HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

insecure

  1. dEEpEst

    WebGoat 8: A deliberately insecure Web Application

    WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by people to learn about application security and penetration...
    • dEEpEst
    • Thread
    • application deliberately insecure web webgoat
    • Replies: 0
    • Forum: Pentesting
  2. 1

    Exploits Carel pCOWeb HVAC Insecure Credential Storage

    The Carel pCOWeb card stores password hashes in the file /etc/passwd, allowing privilege escalation by authenticated users. Additionally, plaintext copies of the passwords are stored. Version A 1.4.11 - B 1.4.2 is affected. View the full article
  3. 1

    Exploits Microsoft Windows Insecure CSharedStream Object Privilege Escalation

    Microsoft Windows suffers from an insecure CSharedStream object privilege escalation vulnerability. View the full article
  4. 1

    Exploits One Identity Defender 5.9.3 Insecure Cryptographic Storage

    One Identity Defender version 5.9.3 suffers from an insecure cryptographic storage vulnerability. View the full article
  5. 1

    Exploits Totaljs CMS 12.0 Insecure Admin Session Cookie

    Totaljs CMS version 12.0 mints an insecure cookie that can be used to crack the administrator password. View the full article
  6. 1

    Exploits Opencart 3.0.3.2 Insecure OCMod Generation Pre-Authentication Remote Code Execution

    Opencart versions 3.0.3.2 and below insecure OCMod generation pre-authentication remote code execution exploit. View the full article
  7. 1

    Exploits Opencart 2.3.0.2 Insecure OCMod Generation Remote Command Execution

    Opencart versions 2.3.0.2 and below suffer from an insecure OCMod generation remote command execution vulnerability. View the full article
  8. 1

    Exploits Microsoft Windows Font Cache Service Insecure Sections

    The Windows Font Cache Service exposes section objects insecurely to low privileged users resulting in elevation of privilege. View the full article
  9. 1

    Exploits Ross Video DashBoard 8.5.1 Insecure Permissions

    Ross Video DashBoard version 8.5.1 suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'M' flag (Modify) or 'C' flag...
  10. 1

    Exploits NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code Execution

    BEopt suffers from a DLL Hijacking issue. The vulnerability is caused due to the application loading libraries (sdl2.dll and libegl.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening a related application file .BEopt located on a remote...
  11. 1

    Exploits OpenMRS Platform Insecure Object Deserialization

    OpenMRS Platform versions prior to 2.24.0 suffers from an insecure object deserialization vulnerability. View the full article
  12. 1

    Exploits OSCI-Transport Library 1.2 1.8.1 Insecure Crypto / Signature Bypass

    OSCI-Transport Library 1.2 for German e-Government versions 1.8.1 and below suffer from an insecure cryptographic implementation and signature bypass vulnerabilities. View the full article
  13. 1

    Exploits LongBox Limited Access Manager Insecure Direct Object Reference

    LongBox Limited Access Manager suffers from an insecure direct object reference vulnerability. This issue affects Access Manager versions 1.2 through 1.4-RG3. It has been addressed in versions greater than or equal to 1.4-RG4. View the full article
  14. 1

    Exploits Microsoft Windows XmlDocument Insecure Sharing Privilege Escalation

    A number of Partial Trust Windows Runtime classes expose the XmlDocument class across process boundaries to less privileged callers which in its current form can be used to elevate privileges and escape the Edge Content LPAC sandbox. View the full article
  15. 1

    Exploits Fortify SSC 17.10 / 17.20 / 18.10 User Detail Insecure Direct Object Reference

    Fortify Software Security Center versions 17.10, 17.20, and 18.10 suffer from an insecure direct object reference vulnerability related to extracting local and ldap users. View the full article
  16. 1

    Exploits Fortify SSC 17.10 / 17.20 / 18.10 Insecure Direct Object Reference

    Fortify Software Security Center versions 17.10, 17.20, and 18.10 suffer from an insecure direct object reference vulnerability. View the full article
  17. 1

    Exploits Photo Nettoyeur 1.4.5 Insecure File Permission

    Photo Nettoyeur version 1.4.5 suffers from an insecure file permission vulnerability. View the full article
  18. 1

    Exploits Lone Wolf loadingDOCS Insecure Permissions

    Lone Wolf loadingDOCS allows remote attackers the ability to download confidential files via simply incrementing a value. View the full article
  19. 1

    Exploits Wisetail Learning Ecosystem 4.11.6 Insecure Direct Object Reference

    Wisetail Learning Ecosystem (LE) versions up to 4.11.6 suffer from multiple insecure direct object reference vulnerabilities that allow an attacker to download files and get access to the non-purchased course quiz test via a modified id parameter. View the full article
  20. 1

    Exploits OSCAR EMR 15.21beta361 XSS / Disclosure / CSRF / Insecure Direct Object Reference

    OSCAR EMR version 15.21beta361 suffers from remote code execution, cross site request forgery, cross site scripting, denial of service, deserialization, remote SQL injection, and path traversal vulnerabilities. View the full article

insecure

insecure

Share this tag

Back
Top