Squid Caching Proxy Proof Of Concepts
Authored by Joshua Rogers | Site megamansec.github.io
Two and a half years ago an independent audit was performed on the Squid Caching Proxy, which ultimately resulted in 55 vulnerabilities being...
Atlassian Confluence Unauthenticated Remote Code Execution
Authored by sfewer-r7 | Site metasploit.com
This Metasploit module exploits an improper input validation issue in Atlassian Confluence, allowing arbitrary HTTP parameters to be translated into getter/setter sequences via the...
Linux DCCP Information Leak
Authored by Jann Horn, Google Security Research
Linux suffers from a small remote binary information leak in DCCP.
Chrome ReduceJSLoadPropertyWithEnumeratedKey Out-Of-Bounds Access
Authored by Google Security Research, Glazvunov
Chrome checks in ReduceJSLoadPropertyWithEnumeratedKey are not sufficient to prevent the engine from reading an out-of-bounds index from an enum cache.
advisories | CVE-2023-4427
SAP Application Server ABAP Open Redirection
Authored by Fabian Hagg | Site sec-consult.com
SAP Application Server ABAP and ABAP Platform suffer from an open redirection vulnerability.
advisories | CVE-2023-6215
Change Mirror Download
SEC Consult Vulnerability Lab Security Advisory <...
glibc ld.so Local Privilege Escalation
Authored by Qualys Security Advisory
Dubbed Looney Tunables, Qualys discovered a buffer overflow vulnerability in the glibc dynamic loader's processing of the GLIBC_TUNABLES environment variable. This vulnerability was introduced in...
WordPress Contact Form Generator 2.5.5 Cross Site Scripting
Authored by Arvandy
WordPress Contact Form Generator plugin version 2.5.5 suffers from a cross site scripting vulnerability.
advisories | CVE-2023-37988
Change Mirror Download
# Exploit Title: WP Plugins Contact Form Generator 2.5.5 -...
openVIVA c2 20220101 Cross Site Scripting
Authored by Daniel Hirschberger | Site sec-consult.com
openVIVA c2 suffers from a persistent cross site scripting vulnerability. Versions prior to 20220801 are affected.
advisories | CVE-2022-39172
Change Mirror Download
SEC Consult Vulnerability Lab...
SAP Enable Now Manager 10.6.5 Build 2804 Cloud Edition CSRF / XSS / Redirect
Authored by Fabian Hagg, Paul Serban | Site sec-consult.com
SAP Enable Now Manager version 10.6.5 Build 2804 Cloud Edition suffers from cross site request forgery, cross site scripting, and open...
Progress Software WS_FTP Unauthenticated Remote Code Execution
Authored by sfewer-r7 | Site metasploit.com
This Metasploit module exploits an unsafe .NET deserialization vulnerability to achieve unauthenticated remote code execution against a vulnerable WS_FTP server running the Ad Hoc...
