Cryptocat Arbitrary Script Injection Vulnerability
>> AUTHOR: deepcore
Cryptocat Arbitrary Script Injection Vulnerability
QNap QVR Client 5.1.0.11290 – Crash PoC
The Vulnerability Laboratory Research Team discovered an application-side file input validation web vulnerability in the official Magento Commerce (Bug Tracking) web-application.
WordPress plugin Neuvoo-Jobroll version 2.0 suffers from a reflective cross site scripting vulnerability.
Various Ubiquiti Networks products suffer from having hardcoded keys and also having remote management interfaces enabled that can be leveraged by these credentials.
Cryptocat versions prior to 2.0.22 are vulnerability to a script injection vulnerability.
OpenSSL alternative chains certificate forgery exploit that has been tested on OpenSSL 1.0.2c, 1.0.2b, 1.0.1o, 1.0.1n, and Fedora 22 (1.0.1k-fips). This is a stand-alone ruby exploit and does not require…
Java Secure Socket Extension (JSSE) SKIP-TLS exploit that has been tested on JDK 8u25 and 7u72. This is a stand-alone ruby exploit and does not require Metasploit.
This Metasploit module takes advantage of the China Chopper Webshell that is commonly used by Chinese hackers.
NXFilter 3.0.3 – Multiple XSS Vulnerabilities