>> CATEGORY: Security

Xitami Web Server 2.5 – Remote Buffer Overflow (SEH + Egghunter)

PHPads 2.0 – ‘click.php3?bannerID’ SQL Injection

microASP (Portal+) CMS – ‘pagina.phtml?explode_tree’ SQL Injection

Linux/x86 – Multiple keys XOR Encoder / Decoder execve(/bin/sh) Shellcode (59 bytes)

Linux/x86 – shred file Shellcode (72 bytes)

NSClient++ 0.5.2.35 – Privilege Escalation

iOS 12.1.3 – ‘cfprefsd’ Memory Corruption

LG Supersign EZ CMS – Remote Code Execution (Metasploit)

ReadyAPI 2.5.0 / 2.6.0 – Remote Code Execution

Instagram Auto Follow – Authentication Bypass