what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

QiHang Media Web Digital Signage 3.0.9 Arbitrary File Deletion
Posted Aug 13, 2020
Authored by LiquidWorm | Site zeroscience.mk

QiHang Media Web Digital Signage version 3.0.9 suffers from an unauthenticated arbitrary file deletion vulnerability.

tags | exploit, web, arbitrary
MD5 | 4ec2d17bffc03ecbcdff736a646ec399

Related Files

Sony BRAVIA Digital Signage 1.7.8 Unauthenticated Remote File Inclusion
Posted Dec 3, 2020
Authored by LiquidWorm | Site zeroscience.mk

Sony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a remote file inclusion vulnerability by including arbitrary client-side dynamic scripts (JavaScript, VBScript, HTML) when adding content though the input URL material of type html. This allows hijacking of the current session of the user, execute cross-site scripting code, or changing the look of the page and content modification on current display.

tags | exploit, remote, arbitrary, javascript, xss, file inclusion
MD5 | 85b5e3c8c9cb495114ef096e2616e76a
Sony BRAVIA Digital Signage 1.7.8 Insecure Direct Object Reference
Posted Dec 3, 2020
Authored by LiquidWorm | Site zeroscience.mk

Sony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a client-side protection bypass due to an insecure direct object reference vulnerability.

tags | exploit
MD5 | 9c3322511ba56f41f33f9e40b9574a1a
Sony BRAVIA Digital Signage 1.7.8 System API Information Disclosure
Posted Dec 3, 2020
Authored by LiquidWorm | Site zeroscience.mk

Sony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a sensitive information disclosure vulnerability. An unauthenticated attacker can visit several API endpoints and disclose information running on the device.

tags | exploit, info disclosure
MD5 | d5e3f98a3416a94cb0997c3b35929711
Digital Signage Systems - The Modern Hacker's Outreach
Posted Dec 3, 2020
Authored by LiquidWorm | Site zeroscience.mk

Whitepaper called Digital Signage Systems - The Modern Hacker's Outreach. It discusses everything from public incidents to common attack vectors leveraged to manipulate content.

tags | paper
MD5 | 5523c83e92054c30532290f6f4a597aa
RED-V Super Digital Signage System RXV-A740R Log Information Disclosure
Posted Nov 16, 2020
Authored by LiquidWorm | Site zeroscience.mk

RED-V Super Digital Signage System RXV-A740R is vulnerable to a sensitive information disclosure vulnerability. An unauthenticated attacker can visit several endpoints and disclose the webserver's log file list containing sensitive system resources and debug log information running on the device.

tags | exploit, info disclosure
MD5 | e1d1ea37410444110d5c4be18ea30b60
iDS6 DSSPro Digital Signage System 6.2 Privilege Escalation
Posted Nov 5, 2020
Authored by LiquidWorm | Site zeroscience.mk

iDS6 DSSPro Digital Signage System version 6.2 suffers from a privilege escalation vulnerability. An authenticated user can elevate his/her privileges by calling JS functions from the console or by insecure direct object references to hidden functionalities that can result in creating users, modifying roles and permissions and full takeover of the application.

tags | exploit
MD5 | e3500a490fb570726141f18d28cdea4a
iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security Bypass
Posted Nov 5, 2020
Authored by LiquidWorm | Site zeroscience.mk

The CAPTCHA function for iDS6 DSSPro Digital Signage System version 6.2 is prone to a security bypass vulnerability that occurs in the CAPTCHA authentication routine. By requesting the autoLoginVerifyCode object an attacker can receive a JSON message code and successfully bypass the CAPTCHA-based authentication challenge and perform brute-force attacks.

