papers

What this paper is This paper is an advisory detailing a Directory Traversal vulnerability in ManageEngine Support Center Plus version 7.8, specifically builds up to and including 7801. The vulnerability allows an unauth

What this paper is This paper describes a local buffer overflow vulnerability in FreeAmp 2.0.7, a music player. Specifically, the vulnerability exists within the tool, which is used to create custom themes for FreeAmp. B

What this paper is This paper, published in 2011, presents a small shellcode (143 bytes) for the SuperH (sh4) architecture. Its purpose is to add a new user named "shell-storm" with the password "toor" to the file. This

What this paper is This paper, published by Trustwave's SpiderLabs in 2011, details a method to bypass the IBM Web Application Firewall (WAF). The bypass exploits how certain web servers and application technologies, spe

What this paper is This paper details a Directory Traversal vulnerability discovered in ManageEngine ServiceDesk Plus version 8.0. This vulnerability allows an attacker to read arbitrary local files on the server by mani

What this paper is This paper details a SQL injection vulnerability found in iSupport version 1.8. It demonstrates how an attacker can exploit this flaw to extract sensitive information from the application's database, s