Vulnerabilities
ShadeYouVPN.com Client v2.0.1.11 for Windows Privilege Escalation
ShadeYou service executes any file without any verification as SYSTEM user.
14-02-2017
1 MIN READ
Vulnerabilities
IVPN Client for Windows 2.6.6120.33863 Privilege Escalation
Inside GenerateConfiguration method there is bug which leads to comand injection
06-02-2017
1 MIN READ
Vulnerabilities
Viscosity for Windows 1.6.7 Privilege Escalation
Only files digitally signed by SparkLabs can use this pipe because of usage of new X509Certificate2. But it's possible to bypass this by injecting our DLL into Viscosity.exe.
30-01-2017
4 MIN READ
Vulnerabilities
WD My Cloud Mirror 2.11.153 RCE and Authentication Bypass
It's possible to execute arbitrary commands using login form because exec() function is used without using escapeshellarg() or escapeshellcmd().
24-01-2017
2 MIN READ
Vulnerabilities
SentryHD 02.01.12e Privilege Escalation
Using Execute Command File we can execute commands on Scheduled system shutdown and because UPSMan is running as SYSTEM we execute them as Priveleged user.
18-01-2017
1 MIN READ
Vulnerabilities
WP Support Plus Responsive Ticket System 7.1.3 Privilege Escalation
You can login as anyone without knowing password because of incorrect usage of wp_set_auth_cookie().
10-01-2017
1 MIN READ
Vulnerabilities
AbanteCart 1.2.7 Stored XSS and SQL Injection
We can pass __e value which is base64 encoded and unfortunatelly those datas are not cleaned.
06-12-2016
2 MIN READ
Vulnerabilities
WinPower V4.9.0.4 Privilege Escalation
We can set command which will be executed when monitor get remote shutdown command.
29-11-2016
1 MIN READ
From 0 to pentesting hero
XSS using SVG file
The functionality of file upload is a key place where we should pay special attention to. If the attacker successfully sends and executes a malicious file, the whole server may be taken over.
12-03-2019
3 MIN READ