Email address | private |
---|---|
Website | hyp3rlinx.altervista.org |
First Active | 2015-04-28 |
Last Active | 2024-02-19 |
MistServer version 2.12 suffers from a persistent cross site scripting vulnerability.
7e1d760031b967b3ff9794c2ea823970ed269df7706f78a82ecac79f44240d6a
Symantec Endpoint Protection version 12.1.6 suffers from a tamper protection bypass vulnerability.
fb2bdba6aaf5eaee7b0bcd2b259b1c8a74c039dc66fcf7b2c9ba691f4e274fa7
This Metasploit module exploits a vulnerability found in Mako Server version 2.5. It's possible to inject arbitrary OS commands in the Mako Server tutorial page through a PUT request to save.lsp. Attacker input will be saved on the victims machine and can be executed by sending a GET request to manage.lsp.
9653fa3b7a40469f97c0d038e59615a70577ff258af1a5831bce426a139bea21
Avaya IP Office (IPO) versions 9.1.0 through 10.1 suffer from a soft console remote buffer overflow vulnerability.
11dd9b6695c54b23357d7ff81eab9a8ad0242b41b72044b3f70f760a0111e12e
Avaya IP Office (IPO) versions 9.1.0 through 10.1 suffer from an active-x buffer overflow vulnerability.
7a763fcbbba221c4d0f3a6119bfab51308deda0cbd736da60d91585f0d089872
Microsoft Windows Game Definition File Editor (GDFMaker) version 6.3.9600.16384 suffers from an XML external entity injection vulnerability.
10f87d3d1b9071caa4665070b4aa0e2d5a5dea176d6602bf53f8a85c7ceff9c0
Webmin version 1.850 suffers from server side request forgery, cross site request forgery, and cross site scripting vulnerabilities, the last of which can lead to remote command execution.
d11573ef8f901da4b1c7a343b9844592c00e8cb689d9d4a889cdc4549e895f61
TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from a memory corruption vulnerability.
a3e63e809dd2f77a9acd338ac38043b79c71b205a4ebbe5fafecd0186aff1ce4
TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from a host header injection vulnerability.
ca851dfdc30f3ca29be4beb58fda82f5431c4b58b939a638be47b4f47458dc25
TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from a server-side request forgery vulnerability.
b78a20a2c968c75631e6990a1f7e972c823b375e7d86ef59f2be61b0a46109c1
TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from NT domain and PHP information disclosure vulnerabilities.
cbc24777efe60d495308e8e83b6aab3977c7f4ca4be577179c3bb0fd8a7ebf53
TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from Start Remote Process code execution and denial of service vulnerabilities.
6de08e124c8b1a0239b20e4fa1c2cbdf3e13a51ade31822cc0daeada5571141c
TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from a curl man-in-the-middle remote code execution vulnerability.
a951ff568b5eb974a3fcb41787cccb1e6f0712ff17d8f8b55fbbe1162c616bf1
TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from an XG image file execution bypass vulnerability.
39feeb31db761809500aabac33bb9d824e3646b7a52d3c8c0735f44deefaf200
TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from a pre-authentication encryption key disclosure vulnerability.
0300820dbf3c570f226bdcebb695752c98f73528c93322e27eaac142ce6d9feb
Mako Web Server suffers from file disclosure, remote command execution, and server-side request forgery vulnerabilities.
7772922a708fb50556c43e97af1adc13ce64566e4a2386554f32c4bb9f13fc20
Mongoose Web Server version 6.5 suffers from cross site request forgery and remote command execution vulnerabilities.
af456e0cd4668089706869d568399d104a8362a32934e00fb6ba9bc503227ed0
Apache2Triad version 1.5.4 suffers from session fixation, cross site request forgery, and cross site scripting vulnerabilities.
8b8eebdfe33ae61532f0ab8b2beb38d3db0a8fc43dcbd93aa095cacc5a57b08e
Yaws version 1.91 suffers from an unauthenticated remote file disclosure vulnerability.
75629368ff456f6677d01b2c26f455cf606a3403736db99f79919f9e33af3230
Firefox version 54.0.1 suffers from a denial of service vulnerability.
3644ea8959431b6023ecedbd76add9ecd1247d5501ecede377afba4f441df58e
MySQL G0ld is a program that issues brute force attacks against a MySQL Server using a supplied wordlist.
299eef0e652415b8c1f3b2d435260b6ddfbe06b4ae900d2b7804cb6a236d4c68
BIND version 9.10.5 for x86 and x64 on Windows suffers from an unquoted service path vulnerability that can allow for privilege escalation.
39bb02902250325dc8dcc1576f0306ade384ae1bdc0f1e5e1451e7fa784c9075
Remote attackers can abuse the "Subscribe to Podcast" feature of Subsonic 6.1.1 to store persistent XSS payloadsif an authenticated user clicks a malicious link or visits an attacker controlled webpage.
ccbff854c80967e2cd461d551d2bbb45860d52ba6f9974d2d72d5544d987a48b
Subsonic 6.1.1 import playlist feature is susceptible to an XML External Entity attack via import of a malicious .XSPF playlist file.
1785d67006592ca1aebed74e108868e2aadc2c36f565e3ed4e6a0527106e6ae0
Remote attackers can abuse the Podcast feature of subsonic to launch Server Side Request Forgery attacks from the subsonic server if an authenticated user clicks a malicious link or visits an attacker controlled webpage.
4f9d59342482e64d296984fe2885074b7464963e5822f6ca6a1b83f9436de530