Simple python exploit that can be used to calculate the Fortigate backdoor password.
>> ARCHIVE: 2016-03
WordPress WP External Links plugin version 1.80 suffers from a cross site scripting vulnerability.
The innovaphone IP222 offers different protocols, like H.323 or SIP, to fulfil the various requirements. The discovered vulnerability was found in the protocol SIP/UDP. Therefore a specially crafted SIP request…
At startup the innovaphone IP222 sends an HTTP request for a special PNG file to the involved server system. After the download has finished, the image is displayed on the…
The innovaphone IP222 provides a password protected administration interface, which can be accessed via a web browser. Although the basic authentication was disabled and instead the digest authentication is used,…
The wireless driver for the Android One (sprout) devices has a bad copy_from_user in the handling for the wireless driver socket private read ioctl IOCTL_GET_STRUCT with subcommand PRIV_CMD_SW_CTRL. This ioctl…
The mip user is already quite privileged, capable of accessing sensitive network data. However, as the child process has supplementary gid contents, there is a very simple privilege escalation to…
An independent vulnerability laboratory researcher discovered multiple cross site scripting vulnerabilities in the official WP External Links v1.80 wordpress plugin.
Joomla Easy Youtube Gallery version 1.0.2 suffers from a remote SQL injection vulnerability.
Joomla iCagenda versions 3.5.5 through 3.5.15 suffer from a cross site scripting vulnerability.