DirectAdmin web control panel version 1.483 suffers from cross site request forgery and cross site scripting vulnerabilities.
>> AUTHOR: deepcore
Autoexchanger version 5.1.0 suffers from a cross site request forgery vulnerability.
The Qlikview platform is vulnerable to XML External Entity (XXE) vulnerabilities. More specifically, the platform is susceptible to DTD parameter injections, which are also “blind” as the server feeds back…
Linux/x86 – execve(/bin/bash) – 31 bytes
php – cgimode fpm writeprocmemfile bypass disable function demo
OS X Install.framework Arbitrary mkdir, unlink and chown to admin Group
OS X Install.framework suid Helper Privilege Escalation
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a…
Disconnect.me versions 2.0 and below suffer from a local privilege escalation vulnerability on Mac OS X.
Linux/x86 – execve(“/bin/cat”, [“/bin/cat”, “/etc/passwd”], NULL)