Imperva SecureSphere 11.5 / 12.0 / 13.0 Privilege Escalation
Posted by deepcore under exploit (No Respond)
Imperva SecureSphere versions 11.5, 12.0, and 13.0 suffer from a privilege escalation vulnerability.
Archive for August, 2018
Sun Solaris 11.3 AVS Local Kernel Root
Posted by deepcore under exploit (No Respond)
Sun Solaris versions 10 and 11.3 and below local kernel root exploit.
Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation
Posted by deepcore under exploit (No Respond)
This Metasploit module attempts to gain root privileges on Linux systems by abusing UDP Fragmentation Offload (UFO). This exploit targets only systems using Ubuntu (Trusty / Xenial) kernels 4.4.0-21 <= 4.4.0-89 and 4.8.0-34 <= 4.8.0-58, including Linux distros based on Ubuntu, such as Linux Mint. The target system must have unprivileged user namespaces enabled and […]
Universal Media Server 7.1.0 XML Injection
Posted by deepcore under exploit (No Respond)
Universal Media Server version 7.1.0 suffers from an XML external entity injection vulnerability in SSDP processing.
[webapps] cgit < 1.2.1 – 'cgit_clone_objects()' Directory Traversal
Posted by deepcore under Security (No Respond)
[webapps] PHP Template Store Script 3.0.6 – Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[local] Wedding Slideshow Studio 1.36 – Buffer Overflow
Posted by deepcore under Security (No Respond)
[shellcode] Linux/x86 – Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell (/bin/sh) + Null-Free + IPv6 Shellcode (86 bytes)
Posted by deepcore under Security (No Respond)
Linux/x86 – Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell (/bin/sh) + Null-Free + IPv6 Shellcode (86 bytes)
Tags: 0day, remote exploit[webapps] Entrepreneur Job Portal Script 3.0.1 – Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[webapps] Basic B2B Script 2.0.0 – Cross-Site Scripting
Posted by deepcore under Security (No Respond)