Blog

WebKit – Universal XSS in WebCore::command <! – DETALHES DA VULNERABILIDADE “ “ static Editor :: Command command (Documento * documento, const String & commandName,

WebKit – User-agent Shadow root Leak in WebCore::ReplacementFragment::ReplacementFragment <! – DETALHES DA VULNERABILIDADE editando / ReplaceSelectionCommnd.cpp: “ “ Ref <HTMLElement> ReplacementFragment :: insertFragmentForTestRendering (Node *

WebKit – Universal XSS Using Cached Pages DETALHES DA VULNERABILIDADE “ “ void FrameLoader :: detachChildren () { […] SubframeLoadingDisabler subframeLoadingDisabler (m_frame.document ()); // ***

Counter-Strike Global Offensive 1.37.1.1 – ‘vphysics.dll’ Denial of Service (PoC) # CVE-2019-15943 O Counter-Strike Global Offensive (vphysics.dll) antes da versão 1.37.1.1 permite que atacantes remotos

Detrix EDMS 1.2.3.1505 – SQL Injection #!/usr/bin/php /* # Exploit Title: Detrix EDMS cleartext user password remote SQLI exploit # Google Dork: # Date: Jul

Detrix EDMS 1.2.3.1505 – SQL Injection #!/usr/bin/php /* # Exploit Title: Detrix EDMS cleartext user password remote SQLI exploit # Google Dork: # Date: Jul

DOUBLEPULSAR – Payload Execution and Neutralization (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank =

mintinstall 7.9.9 – Code Execution # Exploit Title: mintinstall (aka Software Manager) object injection # Date: 10/02/2019 # Exploit Author: Andhrimnirr # Vendor Homepage: https://www.linuxmint.com/

AnchorCMS < 0.12.3a – Information Disclosure # Exploit Title: Information disclosure (MySQL password) in error log # Date: 2/10/2019 # Exploit Author: Tijme Gommers (https://twitter.com/finnwea/)

LabCollector 5.423 – SQL Injection # Exploit Title: LabCollector (Sistema de Informação do Laboratório) 5.423 – Injeção SQL Múltipla # Data: 09/09/2019 # Links /