Exploit

Sitecore CMS v 8.2, cross site scripting & arbitrary file access

Hi folks, Multiple vulnerabilities were found in the Sitecore version 8.2. Which were reported to Sitecore CMS on the 5th of May,2017. A patch was released on the 27th of June, 2017. It is recommended to update the Sitecore CMS installation. The exploit is being made public after the patch has been released. Exploit:[CVE-2017-11439, CVE-2017-11440] …

Sitecore CMS v 8.2, cross site scripting & arbitrary file access Read More »

Cherokee Web Server 0.5.4 Denial Of Service

####################################################### # # Name : Cherokee Web Server 0.5.4 Denial Of Service # Author: Usman Saeed # Company: Xc0re Security Research Group # Website:  Xc0re.net # DATE: 25/10/09 # Tested on Windows ! ####################################################### Disclaimer: [This code is for Educational Purposes , I would Not be responsible for any misuse of this code] [*] Download …

Cherokee Web Server 0.5.4 Denial Of Service Read More »

BSR Webweaver 1.33 /script security Bypass vulnerability

BSR Webweaver 1.33 Author : Usman Saeed , Exploit @ Xc0re Security Research Group. [*] Date: 15/09/09 [*] http://www.brswebweaver.com/downloads.html [*] Attack type : Remote [*] Patch Status : Unpatched [*] Description : In ISAPI/CGI path is [%installdirectory%/scripts] and through HTTP the alias is [http://[host]/scripts] ,The access security check is that if the attacker tries to …

BSR Webweaver 1.33 /script security Bypass vulnerability Read More »

Kolibri+ Webserver 2 Multiple Vulnerabilities

Kolibri+ Webserver 2 suffers from multiple vulnerabilities namely Directory Traversal &  Denial OF Service. Vulnerability was reported on 6th of September 2009 by Xc0re Security Research Group. http://xc0re.net/index.php?p=1_19_Kolibri+-Webserver-2-multiple-vulnerabilities An attacker can easily crash the server , or send a crafted http request to escape the root directory and view any file , even outside the …

Kolibri+ Webserver 2 Multiple Vulnerabilities Read More »

Secured By miniOrange