tags | exploit, bypass
MD5 | 63ad9696454afc1b19e579a677c06b40
iDS6 DSSPro Digital Signage System 6.2 Cross Site Request Forgery
Posted Nov 5, 2020
Authored by LiquidWorm | Site zeroscience.mk

iDS6 DSSPro Digital Signage System version 6.2 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

tags | exploit, web
MD5 | 207d76baf968933618e1083a7fd98079
iDS6 DSSPro Digital Signage System 6.2 Password Disclosure
Posted Nov 5, 2020
Authored by LiquidWorm | Site zeroscience.mk

iDS6 DSSPro Digital Signage System version 6.2 suffers from a cleartext transmission/storage of sensitive information in a cookie when using the Remember (autoSave=true) feature. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack.

tags | exploit, remote, web
MD5 | 6e74f91319785d9d2dc39fb672f1d06b
TDM Digital Signage PC Player 4.1 Insecure File Permissions
Posted Oct 27, 2020
Authored by LiquidWorm | Site zeroscience.mk

TDM Digital Signage Windows Player version 4.1 suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice.

tags | exploit
systems | windows
MD5 | 9f69935f116659d2b0dbfb1b919205fc
BrightSign Digital Signage Diagnostic Web Server 8.2.26 Server-Side Request Forgery
Posted Oct 1, 2020
Authored by LiquidWorm | Site zeroscience.mk

BrightSign Digital Signage Diagnostic Web Server version 8.2.26 suffers from an unauthenticated server-side request forgery vulnerability.

tags | exploit, web
MD5 | 296bf65f30621b25981d6cb6556e0e99
SpinetiX Fusion Digital Signage 3.4.8 Path Traversal
Posted Oct 1, 2020
Authored by LiquidWorm | Site zeroscience.mk

SpinetiX Fusion Digital Signage version 3.4.8 suffers from an authenticated path traversal vulnerability. Input passed via several parameters in index.php script is not properly verified before being used to create and delete files. This can be exploited to write backup files to an arbitrary location and/or delete arbitrary files via traversal attacks.

tags | exploit, arbitrary, php
MD5 | 7f728d906bc879ebc132cb19c060a6c2
SpinetiX Fusion Digital Signage 3.4.8 Database Backup Disclosure
Posted Oct 1, 2020
Authored by LiquidWorm | Site zeroscience.mk

SpinetiX Fusion Digital Signage version 3.4.8 suffers from a database backup disclosure vulnerability.

tags | exploit
MD5 | bd78c5ac803733307c42b810b4232217
SpinetiX Fusion Digital Signage 3.4.8 Cross Site Request Forgery
Posted Oct 1, 2020
Authored by LiquidWorm | Site zeroscience.mk

SpinetiX Fusion Digital Signage version 3.4.8 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | b11d34cdcd9290c7637a7fddb59c490c
SpinetiX Fusion Digital Signage 3.4.8 Username Enumeration
Posted Oct 1, 2020
Authored by LiquidWorm | Site zeroscience.mk

SpinetiX Fusion Digital Signage versions 3.4.8 and below suffer from a username enumeration vulnerability.

tags | exploit
MD5 | 0f397d0c453903fc6da9856dc936c6eb
B-swiss 3 Digital Signage System 3.6.5 Backdoor Remote Code Execution
Posted Sep 21, 2020
Authored by LiquidWorm | Site zeroscience.mk

B-swiss 3 Digital Signage System version 3.6.5 suffers from an authenticated arbitrary PHP code execution vulnerability. The vulnerability is caused due to the improper verification of uploaded files in index.php script thru the rec_poza POST parameter. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file that will be stored in the /usr/users directory. Due to an undocumented and hidden maintenance account admin_m which has the highest privileges in the application, an attacker can use these hard-coded credentials to authenticate and use the vulnerable image upload functionality to execute code on the server.

tags | exploit, arbitrary, php, code execution
MD5 | b8122e7dc5d8a3a0549b1366c4226983
B-swiss 3 Digital Signage System 3.6.5 Cross Site Request Forgery
Posted Sep 20, 2020
Authored by LiquidWorm | Site zeroscience.mk

