[dos] – Winlog Lite SCADA HMI system SEH 0verwrite Vulnerability
Winlog Lite SCADA HMI system SEH 0verwrite Vulnerability
[local] – ActFax 4.31 Local Privilege Escalation Exploit
ActFax 4.31 Local Privilege Escalation Exploit
[webapps] – Disqus Blog Comments Blind SQL Injection Vulnerability
Disqus Blog Comments Blind SQL Injection Vulnerability
[webapps] – Disqus Blog Comments Blind SQL Injection Vulnerability
Disqus Blog Comments Blind SQL Injection Vulnerability
Java 7 Applet Remote Code Execution
This Metasploit module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. The vulnerability seems to be related to the use of the newly introduced ClassFinder#resolveClass in Java 7, which allows the sun.awt.SunToolkit class to be loaded and modified. Please note this flaw is also being exploited in the wild, and there is no patch from Oracle at this point
[webapps] – Conceptronic Grab’n’Go and Sitecom Storage Center Password Disclosure
Conceptronic Grab’n’Go and Sitecom Storage Center Password Disclosure
[remote] – Simple Web Server 2.2-rc2 ASLR Bypass Exploit
Simple Web Server 2.2-rc2 ASLR Bypass Exploit
[papers] – DNS-Based Phishing Attack in Public Hotspots
DNS-Based Phishing Attack in Public Hotspots
[webapps] – RV Shopping Cart CSRF Vulnerability
RV Shopping Cart CSRF Vulnerability