Corsaire Security Advisory - The aim of this document is to clearly define several vulnerabilities in the Danware NetOp Host product that suffers from multiple information disclosure issues.
42db080f94b4a9d2053f5f711e043ba751541dcd77b4eb01d14059438cd13bce
C2S DVR allows an unauthenticated user to disclose the username and password by requesting the javascript page read.cgi?page=2. This may also work on some cameras including IRDOME-II-C2S, IRBOX-II-C2S.
f14eb376c1dcefd1b99e4b5370da22899ba91385ab2b1509b470c463d912db0f
C3iM CMS version 2.0 suffers from a cross site scripting vulnerability.
b5059cee680da6b4b2504e783f5f210bcfd0f8d2a42fb0c8b729a61a89fa5d99
This is a C language reverse shell generator that is written in Python.
5dd358c97fb9c1f37b759fb43edddae386016d7945cc7d063e37b7e28f9e337f
Covid 19 Travel Pass Management System version 1.0 suffers from a remote SQL injection vulnerability.
8c232ce0a1da7fa75903ca2807d34366340d6c85780e027ddfaa612d65d60aea
Covid-19 Directory on Vaccination System version 1.0 suffers from multiple remote SQL injection vulnerabilities. This research was submitted on the same day Packet Storm received similar findings from Saud Alenazi.
e48dbf027b0b4419ae063d8e8f6f74a5ea759c8c8d62182c1e548e4c07416b36
Covid-19 Directory on Vaccination System version 1.0 suffers from multiple remote SQL injection vulnerabilities. This research was submitted on the same day Packet Storm received similar findings from Hejap Zairy.
af74de0ddf754cd0ccfd343220ae4740c7b2b0e5648cd2c45a23dcfa4a112553
The c0c0n 2020 Middle East call for papers has been announced. It will take place June 15th through the 18th, 2020 at the St. Regis in Abu Dhabi.
be01899210382405d9d5da8b0e0fed33327e4fd0108067490e6f176ae60e4cec
The c0c0n 2019 call for papers has been announced. It will take place September 25th through the 28th, 2019 at the Grand Hyatt, Kochi (Cochin), Kerala, India.
be8843635d53aade8031d3091d8811f1ca770e66cc38dbc3a43c4447928bf48d
C4G Basic Laboratory Information System (BLIS) version 3.4 suffers from a remote SQL injection vulnerability.
105a483e409804b0fff0748e498f8c46b68c513d439a743dd34f7fe6876f970f
The c0c0n 2018 call for papers has been announced. It will take place October 3rd through the 6th, 2018 at the Grand Hyatt, Kochi (Cochin), Kerala, India.
76cd0e30653fec16387e09848e48a7c13cab82ddb686912c072d2d17291f62ad
The c0c0n 2017 call for papers has been announced. It will take place August 17th through the 19th, 2017 at Le Meridien, Kochi (Cochin), Kerala, India
5e42b65f016f7e2b1cc8bee83f7fef72bcf990228cb29cdcd57ecb1df8e21a9b
C2S types IRDOME-II-C2S, IRBOX-II-C2S, and DVR suffer from remote credential disclosure and authentication bypass vulnerabilities.
e73e89f000fcdea1c330da9b5c60fde2f83706e600950d25d0e7c67d5a83009d
C2Box versions 4.0.0(r19171) and below suffer from a validation bypass vulnerability.
bc375d41b3055dd7d57b4dcb888c8376a80e14b7eb5b23111b255db7bf853cad
C4CON 2015 has announced its call for papers. It will take place in Chile.
346fa3484e36a672e30417e6568c47cea1ce7a8e0bf413e95a1cfcc65cdf2112
C2Box version 4.0.0 r19171 suffers from a cross site request forgery vulnerability.
3260a9f8f243512939cde597aee57f84fbc49ba76f322ad99d963ca8720153cc
The c0c0n 2014 call for papers has been announced. It will take place August 22nd through the 23rd, 2014 in Cochin, India.
7dc5a5d889fcb04585b16b79bd6a8af8c473227390d5703e0a0fbe23582fbab3
C2C Forward Auction Creator version 2.0 suffers a remote SQL injection vulnerability.
ae31cd335ed87386bcafdb14fe024120d0f470311e5145ece776f00d8bebba93
Evernote for Android suffers from insecure storage of PIN data and bypass of PIN protection vulnerabilities.
d4ec90670f420f077afc1f1d13f17cf6aed8381fff2d28c4df4a6c42bd1b8f2a
Evernote on Android can have its one-click setup functionality leveraged maliciously to change a user's password without their knowledge.
ba18b28f54ca2d88cea8523c0e775b385fed288a3a06b92f0fd87c5eef2e2283
The c0c0n 2013 call for papers has been announced. It will take place August 22nd through the 24th, 2013 in Cochin, India.
2c578fe9fee1947f831599bea7142daf70954b0cb1a6536b87ebb8a328d8c572
C4kurdGroup CMS suffers from a remote SQL injection vulnerability.
50cda04219b02a5c7bb4e5b0665becea0a288369ec91973a74dd4e3af3014838
The c0c0n 2012 call for papers has been announced. It will take place August 2nd through the 4th, 2012 in Cochin, India.
68c437816cf3ca996d3838183f62c57e058067696a0f5a71106026c12ce4abd0
This Metasploit module exploits a vulnerability in Icona SpA C6 Messenger version 1.0.0.1. The vulnerability is in the Downloader ActiveX Control (DownloaderActiveX.ocx). The insecure control can be abused to download and execute arbitrary files in the context of the currently logged-on user.
5ff82482c6d0cc8cb96eb23172d540f4d5ded54210dbc21fe3ea60715403632a
C2C Reverse Auction Creator version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
26c54383f3359cebee5e2a313b183a67c9c3492997e2950912c749a5d0eb6e88
Corsaire Security Advisory - The Sun JRE product has a denial of service issue that may cause Internet Explorer to fail. Versions 5.0 prior to update 14 are affected.
16cb9b32ed76820b79ddb5155fcf3b33df66267c05af0ea1421bb733c1515110