Quantcast
Channel: BOT24
Browsing all 8064 articles
Browse latest View live

AShop 5.4.0 CSRF/XSS Vulnerability

########################################### Exploit Title: AShop 5.4.0 CSRF/XSS Vulnerability# Date: 23-03-2013# Author: DaOne aka Mocking Bird# Vendor Homepage: http://www.ashopsoftware.com/# Software...

View Article


AContent 1.3 Local File Inclusion

##########################################[~] Exploit Title: AContent 1.3 Local File Inclusion[~] Date: 21-03-2013[~] Author: DaOne aka Mocking Bird[~] Vendor Homepage: http://atutor.ca/acontent/[~]...

View Article


Backupbuddy wordpress plugin - sensitive data exposure in importbuddy.php

### Backupbuddy - sensitive data exposure in importbuddy.php## "the premiere WordPress backup plugin to backup, restore and moveWordPress"# http://ithemes.com/purchase/backupbuddy/## known versions...

View Article

JAOW 2.4.8 XSS Vulnerability

############################################# Script Name : JAOW 2.4.8## Version : 2.4.8## Bug Type : XSS vulnerability## Found by : Metropolis## Home : http://metropolis.fr.cr## Discovered :...

View Article

Kaspersky Lab report: Evaluating the threat level of software vulnerabilities

OverviewVulnerable programs are among the most commonplace ways to attack victims and steal personal data. Exploits, pieces of malicious code that utilize vulnerabilities in popular software to infect...

View Article


OSX/Pintsized Backdoor Additional Details

OSX/Pintsized Backdoor Additional DetailsIn complement to my blog post regarding Facebook, Twitter and Apple victims of a watering hole attacks, you will find here under some additional informations...

View Article

XSS vulnerabilities in ZeroClipboard and multiple web applications

In February I've wrote about Cross-Site Scripting vulnerabilities in ZeroClipboard and multiple web applications. This is additional information on this topic.XSS vulnerabilities in...

View Article

Cunity 1.0b - XSS/FileUpload Vulnerabilities

########################################### Exploit Title: Cunity 1.0b - XSS/FileUpload Vulnerabilities# Date: 2013-03-24# Author: DaOne aka Mocking Bird# Vendor Homepage: http://www.cunity.net/#...

View Article


Security Appliance Market Continues to Grow Steadily in Fourth Quarter of...

FRAMINGHAM, Mass.--(BUSINESS WIRE)--According to the International Data Corporation (IDC) Worldwide Quarterly Security Appliance Tracker, both factory revenue and unit shipment growth rose in the...

View Article


Palo Alto Networks Research Shows Real-Time Apps and FTP are Preferred...

Modern Malware Review Shows Traditional Antivirus Struggles To Detect Malware that Actively Avoids DetectionSANTA CLARA, Calif., March 25, 2013 /PRNewswire/ -- Palo Alto Networks™ , the network...

View Article

Dynamsoft's Newest Web TWAIN SDK Improves Security With Sandbox

Dynamic Web TWAIN 9.0 SDK Now Includes Sandbox Mechanism for Added Security by Separating Scanning Devices From BrowsersVANCOUVER, BC--(Marketwire - Mar 25, 2013) -  A new web TWAIN software...

View Article

XSS vulnerability on WP-Banners-Lite (wordpress plugin)

I. Background--------------[-] Affected plugin: WP Banners Lite[-] Plugin Description: The plugin easily allows you to manage adbanners on your site.[-] Plugin URL:...

View Article

IconCool MP3 WAV Converter 3.00 Build 120518 - Stack Buffer Overflow...

# Exploit Title: IconCool MP3 WAV Converter Stack Buffer Overflow Vulnerability# Date: 3/24/2013# Exploit Author: G0li47h# Vendor Homepage: http://www.iconcool.com# Software Link:...

View Article


Mitsubishi MX ActiveX Component v3 (ActUWzd.dll (WzTitle)) - Remote Exploit

<!--Title: Mitsubishi MX Component v3 ActiveX 365+-Day [ActUWzd.dll (WzTitle)]By: Dr_IDEFile:   C:\MELSEC\Act\Control\ActUWzd.dll (Version 1.0.0.1)Known Affected Systems: CitectScada 7.10r1 ships...

View Article

LiquidXML Studio 2010 ActiveX Remote 0-day

<html><object classid='clsid:E68E401C-7DB0-4F3A-88E1-159882468A79' id='target'/></object><script>var sofa = "..\\..\\..\\..\\..\\..\\..\\..\\..\\Documents and Settings\\All...

View Article


LiquidXML Studio 2012 ActiveX Insecure Method Executable File Creation 0-day

<html><object classid='clsid:8AEEAB4A-E1DA-4354-B800-8F0B553770E1' id='target'/></object><script>var sofa = "..\\..\\..\\..\\..\\..\\..\\..\\..\\Documents and Settings\\All...

View Article

How KDE almost lost all 1500 of their Git repositories

Click on the following links......http://jefferai.org/2013/03/24/too-perfect-a-mirror/http://jefferai.org/2013/03/24/screw-the-mirrors/

View Article


ClipShare 4.1.1 (gmembers.php, gid param) - Blind SQL Injection Vulnerability

# Exploit Title: ClipShare 4.1.1 (gmembers.php) Blind SQL Injection Vulnerability# Exploit Author: Esac# Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4# Official site:...

View Article

"Ra1NX" PHP Bot pubcall Authentication Bypass Remote Code Execution

# Exploit Title: "Ra1NX" PHP Bot pubcall Authentication Bypass Remote Code Execution# Date: March 24, 2013# Exploit Author: bwall# Software Link:...

View Article

Remote command injection vulnerability in Rosewill RSVA11001 (Hi3515 based)

I have been hacking on a Rosewill RSVA11001 for a while now, something tosuck up my free time. I had pulled apart the firmware previously but didnot succeed in finding a way to get a shell on the...

View Article
Browsing all 8064 articles
Browse latest View live