 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 184
 Members: 0
 Total: 184
|
|
|
|
|
|
Full disclosure |
|
CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS
apis.google.com - Insecure redirect via __lu parameter(exploited in the wild)
Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a
Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal
[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files
CVE-2025-59397 - Open Web Analytics SQL Injection
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Defense in depth -- the Microsoft way (part 93): SRP/SAFERwhitelisting goes black on Windows 11
Re: [FD]: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib
Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow
|
|
|
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
| sljyro |
|
| Replies: 14 |
| Views: 92227 |
|
|
 |
|
 |
|
| hey... my question is: how can i get the version if the URL is not like site.com/forum... it's 'site'.forump.com... i did: 'site'.forump.com/doc/CHANGELOG.html but it doesn't works... how can i get th ... |
|
|
|
|
| why dont you just upgrade it to a 2.0.21 so then you dont have to test anything? |
|
|
|
|
| thats true, but then what if they update their version without uploading the docs? |
|
|
|
|
get 'Steganos Internet Anonym' software ([url=http://www.steganos.com/?product=siao&language=en]info here)
so then you can start viewing the forum and register again if you wish.
now you can ... |
|
|
|
| sljyro |
|
| Replies: 4 |
| Views: 10435 |
|
|
|
|
|
|
set up any phpBB forum version, and once you have the users registered, do a full backup of your database.
open the database file, search for the user name, and you will see a md5 hash for each use ... |
|
|
|
| sljyro |
|
| Replies: 5 |
| Views: 19352 |
|
|
|
|
|
|
can anyone give a slight insight on this one too? i keep getting the same problem as the above user.
thanks |
|
|
|
| sljyro |
|
| Replies: 6 |
| Views: 16200 |
|
|
|
|
|
|
this is as far as i can go, im new to this myself. ive tried couple of perl scripts and cookie exploits here and there, and thats about it 
there might be another way, but im not familiar with it ... |
|
|
|
| sljyro |
|
| Replies: 6 |
| Views: 16200 |
|
|
|
|
|
|
try this, it says 2.0.13 or lower versions
http://www.milw0rm.com/exploits/907
its to get a md5 hash of any user, thus giving you the chance to crack the password
if you want more, just check t ... |
|
|
|
| sljyro |
|
| Replies: 6 |
| Views: 16200 |
|
|
|
|
|
|
why do you want to test if it's secure? after 2 days of research you should know its one of the most vulnerable versions. there's loads of perl sripts too i think.
if its your board, why not upgrad ... |
|
|
|
| sljyro |
|
| Replies: 24 |
| Views: 47884 |
|
|
|
|
|
|
| yeah thats exactly what i dont understand about this exploit. it says you need a sid, but to get that in 2.0.20 (with html 99% off including admin inbox) no one knows. so how can this work in the firs ... |
|
|
|
| sljyro |
|
| Replies: 24 |
| Views: 47884 |
|
|
|
|
|
|
| yeah i would like to know the above too, thanks. |
|
|
|
| sljyro |
|
| Replies: 3 |
| Views: 10246 |
|
|
|
|
|
|
the only thing i can think of is getting access to the admin account, then you can just view anything you want, but this method relies on quite a few 'if this and if that'
try using the following m ... |
|
|
|
| sljyro |
|
| Replies: 14 |
| Views: 92227 |
|
|
|
|
|
|
| if its jan, could be a 2.0.18 or .19 |
|
|
|
| sljyro |
|
| Replies: 14 |
| Views: 92227 |
|
|
|
|
|
|
well theres a flaw with that, the use might have updated the forum, but not the docs, which happens in many cases. so that way is never 100%.
if it doesnt work (and you are sure its a phpBB and put ... |
|
|
|
|
it has probably been upgraded, because when you upgrade, the docs dont necessarily change if not updated by the user. try higher exploits, it might even be a 2.0.20
and can you please take the link ... |
|
|
| Page 1 of 4 |
Goto page 1, 2, 3, 4Next
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
