Forwarded from DailyCVE
π΅Unpatched File upload vulnerability exists in YoudianCMS:
https://dailycve.com/unpatched-file-upload-vulnerability-exists-youdiancms
https://dailycve.com/unpatched-file-upload-vulnerability-exists-youdiancms
Dailycve
Unpatched File upload vulnerability exists in YoudianCMS | CVE
Details:
A device page, a smartphone website, WeChat, APP, and a small software are combined with YouDianCMS. It shares space and synchronizes data automatically. It is an ideal option for five domestic open source sites to be incorporated.
YoudianCMSβ¦
Forwarded from DailyCVE
π΅Unpatched Connex serial server C2000-B2-SFE0101-BB1 has storage XSS vulnerabilities:
https://dailycve.com/unpatched-connex-serial-server-c2000-b2-sfe0101-bb1-has-storage-xss-vulnerabilities
https://dailycve.com/unpatched-connex-serial-server-c2000-b2-sfe0101-bb1-has-storage-xss-vulnerabilities
Dailycve
Unpatched Connex serial server C2000-B2-SFE0101-BB1 has storage XSS vulnerabilities | CVE
Details:
Serial server C2000-B2-SFE0101-BB1 offers serial port to network features that can convert serial port RS-232 to network interface TCP/IP protocols.
The Cognex C2000-B2-SFE0101-BB1 serial server has an XSS storage flaw, which can be abusedβ¦
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ email2phonenumber: get the target's phone number just by having their email address :
"Scrape" - scrape websites for phone numbers, initiating a password reset using the recipient's email address
Generate - Generates a list of valid phone numbers based on the publicly available country phone numbering plan information.
Bruteforce - Loops through a list of phone numbers and initiates a password reset on various websites to retrieve associated masked emails and match them to the victim's address
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/martinvigo/email2phonenumber.git
2) pip install BeautifulSoup requests
Scan sites for phone numbers
3) python email2phonenumber.py scrape -e target@email.co
Create a dictionary of valid phone numbers based on the phone number mask
4) python email2phonenumber.py generate -m 555XXX1234 -o /tmp/dic.txt
5) Find the target's phone number by resetting passwords on websites that do not alert the target using a phone number mask and proxy to avoid captchas and other anti-abuse remedies.
6) python email2phonenumber.py bruteforce -m 777XXX1234 -e target@email.com -p /tmp/proxies.txt -q
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ email2phonenumber: get the target's phone number just by having their email address :
"Scrape" - scrape websites for phone numbers, initiating a password reset using the recipient's email address
Generate - Generates a list of valid phone numbers based on the publicly available country phone numbering plan information.
Bruteforce - Loops through a list of phone numbers and initiates a password reset on various websites to retrieve associated masked emails and match them to the victim's address
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/martinvigo/email2phonenumber.git
2) pip install BeautifulSoup requests
Scan sites for phone numbers
3) python email2phonenumber.py scrape -e target@email.co
Create a dictionary of valid phone numbers based on the phone number mask
4) python email2phonenumber.py generate -m 555XXX1234 -o /tmp/dic.txt
5) Find the target's phone number by resetting passwords on websites that do not alert the target using a phone number mask and proxy to avoid captchas and other anti-abuse remedies.
6) python email2phonenumber.py bruteforce -m 777XXX1234 -e target@email.com -p /tmp/proxies.txt -q
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - martinvigo/email2phonenumber: A OSINT tool to obtain a target's phone number just by having his email address
A OSINT tool to obtain a target's phone number just by having his email address - martinvigo/email2phonenumber
Forwarded from DailyCVE
π΅WPS office has a denial of service vulnerability:
https://dailycve.com/wps-office-has-denial-service-vulnerability
https://dailycve.com/wps-office-has-denial-service-vulnerability
Dailycve
WPS office has a denial of service vulnerability | CVE
Details:
WPS office is a Kingsoft released office app.
The WPS office has a service denial flaw that can be used by attackers to carry out service denial attacks.
Affected Versions:
WPS Office v11.1.0.10214
The Fix:
Wait for new release from:β¦
Forwarded from DailyCVE
π΅Unpatched Jiajia 3GP format converter has dll hijacking vulnerability:
https://dailycve.com/unpatched-jiajia-3gp-format-converter-has-dll-hijacking-vulnerability
https://dailycve.com/unpatched-jiajia-3gp-format-converter-has-dll-hijacking-vulnerability
Dailycve
Unpatched Jiajia 3GP format converter has dll hijacking vulnerability | CVE
Details:
A professional and easy-to-operate 3GP handheld video format converter is the Jiajia 3GP format converter. Various common video formats (3GP, 3G2, 3GPP, MP4, AVI) can be converted easily by the Jiajia 3GP format converter.
The Jiajia 3GP formatβ¦