The Accellion Secure File Transfer SFTP Satellite ships with SSH tunneling enabled. An authorized SFTP user can connect to the SFTP satellite and leverage the SSH tunneling functionality to attack localhost bound ports that are not intended to be exposed externally. By leveraging trust assumptions in the running Rsync daemon, sensitive files including the MySQL root password are retrievable. This password can be used when connecting to the MySQL database, also running on localhost, and the password hashes of all users configured on the server can be retrieved. Accellion released a software update to version FTA_9_8_70 on the 4th of December 2013 which disables SSH tunneling and prevents this issue being exploited.
68bc250d8823491080a18930f81edf603898e7a112a41ce582d30e72238a43bb
Splunk version 6.1.1 suffers from a cross site scripting vulnerability.
7a31ef4fcee869912b77477df42034cdbbb008b74b988e45e6ecd10d53c1f5cc
reg.ebay.com suffered from a cross site scripting vulnerability.
2bce10c659480dadfc71d35f3d359939f8c6abe9c02b2c900470d1756ad5480c
Core FTP Server version 1.2 build 535 32-bit crash proof of concept exploit.
718dbfa32e780909200eb23f74090ac03f5b7d3cf73928a385d99d0e67a07917
The News module in PHP-Nuke version 8.3 suffers from a remote SQL injection vulnerability.
a3dcb3ff99610710137c524c5160bb879d6fde1d17ff511a654c9f5276aa57e5
D-Link DIR-652, DIR-835, DIR-855L, DGL-500, and DHP-1565 suffer from clear text storage of passwords, cross site scripting, and sensitive information disclosure vulnerabilities.
a7668e84297d67c97f777a5d017f21ef288453a895bebdf304e432fe59637710
This is a Metasploit modules that leverages an authenticated arbitrary file upload vulnerability in Dotclear versions 2.6.2 and below.
fa7134cec4517d630b5ea12c4242fbfc9bfb06e0df1b252b0e24e5fa245675a6
WordPress Conversion Ninja plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
0bfb7dbc417cfd5c7380ab708fe11a4521d81a62380978265ae01c7fb6d10f8c
WordPress bib2html plugin version 0.9.3 suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
a4eadb29a9ee0fe5cc72b51220221339d9488e699962c0abddc7b56cc660e24f
CoSoSys Endpoint Protector 4 suffers from remote SQL injection, unauthenticated access, information disclosure, and backdoor vulnerabilities.
ee59c852aa9ec9b54cfb17cac2c30abf6fbb5c230308e6bbdca47b9cb0f61f3e
Dotclear versions 2.6.2 and below suffer from a remote SQL injection vulnerability.
2067441f7e53b38ccded93a55914eb552ab0546ea50c16e0ae0faf9cda833960
Dotclear versions 2.6.2 and below suffer from a remote shell upload vulnerability.
31ef78e04a371a4e90bcaf14ef4a3350c0869ac317a39cdbeb7a37d65897f61e
Dotclear versions 2.6.2 and below suffer from an XML-RPC interface authentication bypass vulnerability.
0ba9c89e27c9ba118a254a769b3bfb910bbbcfd3ba96f87cd6f39126a26f52b7
This is a brief write up that discusses NULL page mitigations on Windows 8 and includes a piece of proof of concept code.
a7d45dd13990e785f7ee6bbec647ae6693fc0348799ef70a34911098b0fb2da6
Binatone DT 850W wireless router suffers from multiple cross site request forgery vulnerabilities.
8d9c3eeed475845a253f821c47a2ce2c767601f741f279d533f68fce54e765dc
Easy Address Book Web Server version 1.6 suffers from a stack buffer overflow vulnerability.
eb3749421af48dd72ae5531d12a661999239e19e1c8b9971b9aeb7d94178bfa8
Easy File Management Web Server version 5.3 suffers from a stack buffer overflow vulnerability.
01960135cf899303cf1fae8be238f11e79604d56f7f20d97c009897fa7e524b9
Web Terra version 1.1 suffers from a remote command execution vulnerability in books.cgi. Note that this finding houses site-specific data.
2eea2813384c03daef38cb12e58fd3f3705c6955ae3cf743c539dca6cd3c4575
WordPress Booking System (Booking Calendar) plugin versions prior to 1.3 suffer from a remote SQL injection vulnerability.
560cfabaaf99cea066648aa76f26ae607e277548fb3dcb5c30e5c6a8952a701f
WordPress Simple Popup plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
8e827ce27070a9e0bfe5c5c3687047b5aa71caeccf9f16b658eb69634b193ce5
BSS Continuity CMS version 4.2.22640.0 suffers from a remote blind SQL injection vulnerability.
43feb3cbd99eaefa88765c3c9103eabad8285af84513ee137eec680d6360a86e
BSS Continuity CMS version 4.2.22640.0 suffers from a remote code execution vulnerability via an unauthenticated file upload.
f64096d831fab8b5daddf9da0cef7ef566ab842ef369e375cbf0cbd1cc51fd22
BSS Continuity CMS version4.2.22640.0 suffers from a direct access bypass vulnerability.
e3ab30109477b8b881798256ebec26615cccca5ae9a61b5ba335a7b9e3e124c4
DIR-605L suffers from password disclosure and authentication bypass vulnerabilities.
34ebc0a7494b884a027be858fbef805a053014d262af42c2fac420268583749f
Artikel CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
29b2e71cf0e6d4b0890cf06eccdc9b57dff712a333e877aaf3ad3f221e394afe