TestLink 1.9.13 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
TestLink version 1.9.13 suffers from multiple cross site scripting vulnerabilities.
Archive for October, 2015
Microsoft Office 2007 And 2010 RTF Frmtxtbrl EIP Corruption
Posted by deepcore under exploit (No Respond)
This proof of concept shows a crash that was observed in MS Office 2007 running under Windows 2003 x86. Microsoft Office File Validation Add-In is disabled and application verified was enabled for testing and reproduction. This sample also reproduced in Office 2010 running on Windows 7 x86. It did not reproduce in Microsoft Office 2013 […]
Kallithea 0.2.9 HTTP Response Splitting
Posted by deepcore under exploit (No Respond)
Kallithea suffers from a HTTP header injection (response splitting) vulnerability because it fails to properly sanitize user input before using it as an HTTP header value via the GET ‘came_from’ parameter in the login instance. This type of attack not only allows a malicious user to control the remaining headers and body of the response […]
ManageEngine ServiceDesk Plus Arbitrary File Upload
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a file upload vulnerability in ManageEngine ServiceDesk Plus. The vulnerability exists in the FileUploader servlet which accepts unauthenticated file uploads. This Metasploit module has been tested successfully on versions v9 b9000 – b9102 in Windows and Linux. The MSP versions do not expose the vulnerable servlet.
Watermark Master Buffer Overflow (SEH)
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a stack based buffer overflow in Watermark Master 2.2.23 when processing a specially crafted .WCF file. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing a user of Watermark Master to open a malicious .WCF file.
WebComIndia CMS 2015Q4 – Auth Bypass Vulnerability
Posted by deepcore under exploit (No Respond)
An independent vulnerability laboratory researcher discovered an auth bypass vulnerability in the official WebComIndia Content Management System (web-application).
[webapps] – Zope Management Interface 4.3.7 – CSRF Vulnerabilities
Posted by deepcore under Security (No Respond)
W150D wireless N 150 ADSL2+ Modem Router
Posted by deepcore under exploit (No Respond)
An independent vulnerability laboratory researcher discovered a remote cross site request forgery issue in the official W150D wireless N 150 ADSL2+ Modem Routers.
FreeYouTubeToMP3 Converter 4.0.1 – Buffer Overflow
Posted by deepcore under exploit (No Respond)
An independent vulnerability laboratory researcher discovered a local buffer overflow vulnerability in the official Free Youtube To MP3 Converter v4.0.1 software.
Secure MFT Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
Secure MFT versions 2013 R3, 2014 R1/R2, and 2015 R1 suffer from a cross site request forgery vulnerability.
