Tizen Studio 1.3 Smart Development Bridge Buffer Overflow
Posted by deepcore under exploit (No Respond)
Tizen Studio version 1.3 Smart Development Bridge versions prior to 2.3.2 buffer overflow proof of concept exploit.
Archive for October, 2017
Android Private Internet Access Denial Of Service
Posted by deepcore under exploit (No Respond)
The Android application provided by Private Internet Access (PIA) VPN service can be crashed by downloading a large file containing a list of current VPN servers. This can be exploited by an MITM attacker via intercepting and replacing this file. While the file is digitally signed, it is not served over SSL and the application […]
[remote] MitraStar DSL-100HN-T1/GPT-2541GNAC – Privilege Escalation
Posted by deepcore under Security (No Respond)
[webapps] PHP Melody 2.6.1 – SQL Injection
Posted by deepcore under Security (No Respond)
HitmanPro 3.7.15 Build 281 Kernel Pool Overflow
Posted by deepcore under exploit (No Respond)
HitmanPro version 3.7.15 Build 281 kernel pool overflow exploit.
[dos] Tizen Studio 1.3 Smart Development Bridge <2.3.2 – Buffer Overflow (PoC)
Posted by deepcore under Security (No Respond)
Windows NTLM Auth Hash Disclosure / Denial Of Service
Posted by deepcore under exploit (No Respond)
Under certain circumstances a shared folder on Windows can be abused remotely to obtain the user credentials and to freeze the machine.
KeystoneJS 4.0.0-beta.5 Unauthenticated CSV Injection
Posted by deepcore under exploit (No Respond)
KeystoneJS version 4.0.0-beta.5 suffers from an unauthenticated CSV injection vulnerability in admin/server/api/download.js and lib/list/getCSVData.js.
KeystoneJS 4.0.0-beta.5 Unauthenticated Stored Cross Site Scripting
Posted by deepcore under exploit (No Respond)
KeystoneJS version 4.0.0-beta.5 suffers from an unauthenticated stored cross site scripting vulnerability.
FS Realtor Clone SQL Injection
Posted by deepcore under exploit (No Respond)
FS Realtor Clone suffers from a remote SQL injection vulnerability.