[FD] Hard-coded credentials on ProGrade/Lierda Grill Temperature Monitor [CVE-2019-15304]

[Author:] Tim Tepatti [Website:] tepatti.com [Title:] Hard-coded credentials on ProGrade/Lierda Grill Temperature Monitor [CVE-2019-15304] [Product:] Grill Temperature Monitor [Manufacturer:] ProGrade / Lierda [Affected Version(s):] V1.00_50006 [Tested Version(s):] V1.00_50006 [Vulnerability Typ

[FD] Unquoted Path - Trend Micro

=[ Tempest Security Intelligence - ADV-02/2019 ]== Trend Maximum Security 2019 Author: Silton Santos Tempest Security Intelligence - Recife, Pernambuco - Brazil =[ Table of Contents]= * Overview * Detailed descri

[FD] [CVE-2019-15150] CSRF in MediaWiki extension OAuth2 Client 0.3

[CVE-2019-15150] CSRF in MediaWiki extension OAuth2 Client 0.3 Happy Sunday everyone. A security bulletin for you all. Software: MediaWiki OAuth2 Client (https://github.com/Schine/MW-OAuth2Client) Description: -- MediaWiki implementation of the PHP League's OAuth2 Client, to al

[FD] Realtek Managed Switch Controller RTL83xx

[SOT] [Subject] Realtek Managed Switch Controller (RTL83xx) PoC (2019 bashis) https://www.realtek.com/en/products/communications-network-ics/category/managed-switch-controller [Brief description] 1. Boa/Hydra suffer of exploitable stack overflow with a

[FD] CoreFTP Server FTP / SFTP Server v2 - Build 674 MDTM Directory Traversal (Metasploit) Exploit

# Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 MDTM Directory Traversal (Metasploit) # Google Dork: N/A # Date: 8/21/2019 # Exploit Author: Kevin Randall # Vendor Homepage: https://www.coreftp.com # Software Link: http://www.coreftp.com/server/index.html # Version: Firmware: Core

[FD] CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE Directory Traversal (Metasploit) Exploit

# Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE Directory Traversal (Metasploit) # Google Dork: N/A # Date: 8/20/2019 # Exploit Author: Kevin Randall # Vendor Homepage: https://www.coreftp.com # Software Link: http://www.coreftp.com/server/index.html # Version: Firmware: Core

[FD] CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry

CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry Affected versions: - Apache Tapestry 5.3.6 through current releases. Description: Apache Tapestry uses HMACs to verify the integrity of objects stored on the client side. This was added to address the Java deserialization vuln

[FD] [CFP] Bsides Lisbon 2019

BSidesLisbon is back and we need your help to make it bigger and better once more!! The event will be held in Lisbon (really?) on November 28th and 29th at Auditorio FMD-UL To register go to: *https://cfp.bsideslisbon.org* Speaking slots As in the previous year, w