11.1 Multiple Local Privilege Escalation # Date: 05/10/2016 # Exploit Author: Tulpa # Contact: [email protected] # Author website: www.tulpa-security.com # Author twitter...

NICO-FTP 3.0.1.19 - Buffer Overflow (SEH) # Exploit Title: NICO-FTP 3.0.1.19 - Buffer Overflow (SEH) # Author: Abdullah Alıç # Date: 2018-09-04 # Software link: https://en.softonic.com/download/nico-ftp/windows/post-download # Tested Version: 3.0.1.19 # Vulnerability Type: Buffer Overflow...

Disk Sorter Enterprise 9.0.24 - 'Login' Remote Buffer Overflow #!/usr/bin/python print "Disk Sorter Enterprise 9.0.24 Buffer Overflow Exploit" print "Author: Tulpa / tulpa[at]tulpa-security[dot]com" #Author website: www.tulpa-security.com #Author twitter: @tulpa_security #Exploit will land...

WebRTC - VP9 Processing Use-After-Free There is a use-after-free in VP9 processing in WebRTC. In the method RtpFrameReferenceFinder::ManageFrameVp9 the following code occurs: auto gof_info_it = gof_info_.find((codec_header.temporal_idx == 0) ...

VX Search Enterprise 9.0.26 - 'Login' Remote Buffer Overflow #!/usr/bin/python print "VX Search Enterprise 9.0.26 Buffer Overflow Exploit" print "Author: Tulpa / tulpa[at]tulpa-security[dot]com" #Author website: www.tulpa-security.com #Author twitter: @tulpa_security #Exploit will land you...

Sync Breeze Enterprise 8.9.24 - 'Login' Remote Buffer Overflow #!/usr/bin/python print "Sync Breeze Enterprise 8.9.24 Buffer Overflow Exploit" print "Author: Tulpa / tulpa[at]tulpa-security[dot]com" #Author website: www.tulpa-security.com #Author twitter: @tulpa_security #Exploit will land...

Dup Scout Enterprise 9.0.28 - 'Login' Remote Buffer Overflow #!/usr/bin/python print "Dup Scout Enterprise 9.0.28 Buffer Overflow Exploit" print "Author: Tulpa / tulpa[at]tulpa-security[dot]com" #Author website: www.tulpa-security.com #Author twitter: @tulpa_security #Exploit will land you...

Apache Tomcat 8/7/6 (Debian-Based Distros) - Local Privilege Escalation ============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid (at) legalhackers.com - CVE-2016-1240 - Release date: 30.09.2016 - Revision: 1 - Severity: High...

Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' require 'msf/core/post/windows/reflective_dll_injection' require 'rex'...

Disk Pulse Enterprise 9.0.34 - 'Login' Remote Buffer Overflow #!/usr/bin/python print "Disk Pulse Enterprise 9.0.34 Buffer Overflow Exploit" print "Author: Tulpa // tulpa[at]tulpa-security[dot]com" #Author website: www.tulpa-security.com #Author twitter: @tulpa-security.com #Exploit will...

Microsoft Windows - Double Dereference in NtEnumerateKey Elevation of Privilege Windows: Double Dereference in NtEnumerateKey Elevation of Privilege Platform: Windows 10 1803 (not vulnerable in earlier versions) Class: Elevation of Privilege Summary: A number of registry system calls do not...

Google Android - Insufficient Binder Message Verification Pointer Leak Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=860 When frameworks/native/libs/binder/Parcel.cpp reads e.g. a string from a parcel, it does not verify that the string doesn't overlap with any byte range...

[Hebrew] Digital Whisper Security Magazine #76 40447.pdf

Microsoft Windows - 'CiSetFileCache' WDAC Security Feature Bypass TOCTOU Windows: CiSetFileCache TOCTOU CVE-2017-11830 Variant WDAC Security Feature Bypass Platform: Windows 10 1803, 1709 (should include S-Mode but not tested) Class: Security Feature Bypass Summary: While the TOCTOU attack...

[Turkish] Wireshark - Important Tips 40448.pdf

Microsoft Edge Chakra - 'PathTypeHandlerBase::SetAttributesHelper' Type Confusion /* Here's a snippet of PathTypeHandlerBase::SetAttributesHelper. PathTypeHandlerBase *predTypeHandler = this; DynamicType *currentType = instance->GetDynamicType(); while (predTypeHandler->GetPathLength() >...

Microsoft Edge Chakra JIT - 'localeCompare' Type Confusion /* A call to the String.prototype.localeCompare method can be inlineed when it only takes one argument. There are two versions of String.prototype.localeCompare, one [1] is written in JavaScript and the other [2] is written in C++...