vimarsana.com

Page 17 - Exploit Title News Today : Breaking News, Live Updates & Top Stories | Vimarsana

Microsoft SharePoint Enterprise Server 2016 Spoofing

// Exploit Title: Microsoft SharePoint Enterprise Server 2016 - Spoofing// Date: 2023-06-20// country: Iran// Exploit Author: Amirhossein Bahramizadeh// Category : Remote// Vendor Homepage:// Microsoft SharePoint Foundation 2013 Service Pack 1// Microsoft SharePoint Server Subscription Edition// Microsoft SharePoint Enterprise Server 2013 Service Pack 1// Microsoft SharePoint Server 2019// Microsoft SharePoint Enterprise Server 2016// Tested on: Windows/Linux//

Internetopen mozillaAmirhossein bahramizadehMicrosoft sharepoint foundationService packExploit titleMicrosoft sharepoint enterprise serverExploit authorVendor homepageMicrosoft sharepoint server subscriptionMicrosoft sharepoint server

Smart Office Web 20 28 Information Disclosure / Insecure Direct Object Reference

# Exploit Title: Smart Office Web 20.28 - Remote Information Disclosure (Unauthenticated)# Shodan Dork:: inurl:"https://www.shodan.io/search?query=smart+office"# Date: 09/Dec/2022# Exploit Author: Tejas Nitin Pingulkar (https://cvewalkthrough.com/)# Vendor Homepage: https://smartofficepayroll.com/# Software Link: https://smartofficepayroll.com/downloads# Version: Smart Office Web 20.28 and before# CVE Number : CVE-2022-47075 and CVE-2022-47076# CVSS : 7.5 (High)# Reference : https://cvewalkthrough.com/smart-office-suite-cve-2022-47076-cve-2022-47075/# Vulnerability Description:# Smart Office Web 20.28

Tejas nitin pingulkarSmart office webSoftware linkExploit titleRemote information disclosureShodan dorkExploit authorVendor homepageVulnerability descriptionTejas nitin

WordPress Super Socializer 7 13 52 Cross Site Scripting

# Exploit Title: Super Socializer 7.13.52 - Reflected XSS# Dork: inurl: https://example.com/wp-admin/admin-ajax.php?action=the champ sharing count&urls[%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E]=https://www.google.com# Date: 2023-06-20# Exploit Author: Amirhossein Bahramizadeh# Category : Webapps# Vendor Homepage: https://wordpress.org/plugins/super-socializer# Version: 7.13.52 (REQUIRED)# Tested on: Windows/Linux# CVE : CVE-2023-2779import requests# The URL of the vulnerable AJAX endpointurl = "https://example.com/wp-admin/admin-ajax.php"# The vulnerable parameter that is not properly sanitized and escapedvulnerable param = ""#

Amirhossein bahramizadehExploit titleSuper socializerExploit authorVendor homepage

Nokia ASIKA 7 13 52 Private Key Disclosure - KizzMyAnthia com

// Exploit Title: Nokia ASIKA 7.13.52 - Hard-coded private key disclosure// Date: 2023-06-20// Exploit Author: Amirhossein Bahramizadeh// Category : Hardware// Vendor Homepage: https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-25187/// Version: 7.13.52 (REQUIRED)// Tested on: Windows/Linux// CVE : CVE-2023-25187#include #include #include #include #include #include #include #include #include #include #include // The IP address of the vulnerable devicechar host = "192.168.1.1";// The default

Amirhossein bahramizadehExploit titleExploit authorVendor homepage

Symantec SiteMinder WebAgent 12 52 Cross Site Scripting

Exploit Title: Symantec SiteMinder WebAgent v12.52 - Cross-site scripting (XSS)Google Dork: N/ADate: 18-06-2023Exploit Author: Harshit JoshiVendor Homepage: https://community.broadcom.com/homeSoftware Link: https://www.broadcom.com/products/identity/siteminderVersion: 12.52Tested on: Linux, WindowsCVE: CVE-2023-23956Security Advisory: https://support.broadcom.com/external/content/SecurityAdvisories/0/22221 Description: I am writing to report two XSS vulnerabilities (CVE-2023-23956) that I havediscovered in the Symantec SiteMinder WebAgent. The vulnerability isrelated to the improper handling of user input and has

Harshit joshiSymantec siteminder webagentSoftware linkExploit titleSymantec siteminderWeakness enumeration

vimarsana © 2020. All Rights Reserved.