HP Intelligent Management Center v5.1: Bypassing javax.faces.ViewState CSRF Protection
Have you read my last advisory about the HP Intelligent Management Center v5.1 E0202 topoContent.jsf Non-Persistent Cross-Site Scripting Vulnerability ? You ...
Recent posts
Photodex ProShow Producer Vulnerability #5: Insecure Library Loading
This is a sweet vulnerability, because all ProShow installations on all Microsoft Windows operating systems up to Windows 8 are exploitable!
Photodex ProShow Producer Vulnerability #4: SEH-Based Buffer Overflow (.PXT)
And here’s the next one. A SEH-based Buffer Overflow - exploitable on all 32bit windows systems out there :-). The application does not validate (again, but ...
Yet Another Photodex ProShow Producer Code Execution Vulnerability
After my last advisory about the ProShow Producer application by Photodex and the nice Metasploit module created by mr.pr0n, I decided to dig deeper into thi...