Recent content by CyberNinjaX
-
C
Remote Arbitrary code execution, (LibGD) PHP 4 <= 7.3, CVE-2019-6977
Arbitrary code execution vulnerability (CVE-2019-6977) affects the PHP GD image processing library in PHP versions 4 through 7.3. The vulnerability is caused by insufficient input validation in the gdImageCreateFromGd2() function that could allow an attacker to execute arbitrary code on the...- CyberNinjaX
- Thread
- arbitrary code execution exploit mitigation gd library php vulnerabilities web application security
- Replies: 0
- Forum: Exploits & PoCs
-
C
Local Local Privilege Escalation, Apache HTTP Server 2.4.17 <= 2.4.38, CVE-2019-0211
The problem poses the greatest threat to shared web hosting services. The Apache Software Foundation has fixed a dangerous vulnerability in Apache HTTP Server 2.4 that, under certain circumstances, could allow code to run as root and take control of the server. The issue (CVE-2019-0211) only...- CyberNinjaX
- Thread
- Replies: 0
- Forum: Exploits & PoCs
-
C
Remote RCE, Chrome 73.0.3683.86, Windows 10 x64, CVE-N\A, 1-day
The vulnerability allows remote execution of arbitrary code on the attacked system. On Thursday, April 4, Exodus Intelligence security researcher István Kurucsai published a PoC exploit and a demo video for an unpatched vulnerability in Google Chrome. The vulnerability allows an attacker to...- CyberNinjaX
- Thread
- Replies: 18
- Forum: Exploits & PoCs
-
C
Remote Arbitrary command execution, TP-Link SR20 smart hub and router (and possibly other TP-Link device), 0day
Hidden content- CyberNinjaX
- Thread
- Replies: 0
- Forum: Exploits & PoCs
-
C
Web RCE, Huawei Router HG532, CVE-2017-17215
CVE-2017-17215 is a vulnerability that affects Huawei HG532 routers. It allows remote code execution (RCE) by an attacker who has control of the router's web interface. The vulnerability was first discovered in December 2017 by security researchers at Check Point Software Technologies. It was...- CyberNinjaX
- Thread
- cve-2017-17215 huawei hg532 password protection rce router security
- Replies: 9
- Forum: Exploits & PoCs
-
C
Dos Buffer overflow, Firefox 66.0, CVE-2019-9810
CVE-2019-9810-PoC Array.prototype.slice wrong alias information This bug I was found last year. And it was collision with @fluoroacetate in pwn2own 2019. It was fixed in firefox 66.0.1 hello_firefox_11_30.html Hidden content- CyberNinjaX
- Thread
- Replies: 6
- Forum: Exploits & PoCs
-
C
Remote UaF, Windows 7 x86 - Google Chrome 72.0.3626.119, CVE-2019-5786
CVE-2019-5786 is a vulnerability in the Google Chrome web browser that could allow an attacker to execute arbitrary code on a victim's computer. The vulnerability was patched in Chrome version 72.0.3626.121 CVE-2019-5786 Chrome 72.0.3626.119 stable FileReader UaF exploit for Windows 7 x86...- CyberNinjaX
- Thread
- cve-2019-5786 google chrome vulnerability software updates web browser security
- Replies: 0
- Forum: Exploits & PoCs
-
C
Web J2Store Plugin for Joomla! < 3.3.6 - SQL Injection
Hidden content- CyberNinjaX
- Thread
- Replies: 0
- Forum: Exploits & PoCs
-
C
Web CVE-2019-6340 Drupal < 8.6.10 и 8.5.11 REST services RCE PoC
CVE-2019-6340 is a security vulnerability that affects versions of the Drupal content management system prior to version 8.6.10 and version 8.5.11. The vulnerability allows attackers to remotely execute code on the server using the REST services module. A proof-of-concept (PoC) is a...- CyberNinjaX
- Thread
- drupal remote code execution rest module security vulnerability system updates
- Replies: 1
- Forum: Exploits & PoCs
-
C
Remote CiscoRV320Dump, CVE-2019-1652 / CVE-2019-1653
New exploit for Cisco Cisco RV320Dump published, CVE-2019-1652 & CVE-2019-1653 Cisco RV320 and RV325 routers have become a target for hackers. Scans and attacks began last Friday, January 25, after information security specialist David Davidson published an exploit on GitHub POC for serious...- CyberNinjaX
- Thread
- Replies: 0
- Forum: Exploits & PoCs