aymankhalfatni

3 exploits Active since Aug 2017
CVE-2017-7089 NOMISEC MEDIUM STUB
Safari < 10.1.2 - Universal Cross-Site Scripting via Parent-Tab Processing
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that is mishandled during parent-tab processing.
1 stars
CVSS 6.1
CVE-2017-0785 NOMISEC MEDIUM WORKING POC
Android 4.4.4-8.0 - Information Disclosure via Bluetooth
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146698.
CVSS 6.5
CVE-2017-12943 NOMISEC CRITICAL WRITEUP
D-Link DIR-600 B1 v2.x - Unauthenticated Path Traversal via __show_info.php REQUIRE_FILE Parameter
D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the admin password.
CVSS 9.8