Discourse 2.7.0 – Rate Limit Bypass leads to 2FA Bypass 1 min read Exploit/Advisories Vulnerabilties Discourse 2.7.0 – Rate Limit Bypass leads to 2FA Bypass admin April 21, 2021 # Exploit Title: Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass # Date: 14/01/2021 #...Read More
Cisco RV Authentication Bypass / Code Execution ≈ Packet Storm 5 min read Exploit/Advisories Vulnerabilties Cisco RV Authentication Bypass / Code Execution ≈ Packet Storm admin April 21, 2021 IoT Inspector Research Lab Security Advisory IOT-20210414-0~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~title: Cisco RV series Authentication Bypass and Remote Command Executionvendor/product: Cisco...Read More
Microsoft Windows SCM Remote Access Check Limit Bypass Privilege Escalation 1 min read Exploit/Advisories Vulnerabilties Microsoft Windows SCM Remote Access Check Limit Bypass Privilege Escalation admin April 16, 2021 The access limit check for non-local admins when accessing the SCM remotely can be bypassed by requesting...Read More
Digital Crime Report Management System 1.0 – SQL Injection (Authentication Bypass) 2 min read Exploit/Advisories Vulnerabilties Digital Crime Report Management System 1.0 – SQL Injection (Authentication Bypass) admin April 14, 2021 # Exploit Title: Digital Crime Report Management System 1.0 - SQL Injection (Authentication Bypass) # Date: 13...Read More
Blitar Tourism 1.0 – Authentication Bypass SQLi 1 min read Exploit/Advisories Vulnerabilties Blitar Tourism 1.0 – Authentication Bypass SQLi admin April 13, 2021 # Exploit Title: Blitar Tourism 1.0 - Authentication Bypass SQLi # Date: 13 April 2021 # Exploit...Read More
Simple Student Information System 1.0 – SQL Injection (Authentication Bypass) 1 min read Exploit/Advisories Vulnerabilties Simple Student Information System 1.0 – SQL Injection (Authentication Bypass) admin April 13, 2021 # Exploit Title: Simple Student Information System 1.0 - SQL Injection (Authentication Bypass) # Date: 13 April...Read More
Monospace Directus Headless CMS File Upload / Rule Bypass ≈ Packet Storm 4 min read Exploit/Advisories Vulnerabilties Monospace Directus Headless CMS File Upload / Rule Bypass ≈ Packet Storm admin April 8, 2021 SEC Consult Vulnerability Lab Security Advisory =======================================================================title: Arbitrary File Upload and Bypassing .htaccess Rulesproduct: Monospace...Read More
Basic Shopping Cart 1.0 – Authentication Bypass 1 min read Exploit/Advisories Vulnerabilties Basic Shopping Cart 1.0 – Authentication Bypass admin April 5, 2021 # Exploit Title: Basic Shopping Cart 1.0 - Authentication Bypass # Date: 2021-04-03 # Exploit Author: Viren...Read More
Simple Food Website 1.0 – Authentication Bypass 1 min read Exploit/Advisories Vulnerabilties Simple Food Website 1.0 – Authentication Bypass admin April 5, 2021 # Exploit Title: Simple Food Website 1.0 - Authentication Bypass # Date: 2021-04-03 # Exploit Author: Viren...Read More
Backdoor.Win32.Burbul.b Authentication Bypass / Man-In-The-Middle ≈ Packet Storm 2 min read Exploit/Advisories Vulnerabilties Backdoor.Win32.Burbul.b Authentication Bypass / Man-In-The-Middle ≈ Packet Storm admin April 1, 2021 Discovery / credits: Malvuln – malvuln.com (c) 2021Original source: https://malvuln.com/advisory/3ee4cb2e06eb1f7fe54c89db903f3e7a_B.txtContact: [email protected]: twitter.com/malvuln Threat: Backdoor.Win32.Burbul.bVulnerability: Authentication Bypass MITM...Read More
IRC-Worm.Win32.Jane.a Authentication Bypass / Code Execution ≈ Packet Storm 2 min read Exploit/Advisories Vulnerabilties IRC-Worm.Win32.Jane.a Authentication Bypass / Code Execution ≈ Packet Storm admin March 31, 2021 Discovery / credits: Malvuln – malvuln.com (c) 2021Original source: https://malvuln.com/advisory/2d1d6b0fd55eca12f58b8b6d80f8153f.txtContact: [email protected]: twitter.com/malvuln Threat: IRC-Worm.Win32.Jane.aVulnerability: Authentication Bypass RCEDescription:...Read More
