Suggested description
Core FTP LE version 2.2 Build 1921 is prone to a buffer overflow vulnerability that may result in a DoS or remote code execution via a PASV response.
Vulnerability Type
Buffer Overflow
from pip._internal import main | |
import sys | |
inst = {'y','yes'} | |
try: | |
import numpy as np | |
print("Everything seems OK. No need for setup.") | |
except ImportError: |
# -*- coding: utf-8 -*- | |
# Exploit Title: Ericsson-LG iPECS NMS - Cleartext Cred. Dump | |
# Vendor Notification: 03-03-2018 - No response | |
# Initial CVE: 04-04-2018 | |
# Disclosure: 21-04-2018 | |
# Exploit Author: Berk Cem Göksel | |
# Contact: twitter.com/berkcgoksel || bgoksel.com | |
# Vendor Homepage: http://www.ipecs.com/ |
#!/usr/bin/env python | |
# coding: utf-8 | |
############ Description: ########## | |
# The vulnerability was discovered during a vulnerability research lecture. | |
# This is meant to be a PoC. | |
#################################### | |
# Exploit Title: Core FTP LE v2.2 Build 1921 (Client) - Buffer Overflow PoC | |
# Date: 12 Jun 2018 |
Suggested description
Core FTP LE version 2.2 Build 1921 is prone to a buffer overflow vulnerability that may result in a DoS or remote code execution via a PASV response.
Vulnerability Type
Buffer Overflow
Suggested description
A use-after-free vulnerability exists in DOMProxyHandler::EnsureExpandoObject on Pale Moon Browser versions before 27.9.3.
Additional Information
The vulnerability has been confirmed and patched by the vendor.
<!-- PaleMoon Browser - Proof of Concept --> | |
<!-- Exploit Title: Pale Moon Browser < 27.9.3 - Use After Free - Proof of Concept --> | |
<!-- Date: 13 Jun 2018 --> | |
<!-- Author - Berk Cem Goksel --> | |
<!-- Contact: twitter.com/berkcgoksel || bgoksel.com --> | |
<!-- Vendor Homepage: https://www.palemoon.org/ --> | |
<!-- Software Link: https://www.palemoon.org/palemoon-win32.shtml --> | |
<!-- Version: Versions prior to 27.9.3 (Tested versions: 27.9.0, 27.9.1, 27.9.2) --> | |
<!-- Tested on: Windows 10 --> |
from sys import argv | |
import sys | |
import os | |
import time | |
import requests | |
import re | |
if len(argv) != 3: |
Description
The Ericsson-LG iPECS NMS A.1Ac login portal is prone to multiple SQL injection vulnerabilities in the "id" and "passwd" parameters which allow unauthenticated attackers to bypass the login page and execute remote code on the operating system.
Additional Information
Suggested description
The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS admin credentials and the PostgreSQL database credentials to logged-in users via the responses to certain HTTP POST requests. In order to be able to see the credentials in cleartext, an attacker needs to be authenticated.
Suggested description
The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication.
Vulnerability Type