Category: Web Application Exploits

All kind of Web Application Exploits

Web Application Exploits

CentOS Control Web Panel 0.9.8.836

- Exploit Details # Exploit Title: CWP (CentOS Control Web Panel) < 0.9.8.847 Bypass Login # Date: 6 July 2019 # Exploit Author: Pongtorn Angsuchotmetee ... Read More

Microsoft Compiled HTML Help / Uncompiled .chm File
Web Application Exploits

Microsoft Compiled HTML Help / Uncompiled .chm File

- Exploit Details Credits: John Page (aka hyp3rlinx) Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-HTML-HELP-UNCOMPILED-CHM-FILE-XML-EXTERNAL-ENTITY-INJECTION.txt ISR: ApparitionSec www.microsoft.com Microsoft Compiled ... Read More

Web Application Exploits

NETGEAR WiFi Router JWNR2010v5 / R6080

- Exploit Details # Exploit Title: NETGEAR WiFi Router R6080 - Security Questions Answers Disclosure # Date: 13/07/2019 # Exploit Author: Wadeek # Hardware Version: ... Read More

Web Application Exploits

Citrix SD-WAN Appliance 10.2.2 – Authentication Bypass / Remote Command Execution

- Exploit Details # Exploit Title: Citrix SD-WAN Appliance 10.2.2 Auth Bypass and Remote Command Execution # Date: 2019-07-12 # Exploit Author: Chris Lyne (@lynerc) ... Read More

Web Application Exploits

Jenkins Dependency Graph View Plugin 0.13

- Exploit Details # Exploit Title: Persistent XSS - Dependency Graph View Plugin(v0.13) # Vendor Homepage: https://wiki.jenkins.io/display/JENKINS/Dependency+Graph+View+Plugin # Exploit Author: Ishaq Mohammed # Contact: https://twitter.com/security_prince ... Read More

Web Application Exploits

Microsoft DirectWrite / AFDKO – Stack Corruption in OpenType Font Handling due to Out-of-Bounds cubeStackDepth

- Exploit Details ----==========----- AFDKO (Adobe Font Development Kit for OpenType) is a set of tools for examining, modifying and building fonts. The core ... Read More

Web Application Exploits

Microsoft DirectWrite / AFDKO – Stack-Based Buffer Overflow in do_set_weight_vector_cube for Large nAxes

- Exploit Details -----==========----- AFDKO (Adobe Font Development Kit for OpenType) is a set of tools for examining, modifying and building fonts. The core ... Read More

Web Application Exploits

Microsoft DirectWrite / AFDKO – Stack Corruption in OpenType Font Handling Due to Incorrect Handling of blendArray

- Exploit Details -----==========----- AFDKO (Adobe Font Development Kit for OpenType) is a set of tools for examining, modifying and building fonts. The core ... Read More

Web Application Exploits

Microsoft DirectWrite / AFDKO – Out-of-Bounds Read in OpenType Font Handling Due to Undefined FontName Index

- Exploit Details -----==========----- AFDKO (Adobe Font Development Kit for OpenType) is a set of tools for examining, modifying and building fonts. The core ... Read More