=
MGC ALERT 2017-003
- Original release date: April 06, 2017
- Last revised: April 10, 2017
- Discovered by: Manuel García Cárdenas
- Severity: 7,1/10 (CVSS Base Score)
=
I. VULNERABILITY
-
Hi team,
I would like to request one CVE id for this, thank you!
Details
==
Software: s9y Serendipity
Version: 2.1-rc1
Homepage: https://docs.s9y.org/
===
Description
stored XSS in Serendipity v2.1-rc1 allows attacker steals admin’s cookie and
other informa
Hi,
I'm sorry, I was not aware of the FD group and I was sending all my work to
the developers group (d...@nmap.org). So now, I'm forwarding all my
vulnerability detection and exploitation NSE scripts to this group.
I developed an NSE script for the most recently found vulnerability.
It exploits
NSE Script for exploiting Directory traversal vulnerability in the Elegant
Themes Divi theme for WordPress.
It is marked under CVE-2015-1579.
Its patched for WordPress versions > 4.1.4
This script is under "vuln", "intrusive" and "exploit" categories. So if
someone who scans the website using th
ASUSWRT is a wireless router operating system that powers many routers
produced by ASUS.
NSE scripts for CVE-2017-6547 ( XSS ) and CVE-2017-6549 ( Session stealing
) are developed for AsusWRT.
The script comes under "vuln", "intrusive", "exploit", "dos" categories.
Failed attempts lead to dos att
NSE Script for CVE 2017-6527 which was released on 9th March, 2017.
Description:
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is
vulnerable to a NULL-terminated directory traversal attack allowing an
unauthenticated attacker to access system files readable by the web server
user
