Showing 26 - 37 of 37

Files from Dhiraj Mishra

cgit Directory Traversal: Posted Aug 14, 2018; Authored by Dhiraj Mishra | Site metasploit.com; This Metasploit module exploits a directory traversal vulnerability in cgit versions prior to 1.2.1.; tags | exploit; advisories | CVE-2018-14912; SHA-256 | a6e005dc2280ba56fb5c4225445c65d8851f8cf8775107d49d6da21b41b8d918; Download | Favorite | View

Oracle GlassFish Server 4.1 Directory Traversal: Posted Aug 13, 2018; Authored by Dhiraj Mishra | Site metasploit.com; This Metasploit module exploits an unauthenticated directory traversal vulnerability which exits in administration console of Oracle GlassFish Server version 4.1, which is listening by default on port 4848/TCP.; tags | exploit, tcp; advisories | CVE-2017-1000028; SHA-256 | d0f15aaf00865662c0076f96a7127cf4276c10af2a3686dc232cfb0d42cff9d8; Download | Favorite | View

WebKitGTK+ WebKitFaviconDatabase Denial Of Service: Posted Jun 11, 2018; Authored by Dhiraj Mishra, Zubin Devnani, Hardik Mehta, Manuel Caballero; This Metasploit module exploits a vulnerability in WebKitFaviconDatabase when pageURL is unset. If successful, it could lead to application crash, resulting in denial of service.; tags | exploit, denial of service; advisories | CVE-2018-11646; SHA-256 | 2d4a36193a36d5db933286558911bee2976dd1809ed77e8e72e1d0079e824e85; Download | Favorite | View

WebKitGTK+ 2.21.3 pageURL Mishandling Denial Of Service: Posted Jun 5, 2018; Authored by Dhiraj Mishra; webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.; tags | exploit; advisories | CVE-2018-11646; SHA-256 | 3725c738a09fea389fabaa7eb29da7d502f1c4ac44e99b11eeacaad53d765aa1; Download | Favorite | View

Epiphany 3.28.2.1 Denial Of Service: Posted Jun 1, 2018; Authored by Dhiraj Mishra; Epiphany version 3.28.2.1 suffers from a denial of service vulnerability.; tags | exploit, denial of service; advisories | CVE-2018-11396; SHA-256 | eb6680182d47cc13767563a9efaf2cc72d9d014d6d28cc7341c45192af8da7ae; Download | Favorite | View

DuckDuckGo 4.2.0 WebRTC Private IP Leakage: Posted Apr 3, 2018; Authored by Brendan Coles, Dhiraj Mishra | Site metasploit.com; This Metasploit module exploits a vulnerability in browsers using well-known property of WebRTC (Web Real-Time Communications) which enables Web applications and sites to capture or exchange arbitrary data between browsers without requiring an intermediary.; tags | exploit, web, arbitrary; advisories | CVE-2018-6849; SHA-256 | 173585a0e4bca69957479fdee88e7944f21f65e0265a5608921174f45f3a0e5b; Download | Favorite | View

Samsung Internet Browser SOP Bypass: Posted Dec 20, 2017; Authored by Tod Beardsley, Jeffrey Martin, Dhiraj Mishra; This Metasploit module takes advantage of a Same-Origin Policy (SOP) bypass vulnerability in the Samsung Internet Browser, a popular mobile browser shipping with Samsung Android devices. By default, it initiates a redirect to a child tab, and rewrites the innerHTML to gather credentials via a fake pop-up.; tags | exploit, bypass; advisories | CVE-2017-17692; SHA-256 | 453452b6c39fc4137d17372c00e57358247a6b6b2880964c69ec6f1e59572af4; Download | Favorite | View

IBM Lotus Notes Denial Of Service: Posted Nov 8, 2017; Authored by Dhiraj Mishra | Site metasploit.com; This Metasploit module creates a malicious web page that causes a crash in IBM Lotus Notes when viewed in the native browser.; tags | exploit, web, denial of service; advisories | CVE-2017-1130; SHA-256 | fc47eee51110cc31b3f98a5eb6fa3c07d5b57c0cc705664c843d3dec3f82c288; Download | Favorite | View

IBM Notes 8.5 / 9.0 encodeURI Denial Of Service: Posted Oct 10, 2017; Authored by Dhiraj Mishra | Site metasploit.com; IBM Notes versions 8.5 and 9.0 encodeURI denial of service exploit.; tags | exploit, denial of service; advisories | CVE-2017-1129; SHA-256 | 665e3d77d24d49951bde37e7d172c21162dcd49b47021d00911a8a73b5cb5f21; Download | Favorite | View

Metasploit Cross Site Rquest Forgery: Posted Oct 7, 2017; Authored by Dhiraj Mishra; Metasploit Pro, Express, Ultimate, and Community suffer from a cross site request forgery vulnerability.; tags | exploit, csrf; advisories | CVE-2017-15084; SHA-256 | 4f975ffb94cadeb9b86881ec0afee39d875da87033f9c6822af9146e5a9a4d61; Download | Favorite | View

IBM Notes 8.5.x / 9.0.x Denial Of Service: Posted Sep 3, 2017; Authored by Dhiraj Mishra; IBM Notes versions 8.5.x and 9.0.x suffer from a denial of service vulnerability.; tags | exploit, denial of service; advisories | CVE-2017-1130; SHA-256 | a4d46261d22fa370f58e037251b7996f9724d604d74805a71cee0511ccb67137; Download | Favorite | View

IBM Notes 8.5.x / 9.0.x Denial Of Service: Posted Sep 2, 2017; Authored by Dhiraj Mishra; IBM Notes versions 8.5.x and 9.0.x suffer from a denial of service vulnerability.; tags | exploit, denial of service; advisories | CVE-2017-1129; SHA-256 | 0b38c315cd55263a74ca745d6aa05f9ba1e6e3fd7a40b2de346bc89d0b6b58a0; Download | Favorite | View

Page 2 of 2 Back 1 2 Next

Top Authors In Last 30 Days