IRC-Worm.Win32.Jane.a Authentication Bypass / Man-In-The-Middle ≈ Packet Storm 2 min read Exploit/Advisories Vulnerabilties IRC-Worm.Win32.Jane.a Authentication Bypass / Man-In-The-Middle ≈ Packet Storm admin March 31, 2021 Discovery / credits: Malvuln – malvuln.com (c) 2021Original source: https://malvuln.com/advisory/2d1d6b0fd55eca12f58b8b6d80f8153f_B.txtContact: [email protected]: twitter.com/malvuln Threat: IRC-Worm.Win32.Jane.aVulnerability: Authentication Bypass MITM...Read More
Project Expense Monitoring System 1.0 Authentication Bypass ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties Project Expense Monitoring System 1.0 Authentication Bypass ≈ Packet Storm admin March 30, 2021 # Exploit Title: Project expense Monitoring System | Create Admin Account Unauthorised# Exploit Author: Richard Jones# Date:...Read More
Backdoor.Win32.Kwak.12 Authentication Bypass / Man-In-The-Middle ≈ Packet Storm 2 min read Exploit/Advisories Vulnerabilties Backdoor.Win32.Kwak.12 Authentication Bypass / Man-In-The-Middle ≈ Packet Storm admin March 27, 2021 Discovery / credits: Malvuln – malvuln.com (c) 2021Original source: https://malvuln.com/advisory/c25393545e5ead3a35996ef9a887bd34_D.txtContact: [email protected]: twitter.com/malvuln Threat: Backdoor.Win32.Kwak.12Vulnerability: Port Bounce ScanDescription:...Read More
Backdoor.Win32.Kwak.12 Authentication Bypass ≈ Packet Storm 2 min read Exploit/Advisories Vulnerabilties Backdoor.Win32.Kwak.12 Authentication Bypass ≈ Packet Storm admin March 26, 2021 Discovery / credits: Malvuln – malvuln.com (c) 2021Original source: https://malvuln.com/advisory/c25393545e5ead3a35996ef9a887bd34_B.txtContact: [email protected]: twitter.com/malvuln Threat: Backdoor.Win32.Kwak.12Vulnerability: Authentication BypassDescription: The...Read More
Backdoor.Win32.Kwak.12 Authentication Bypass / Code Execution ≈ Packet Storm 2 min read Exploit/Advisories Vulnerabilties Backdoor.Win32.Kwak.12 Authentication Bypass / Code Execution ≈ Packet Storm admin March 26, 2021 Discovery / credits: Malvuln – malvuln.com (c) 2021Original source: https://malvuln.com/advisory/c25393545e5ead3a35996ef9a887bd34.txtContact: [email protected]: twitter.com/malvuln Threat: Backdoor.Win32.Kwak.12Vulnerability: Remote Command ExecutionDescription:...Read More
Dolibarr ERP/CRM 11.0.4 Bypass / Code Execution ≈ Packet Storm 4 min read Exploit/Advisories Vulnerabilties Dolibarr ERP/CRM 11.0.4 Bypass / Code Execution ≈ Packet Storm admin March 26, 2021 # Exploit Title: Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE)# Date: 16/06/2020# Exploit Author:...Read More
Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE) 4 min read Exploit/Advisories Vulnerabilties Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE) admin March 25, 2021 # Exploit Title: Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE) # Date: 16/06/2020 #...Read More
FastStone Image Viewer 7.5 – .cur BITMAPINFOHEADER ‘BitCount’ Stack Based Buffer Overflow (ASLR & DEP Bypass) 2 min read Exploit/Advisories Vulnerabilties FastStone Image Viewer 7.5 – .cur BITMAPINFOHEADER ‘BitCount’ Stack Based Buffer Overflow (ASLR & DEP Bypass) admin March 21, 2021 # Exploit title: FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow (ASLR &...Read More
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authentication Bypass ≈ Packet Storm 2 min read Exploit/Advisories Vulnerabilties KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authentication Bypass ≈ Packet Storm admin March 20, 2021 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authentication Bypass Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd.Product...Read More