Websecurity - Веб безпека

В даній добірці експлоіти в веб додатках:

• Fritz!Box - Remote Command Execution Exploit (деталі)
• NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Stored XSS Vulnerability (деталі)
• Crime24 Stealer Panel <= Multiple Vulnerabilities (деталі)
• HP Laser Jet - JavaScript Persistent XSS via PJL Directory Traversal (деталі)
• NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - CSRF Vulnerability (деталі)
• Seagate BlackArmor NAS - Multiple Vulnerabilities (деталі)
• Fortiweb 5.1.x Cross Site Request Forgery Vulnerability (деталі)
• JIRA Issues Collector Directory Traversal Exploit (деталі)
• Linksys E-Series TheMoon Remote Command Injection Exploit (деталі)
• OpenSSL TLS Heartbeat Extension - Memory Disclosure (деталі)

В даній добірці експлоіти в веб додатках:

• SNEHA IT Soluctions’s LFI Vulnerabilities (деталі)
• TRENDnet TEW-634GRU 1.00.23 - Multiple Vulnerabilities (деталі)
• Lavarel-Security XSS Filter Bypass Vulnerability (деталі)
• BarracudaDrive 6.7.1 Cross Site Scripting Vulnerability (деталі)
• Beetel 450TC2 Router Admin Password CSRF Vulnerability (деталі)
• FreePBX config.php Remote Code Execution Vulnerability (деталі)
• Katello (Red Hat Satellite) users/update_roles Missing Authorization (деталі)
• SePortal 2.5 SQL Injection / Remote Code Execution Exploit (деталі)
• Fitnesse Wiki Remote Command Execution Vulnerability (деталі)
• Fritz!Box Webcam Unauthenticated Command Injection Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• HP Data Protector Arbitrary Remote Command Execution exploit (деталі)
• Asus RT Password Disclosure Vulnerability (деталі)
• F-Secure Messaging Security Gateway 7.5.0.892 Cross Site Scripting (деталі)
• Sixnet Sixview 2.4.1 - Web Console Directory Traversal (деталі)
• WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion Vulnerability (деталі)
• Quantum vmPRO - Backdoor Command Exploit (деталі)
• Quantum DXi V1000 SSH Private Key Exposure (деталі)
• Horde Framework Unserialize PHP Code Execution (деталі)
• MS14-012 Internet Explorer TextRange Use-After-Free (деталі)
• LifeSize UVC Authenticated Remote Command Execution (деталі)

В даній добірці експлоіти в веб додатках:

• Comtrend CT 5361T Password Disclosure Vulnerability (деталі)
• Sagem F@st 3304-V2 Authentication Bypass Vulnerability (деталі)
• NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities (деталі)
• Xerox DocuShare - SQL Injection Vulnerability (деталі)
• D-Link DAP-1320 Directory Traversal / Cross Site Scripting Vulnerabilities (деталі)
• Ruby Gem Arabic Prawn 0.0.1 Command Injection Vulnerability (деталі)
• Firefox Exec Shellcode From Privileged Javascript Shell (деталі)
• Quantum DXi V1000 2.2.1 - Static SSH Key (деталі)
• Loadbalancer.org Enterprise VA 7.5.2 - Static SSH Key Vulnerability (деталі)
• SePortal 2.5 - SQL Injection Vulnerabilty (деталі)

В даній добірці експлоіти в веб додатках:

• Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects (деталі)
• ASUS RT-AC68U Remote Command Execution Vulnerability (деталі)
• ASUS RT-AC68U Cross Site Scripting Vulnerability (деталі)
• XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities (XSS & CSRF) (деталі)
• Halon Security Router (SR) =< v3.2-winter-r1 Multiple Vulnerabilities (деталі)
• Safari User-Assisted Download / Run Attack (деталі)
• SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write Exploit (деталі)
• HP Data Protector Backup Client Service Remote Code Execution Exploit (деталі)
• Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow Vulnerability (деталі)
• Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow Vulnerability (деталі)

В даній добірці експлоіти в веб додатках:

• Allied Telesis AT-RG634A ADSL Broadband Router - Unauthenticated Webshell (деталі)
• IBM Tealeaf CX 8.8 - Remote OS Command Injection Vulnerability (деталі)
• ASUS routers Remote FTP login Authentication Bypass Vulnerability (деталі)
• EMC Cloud Tiering Appliance v10.0 Unauthenticated XXE Arbitrary File Read (деталі)
• ICOMM 610 Wireless Modem - CSRF Vulnerability (деталі)
• Symantec Endpoint Protection Manager Remote Command Execution (деталі)
• GE Proficy CIMPLICITY gefebt.exe Remote Code Execution (деталі)
• MantisBT Admin SQL Injection Arbitrary File Read Vulnerability (деталі)
• SolidWorks Workgroup PDM 2014 Arbitrary File Write Exploit (деталі)
• HP Data Protector Backup Client Service Remote Code Execution (деталі)

В даній добірці експлоіти в веб додатках:

• Ubee EVW3200 - Cross Site Request Forgery Vulnerability (деталі)
• Array Networks vxAG 9.2.0.34 and vAPV 8.3.2.17 - Multiple Vulnerabilities (деталі)
• Dlink DIR-600L Hardware Version AX Firmware Version 1.00 - CSRF Vulnerability (деталі)
• InterWorx Web Control Panel Cross Site Scripting Vulnerability (деталі)
• InterWorx 5.0.13 Build 574 SQL Injection Vulnerability (деталі)
• Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit (деталі)
• SolidWorks Workgroup PDM 2014 SP2 - Arbitrary File Write Vulnerability (деталі)
• IBM BPMS 8.0.0.1 Privilege Escalation / Disclosure (деталі)
• Python socket.recvfrom_into() remote buffer overflow exploit (деталі)
• Symantec Endpoint Protection Manager Remote Command Execution Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Zyxel Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting Vulnerability (деталі)
• ZyXEL Router P-660HN-T1A - Login Bypass Vulnerability (деталі)
• Ubee EVW3200 - Multiple Persistent Cross Site Scripting Vulnerability (деталі)
• Synology DSM 4.3-3827 (article.php) - Blind SQL Injection Vulnerability (деталі)
• McAfee Asset Manager 6.6 - Multiple Vulnerabilities (деталі)
• Java 6 Update 27 Download and Execute Vulnerability (деталі)
• Oracle Forms / Reports Remote Code Execution Exploit (деталі)
• Eudora Qualcomm WorldMail 9.0.333.0 IMAPd Service UID - Buffer Overflow (деталі)
• MediaWiki Thumb.php Remote Command Execution Exploit (деталі)
• WRT120N 1.0.0.7 Stack Overflow Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Huawei E5331 MiFi Unauthenticated Access / Setting Manipulation (деталі)
• ownCloud 4.0.x, 4.5.x (upload.php, filename param) - Remote Code Execution (деталі)
• Apple TV Touch Password Disclosure Vulnerability (деталі)
• Java 7 Update 5-10 vulnerability to download and execute (деталі)
• Java 7 Update 11 vulnerability to download and execute (деталі)

В даній добірці експлоіти в веб додатках:

• Oracle Demantra 12.2.1 - Stored XSS Vulnerability (деталі)
• Oracle Demantra 12.2.1 - Database Credentials Disclosure (деталі)
• Kloxo Remote Root Exploit (деталі)
• HP Data Protector EXEC_BAR Remote Command Execution (деталі)
• Dexter (CasinoLoader) SQL Injection Exploit (деталі)