The OpenID idp software "Barnraiser Prairie" suffers from a directory traversal vulnerability.
1ad81e02ee42a9511c7683f63d96e32a3ce1513c07afe374fd2a2aa94218d4d4
Baby FTP Server version 1.24 suffers from a denial of service vulnerability.
57a30ba98c73848393ea7ef56c626af98d1732a7c4117166d3a53e37bb816e21
A race condition in Sprite Software's backup software on Android devices allows for code execution as root.
7e1b48d28523c995e417a3ba929c6db89dc279830ff6b11b530c719a9d14944c
Debian Linux Security Advisory 2713-1 - Timo Sirainen discovered that cURL, an URL transfer library, is prone to a heap overflow vulnerability due to bad checking of the input data in the curl_easy_unescape function.
2a3177b0decec0b66bb06d3fca3d92f4d480348652de9adecb14f0adf482aa97
Mandriva Linux Security Advisory 2013-176 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The updated packages provides a solution for these security issues.
ae2f3459ec3bdf76b4bab9b9b1aed7e5bb62fecbaa5d70cf041846a180464d66
Slackware Security Advisory - New curl packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-2174.
855af579db0811459acf4ff6e9f91c46f29a0716757bc8ca7f05fa2b305301ff
Linksys X3000 with firmware version 1.0.03 build 001 suffers from cross site scripting and remote command injection vulnerabilities.
9c441bf0e5c4abc193de4dc4b9a32d21f52156309d5de56f97d5e1c801f09e64
AudioCoder version 0.8.22 buffer overflow exploit that pops calc.exe by creation of a malicious .m3u file.
dd2916e920e35dc3720e35aaaed3261a418d87fd6669abdeb2ca23c851d6b1a4
ASUS RT-N66U when HTTPS WebService via AiCloud is enabled suffers from a remote directory traversal vulnerability.
49327cffa6d3c90aec45f8ddba02a4c2918c77baa0ce204bd262799e2497c4bb
FtpLocate version 2.02 suffers from a persistent cross site scripting vulnerability.
f50170d1558b7c6cd4bdb23f353322c660c1d6c3e0685f56eb6928a86999addf
Telnet-Ftp Service Server version 1.0 suffers from a directory traversal vulnerability.
1ad73916558fef59c74842bafc258787784e7a1342ddb2134f8fe975c1300358
This Metasploit module exploits a flaw in the nwfs.sys driver to overwrite data in kernel space. The corruption occurs while handling ioctl requests with code 0x1438BB, where a 0x00000009 dword is written to an arbitrary address. An entry within the HalDispatchTable is overwritten in order to execute arbitrary code when NtQueryIntervalProfile is called. The module has been tested successfully on Windows XP SP3 with Novell Client 4.91 SP4.
02221705500fa599274361e29583fc85f5bc7d9c953dfd6c235f742e5c0948a8
This Metasploit module exploits a vulnerability found in ZPanel's htpasswd module. When creating .htaccess using the htpasswd module, the username field can be used to inject system commands, which is passed on to a system() function for executing the system's htpasswd's command. Please note: In order to use this module, you must have a valid account to login to ZPanel. An account part of any of the default groups should suffice, such as: Administrators, Resellers, or Users (Clients). By default, there's already a 'zadmin' user, but the password is randomly generated.
b0c8395da4e46b664fc003dfc79c486c7be07dfe55feabb0ac541c4e867a7236
Elemata CMS version RC3.0 suffers from a remote SQL injection vulnerability.
443a7fa25dbcb64b6c45d3b60b8d94b3efa8d77348711bef3b594d0ec5f393ff
PodHawk version 1.85 suffers from a remote shell upload vulnerability.
66127ace927c9b025512d07ab5c3b575ddacf360ed2d83034adf295a340d4e7e
TRENDnet TE100-P1U with print server firmware 4.11 suffers from an authentication bypass vulnerability that allows reset to factory settings or IP address change.
b7ef6475979c2c1961911c4513a6c54bf0f40d588de215f5dc1a34f2f4ef99d6
These are the presentation slides given at Hack in Paris 2013 giving tips and tricks for using Burp Suite Pro.
6eb93e4f370bae913fe79dd342c4f800b20b1c02177cbc5a77b10acdf66ce7e3
The CyberKendra Search Bar script suffered from a cross site scripting vulnerability.
4a5361a17f69d745e0fb5aa52190ed508bceb7f198b3fd490a70d9e77ed8a4eb
Sami FTP server version 2.0.1 RETR denial of service exploit.
06d2037acbf61940eff3c2edc3b7de8a6750c62bc7165b179dd58aca0df3784b
Remote root exploit for all Seowonintech devices.
595a7decdc3f52417856da361543526dde0357dd9c1d41fd0828e62432f3bfa8
PEiD version 0.95 memory corruption proof of concept exploitation details.
d53ea6b79606c299c81e860d64d534a6a783b267cc16bf3fda88ca1114fd92d5
FreeBSD 9.0+ privilege escalation exploit that leverages the mmap vulnerability.
a973c83e5edcbbb9daa0f1ee93d7602a34fc84b380f80b2f787c0b16ff88417a
aSc Timetables 2013 suffers from a stack-based buffer overflow vulnerability.
456f8e6a3244e971ad39ce281111d3f8cbb2a46cb66c2ae86b5dc1c3ed95dbb5
Mozilla Firefox browser version 21.0 suffers from a remote denial of service vulnerability when a loop is leveraged against document.write(document.body.innerHTML).
bc819cf7a43da917d125d0cfc0031789e76ca7137c00956f52a39dea1dcda135
In this paper, the author demonstrates how to beat an advanced crackme using an interesting way to calculate the length.
f1f14e176c436b51bba232ca3a853a42254f21cd245f711f08f895f13a1ae639