>> TAG: #0day

[Persian] Exploiting WordPress Security

Client Side Injection on Web Applications

Free MP3 CD Ripper 2.8 – ‘.wma’ Buffer Overflow (SEH) (DEP Bypass)

Wikidforum 2.20 – ‘select_sort’ SQL Injection

ifwatchd – Privilege Escalation (Metasploit)

FLIR Thermal Traffic Cameras 1.01-0bb5b27 – Information Disclosure

Linux/MIPS (Big Endian) – execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)

360 3.5.0.1033 – Sandbox Escape

Linux/x86 – execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)

Imperva SecureSphere 13 – Remote Command Execution