B-swiss 3 Digital Signage System version 3.6.5 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

tags | exploit, web
MD5 | 31d83019ab8016cf568904060791896f
B-swiss 3 Digital Signage System 3.6.5 Database Disclosure
Posted Sep 19, 2020
Authored by LiquidWorm | Site zeroscience.mk

B-swiss 3 Digital Signage System version 3.6.5 is vulnerable to an unauthenticated database download and information disclosure vulnerability. This can enable the attacker to disclose sensitive information resulting in authentication bypass, session hijacking and full system control.

tags | exploit, info disclosure
MD5 | 1175b32ecdd1ad1b9b42a4c5bc9c5d4c
Eibiz i-Media Server Digital Signage 3.8.0 Authentication Bypass
Posted Aug 21, 2020
Authored by LiquidWorm | Site zeroscience.mk

Eibiz i-Media Server Digital Signage version 3.8.0 suffers from unauthenticated privilege escalation and arbitrary user creation vulnerability that allows authentication bypass. Once serialized, an AMF encoded object graph may be used to persist and retrieve application state or allow two endpoints to communicate through the exchange of strongly typed data. These objects are received by the server without validation and authentication and gives the attacker the ability to create any user with any role and bypass the security control in place and modify presented data on the screen/billboard.

tags | exploit, arbitrary
MD5 | fd7bb44dd6320c3825c09283301d799e
Eibiz i-Media Server Digital Signage 3.8.0 File Path Traversal
Posted Aug 21, 2020
Authored by LiquidWorm | Site zeroscience.mk

Eibiz i-Media Server Digital Signage version 3.8.0 is affected by a directory traversal vulnerability. An unauthenticated remote attacker can exploit this to view the contents of files located outside of the server's root directory. The issue can be triggered through the oldfile GET parameter.

tags | exploit, remote, root
MD5 | 48bcb45f0b05d6750b03ec9ce8698dc6
Eibiz i-Media Server Digital Signage 3.8.0 Remote Privilege Escalation / Account Takeover
Posted Aug 21, 2020
Authored by LiquidWorm | Site zeroscience.mk

Eibiz i-Media Server Digital Signage version 3.8.0 suffers from an unauthenticated remote privilege escalation and account takeover vulnerability that can be triggered by directly calling the updateUser object (part of ActionScript object graphs), effectively elevating to an administrative role or taking over an existing account by modifying the settings.

tags | exploit, remote
MD5 | 3841e73f5ee30c4a0b8a1d02dac070da
Eibiz i-Media Server Digital Signage 3.8.0 Configuration Disclosure
Posted Aug 21, 2020
Authored by LiquidWorm | Site zeroscience.mk

Eibiz i-Media Server Digital Signage version 3.8.0 suffers from an unauthenticated configuration disclosure vulnerability.

tags | exploit
MD5 | 5d2550faa54b02155ff0c1672fb51b45
QiHang Media Web Digital Signage 3.0.9 Remote Code Execution
Posted Aug 13, 2020
Authored by LiquidWorm | Site zeroscience.mk

QiHang Media Web Digital Signage version 3.0.9 suffers from a pre-authentication remote code execution vulnerability.

tags | exploit, remote, web, code execution
MD5 | 7c248458391a49820ad700528da5bdc1
QiHang Media Web Digital Signage 3.0.9 Arbitrary File Disclosure
Posted Aug 13, 2020
Authored by LiquidWorm | Site zeroscience.mk

QiHang Media Web Digital Signage version 3.0.9 suffers from an arbitrary file disclosure vulnerability.

tags | exploit, web, arbitrary
MD5 | 4b229bf7159213f08c6c5c724d811ce5
QiHang Media Web Digital Signage 3.0.9 Credential Disclosure
Posted Aug 13, 2020
Authored by LiquidWorm | Site zeroscience.mk

QiHang Media Web Digital Signage version 3.0.9 suffers from a clear-text credential disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack.

tags | exploit, web
MD5 | a4df03562be6c4ac8f645486ee2b5b2d
Page 1 of 4
Back1234Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    33 Files
  • 3
    Dec 3rd
    11 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close