1337day-Exploits

LvL-23
  • Content Count

    7,527
  • Avg. Content Per Day

    3
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by 1337day-Exploits

  1. Western Digital My Book World II NAS versions 1.02.12 and below have a hard-coded ssh credential that allows for remote command execution. View the full article
  2. macOS version 18.7.0 kernel local privilege escalation exploit that may only work on Macs before 2016. View the full article
  3. Hospital-Management version 1.26 suffers from a remote SQL injection vulnerability. View the full article
  4. Oracle Mojarra JSF included in Java EE 7 and Eclipse Mojarra JSF versions 2.2 and 2.3 suffer from a cross site scripting vulnerability. View the full article
  5. Google Chrome suffers from an issue where it will leak all passwords for a given domain. View the full article
  6. Microsoft Windows suffers from an Internet Settings misconfiguration security feature bypass vulnerability. Versions affected include Windows 7 SP1, 8.0, 8.1 x86 and x64 with full patches up to July 2019. View the full article
  7. 1337day-Exploits

    Exploits V8 Map Migration Type Confusion

    V8 map migration does not respect element kind, leading to a type confusion vulnerability. View the full article
  8. LastPass suffers from an issue where bypassing do_popupregister() leaks credentials from the previous site. View the full article
  9. Inteno EG200 routers with firmware versions EG200-WU7P1U_ADAMO3.16.4-190226_1650 and below have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP. View the full article
  10. docPrint Pro version 8.0 suffers from a SEH buffer overflow vulnerability. View the full article
  11. AppXSvc version 17763.1.amd64fre.rs5_release.180914-1434 suffers from an arbitrary file security descriptor overwrite privilege escalation vulnerability. View the full article
  12. Master Data Online suffers from a cross site request forgery vulnerability that allows for data tampering. View the full article
  13. Webmin version 1.920 remote code execution exploit that leverages the vulnerability noted in CVE-2019-15107. View the full article
  14. College-Management-System version 1.2 suffers from an authentication bypass vulnerability. View the full article
  15. Ticket-Booking version 1.4 suffers from an authentication bypass vulnerability. View the full article
  16. Piwigo version 2.9.5 suffers from cross site request forgery and cross site scripting vulnerabilities. View the full article
  17. phpMyAdmin version 4.9.0.1 suffers from a cross site request forgery vulnerability. View the full article
  18. Dolibarr ERP-CRM version 10.0.1 suffers from a user-agent cross site scripting vulnerability. View the full article
  19. Folder Lock version 7.7.9 suffers from a denial of service vulnerability. View the full article
  20. FTPShell Client version 6.74 suffers from a local buffer overflow denial of service vulnerability. View the full article
  21. LimeSurvey versions 3.17.13 and below suffer from reflective and persistent cross site scripting vulnerabilities. View the full article
  22. 1337day-Exploits

    Exploits Generic Zip Slip Traversal

    This is a generic arbitrary file overwrite technique, which typically results in remote command execution. This targets a simple yet widespread vulnerability that has been seen affecting a variety of popular products including HP, Amazon, Apache, Cisco, etc. The idea is that often archive extraction libraries have no mitigations against directory traversal attacks. If an application uses it, there is a risk when opening an archive that is maliciously modified, and results in the embedded payload to be written to an arbitrary location (such as a web root), and results in remote code execution. View the full article
  23. Opencart version 2.3.0.2 pre-authentication remote command execution exploit. View the full article
  24. Microsoft DirectWrite suffers from an out-of-bounds read in sfac_GetSbitBitmap while processing TTF fonts. View the full article
  25. Microsoft DirectWrite suffers from an invalid read in SplicePixel while processing OTF fonts. View the full article