[FD] RCE in CGI Servlet – Apache Tomcat on Windows – CVE-2019-0232

[Original post: https://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232/] SUMMARY Apache Tomcat has a vulnerability in the CGI Servlet which can be exploited to achieve remote code execution (RCE). This is only

[FD] [SYSS-2019-005]: ABUS Secvest - Proximity Key - Cryptographic Issues (CWE-310)

Advisory ID: SYSS-2019-005 Product: ABUS Secvest (FUAA5) Manufacturer: ABUS Affected Version(s): v3.01.01 Tested Version(s): v3.01.01 Vulnerability Type: Cryptographic Issues (CWE-310) Risk Level: Medium Solution Status: Open Manufacturer Notification: 2019-03-15 Solution Date: - Public

[FD] OneShield - Policy Solutions - Dragon Framework Persistent XSS in Framework Textboxes

# Exploit Title: Dragon - Persistent XSS in Framework Textboxes # Date: 12/28/2018 # Vendor Homepage: https://oneshield.com # Software Link: https://oneshield.com/business-solutions/oneshield-pc-solutions/oneshield-policy/ # Version: 5.0, 5.1 # Tested on: 5.1 # Exploit Author: Josh Sheppard #

[FD] OneShield - Policy Solutions - Dragon Framework Log Poisoning

# Exploit Title: Dragon - Log Poisoning # Date: 12/28/2018 # Vendor Homepage: https://oneshield.com # Software Link: https://oneshield.com/business-solutions/oneshield-pc-solutions/oneshield-policy/ # Version: 5.0, 5.1 # Tested on: 5.1 # Exploit Author: Josh Sheppard # Exploit Contact: ghost ()

[FD] Windows PowerShell ISE / Filename Parsing Flaw Remote Code Execution 0day

[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/WINDOWS-POWERSHELL-ISE-FILENAME-PARSING-FLAW-RCE-0DAY.txt [+] ISR: ApparitionSec [+] Zero Day Initiative Program [Vendor] www.microsoft.com [Product] Windows