| Email address | private |
|---|---|
| Website | hyp3rlinx.altervista.org |
| First Active | 2015-04-28 |
| Last Active | 2024-02-19 |
ServersCheck Monitoring Software versions up through 14.3.3 suffer from a remote SQL injection vulnerability.
b267f07255ac1f9527b94b152495c2752caa4c5090beb524c804d4da1757120bServersCheck Monitoring Software versions up through 14.3.3 suffer from a cross site scripting vulnerability.
f72e50d49c38f1006ec46a87b034d9463e5d15724a14d0dd13e5b11b88e2ed16ServersCheck Monitoring Software versions up through suffer from arbitrary file write and denial of service vulnerabilities.
4ebead7b46a1d1e991394ad4c30c83330e9888c182a2de36c0ae44b6fcbbb87fNoMachine versions 5.3.26 and below suffer from a remote code execution vulnerability when opening a malicious .nxs file.
1b35177650389c33ae56cc8a7bfc0f37b1381c480d455e0ac5f3f9a8f29f8109Microsoft SQL Server Management Studio versions 17.9 and 18.0 Preview 4 suffer from an xmla filetype XML external entity injection vulnerability.
c204b8390aa9f3b452e1248505da6264f3d2333ca13b0895970c7c2e82d93bf3Microsoft SQL Server Management Studio versions 17.9 and 18.0 Preview 4 suffer from a xel filetype XML external entity injection vulnerability.
93aab3236ff7d54aeab41cf83d03f402cc82c23cf19f453cdd7db1821b733da2Microsoft SQL Server Management Studio versions 17.9 and 18.0 Preview 4 suffer from a REGSRVR filehandling XML external entity injection vulnerability.
056dfb5ca8dca223e9be7f8bbb151f47aefc000fd84aac30d7381391c2ca68f2Microsoft Baseline Security Analyzer version 2.3 suffers from an XML external entity injection vulnerability.
93c391e34088d358a2e2c716523db9450646ff3ced21181d0a85858a46bc542dThis whitepaper analyzes a privilege escalation vulnerability in the Microsoft .NET framework as noted in MS15-118.
37605f7265366b26d005c46be12096813840fb17786c601c6585fed013b9fe08FsPro Labs Event Log Explorer version 4.6.1.2115 suffers from an XML external entity injection vulnerability.
7370194c8c75285bc775dd883ff1fc5da0a15f241d3f7b393d5020381a34ebd3Argus Surveillance DVR version 4.0.0.0 suffers from a SYSTEM privilege escalation vulnerability.
ca718895c6670eb1498a9f11f4fff6d2a46291897fe693f0d13d92bf25fd71f6Argus Surveillance DVR version 4.0.0.0 suffers from file disclosure and traversal vulnerabilities.
a9a42e3f1d624723ce2e6a7d07ba018b7f53307e1044b0fcf7c8770660e5cf2bThe Microsoft DirectX SDK "Xact3.exe" cross-platform tool allows for arbitrary code execution via a trojan horse file "xbdm.dll" in the current working directory, upon opening a ".xap" project file from the same location.
772fc0e677d082450dd9185bf46ea003b1ec398fd60589535bf373b0ed30300aMicrosoft's dnslint.exe tool does not verify domain names when parsing DNS text-files using the "/ql" switch making it prone to forced drive-by downloads, providing an end user is tricked into using a server text-file containing a script/binary reference instead of a normally expected domain name.
960a25eea990a9902d14efab4e3a34f0474b74b37170712fc6197db3c937a15eMicrosoft Windows Enterprise Mode Site List Manager versions 1 and 2 suffer from an XML external entity injection vulnerability.
5ea4ce1803fb58a81a4249efcc762b9ac4cf0a56d2a221f4bec1ed38ef34637dLibrary description files are XML files that define libraries. Libraries aggregate items from local and remote storage locations into a single view in Windows Explorer. Library description files follow the Library Description schema and are saved as *.library-ms files. The .library-ms filetype triggers forced authentication when a user/client accesses a remote share that houses an attacker supplied ".library-ms" file, disclosing credential hashes and other identifiable computer informations.
5a487357b727608fcaf8c888682dc65e0c920720125c20e8e1ac074682b2b0eeEnhanced Mitigation Experience Toolkit (EMET) suffers from an XML external entity injection vulnerability.
3c08157d0dbe4a20e63be8aea501b3215829f3fc524aa2ac12bc83298e71d447Polaris Office 2017 version 8.1 allows attackers to execute arbitrary code via a trojan horse "puiframeworkproresenu.dll" file in the current working directory, due to a search order flaw vulnerability.
988220d8a0264edc45ec0aa0ac0b56815a4ed2982e90beeed521161d2f094034OfficeScan XG version 11.0 suffers from an unauthorized change prevention bypass vulnerability.
32dc9c5686796d41853c8b27d1d4b50ef583c060f39f37106a3843b56056a2a3Microsoft FxCop versions 10 through 12 are vulnerable to XML injection attacks allowing local file ex-filtration and or NTLM hash theft. Tested in Windows 7 and Windows 10 download SDK it works in both.
529e37622cb8b9a8c7ff1df46c0f23167d4d261569eec1722cd310507eb17b47Easy Hosting Control Panel version 0.37.12.b suffers from an unverified password change vulnerability.
6b9c2fb76cb2b2e1b5b400414e61b2bf2bf5bfced4755d05b2ca17ff0c94490cEasy Hosting Control Panel version 0.37.12.b suffers from a clear-text password storage vulnerability.
1c215b802e217d75ea942c972e7bec45f141b5f896ddc956d47e80412dacf3daEasy Hosting Control Panel version 0.37.12.b suffers from an insecure cryptography vulnerability.
687d246182ae3672c456fe67465befb2213e45306ceba378cd7184753e4c3db7Easy Hosting Control Panel version 0.37.12.b suffers from multiple cross site request forgery vulnerabilities.
ddd48bb3bcd858b591a5ba8418dc05789be98692830c6205c8a540e4ad205676Easy Hosting Control Panel version 0.37.12.b suffers from a cross site scripting vulnerability that allows you to steal the cookie.
61246ca67241380fbb3cf68fbfbd65cd27a9c327ff9125e7f8cd3a8234b67333
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed