We understand that it can be very difficult to find managed IT services and support company that covers Apple support, Windows support and Linux support.We use Microsoft Windows, Apple Mac OSX and Various Linux distributions on our own network....

Scanyoursecurity uses vulnerability scanning tools, both commercial and proprietary, as a part of our application assessment process. Vulnerability scanning is one part of our hybrid approach to application assessment. Combined with code review and security testing....

Your security team log many events -- more and more of them all the time. Unfortunately, they don't make much use of these logs except the oldest days when trying to understand something long after it happened.Firewall logs provide threats and traffic behaviour on the network....

Scanyoursecurity Firewall/Router Audit thoroughly evaluates the rule base for known security risks and policy violations. Firewalls and Routers must be implemented and maintained properly. Our Firewall/Router Audit provides a detailed analysis that reduces risks and increases perimeter security....

SCANYOURSECURITY work

Scanyoursecurity is a consultancy responsible for protecting businesses from cyber threats, cyber-attacks, internal threats and business outages. Our technical experts have years of experience in recommending, specifying and implementing IT Security Solutions.

Port scanning is usually done in the initial phase of a penetration test in order to discover all network entry points into the target system. Port scanning is done differently for TCP ports and for UDP ports, which is why we have different tools. Before report, created result would have been completed with False Positive elimination accordingly.

Penetration Testing is to identify the presence of points where a threat (defined by the hacker) can be arranged with existing risks to achieve penetration. Scanyoursecurity helps to prevent penetration by identifying these points and providing effective methods for optimization before they are exploited by malicious hackers.

Last EXPLOITS

Up to Date

  • [webapps] Moodle Jmol Filter 6.1 - Directory Traversal / Cross-Site Scripting
  • [remote] GetSimpleCMS - Unauthenticated Remote Code Execution (Metasploit)
  • [local] Solaris 7/8/9 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)
  • [local] Solaris 7/8/9 (SPARC) - 'dtprintinfo' Local Privilege Escalation (1)
  • [local] Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation
  • [dos] BulletProof FTP Server 2019.0.0.50 - 'Storage-Path' Denial of Service (PoC)
  • [dos] BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service (PoC)
  • [dos] AbsoluteTelnet 10.16 - 'License name' Denial of Service (PoC)
  • [dos] docPrint Pro 8.0 - Denial of Service (PoC)
  • [dos] PCL Converter 2.7 - Denial of Service (PoC)
  • [dos] Encrypt PDF 2.3 - Denial of Service (PoC)
  • [shellcode] Linux x86_64 - Delete File Shellcode (28 bytes)
  • [webapps] eLabFTW 1.8.5 - Arbitrary File Upload / Remote Code Execution
  • [dos] Huawei eSpace 1.1.11.103 - 'ContactsCtrl.dll' / 'eSpaceStatusCtrl.dll' ActiveX Heap Overflow
  • [dos] Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow
  • [local] Huawei eSpace 1.1.11.103 - DLL Hijacking
  • [dos] Huawei eSpace Meeting 1.1.11.103 - 'cenwpoll.dll' SEH Buffer Overflow (Unicode)
  • [webapps] Interspire Email Marketer¬†6.20 - 'surveys_submit.php' Remote Code Execution
  • [local] Iperius Backup 6.1.0 - Privilege Escalation
  • [dos] CEWE Photo Importer 6.4.3 - '.jpg' Denial of Service (PoC)
  • [dos] CEWE Photoshow 6.4.3 - 'Password' Denial of Service (PoC)
  • [dos] Sandboxie 5.30 - 'Programs Alerts' Denial of Service (PoC)
  • [dos] SEL AcSELerator Architect 2.2.24 - CPU Exhaustion Denial of Service
  • [dos] Axessh 4.2 - 'Log file name' Denial of Service (PoC)
  • [dos] ZOC Terminal v7.23.4 - 'Shell' Denial of Service (PoC)
  • [dos] ZOC Terminal v7.23.4 - 'Private key file' Denial of Service (PoC)
  • [dos] ZOC Terminal 7.23.4 - 'Script' Denial of Service (PoC)
  • [local] JetAudio jetCast Server 2.0 - 'Log Directory' Local SEH Alphanumeric Encoded Buffer Overflow
  • [dos] WeChat for Android 7.0.4 - 'vcodec2_hls_filter' Denial of Service
  • [webapps] DeepSound 1.0.4 - SQL Injection
  • [local] VMware Workstation 15.1.0 - DLL Hijacking
  • [webapps] Legrand BTicino Driver Manager F454 1.0.51 - Cross-Site Request Forgery / Cross-Site Scripting
  • [webapps] CommSy 8.6.5 - SQL injection
  • [dos] Tomabo MP4 Converter 3.25.22 - Denial of Service (PoC)
  • [webapps] PasteShr 1.6 - Multiple SQL Injection
  • [webapps] Schneider Electric U.Motion Builder 1.3.4 - 'track_import_export.php object_id' Unauthenticated Command Injection
  • [dos] TwistedBrush Pro Studio 24.06 - '.srp' Denial of Service (PoC)
  • [dos] TwistedBrush Pro Studio 24.06 - 'Script Recorder' Denial of Service (PoC)
  • [dos] TwistedBrush Pro Studio 24.06 - 'Resize Image' Denial of Service (PoC)
  • [dos] Selfie Studio 2.17 - 'Resize Image' Denial of Service (PoC)
  • [webapps] D-Link DWL-2600AP - Multiple OS Command Injection
  • [webapps] Sales ERP 8.1 - Multiple SQL Injection
  • [remote] PHP-Fusion 9.03.00 - 'Edit Profile' Remote Code Execution (Metasploit)
  • [webapps] OpenProject 5.0.0 - 8.3.1 - SQL Injection
  • [dos] Google Chrome V8 - Turbofan JSCallReducer::ReduceArrayIndexOfIncludes Out-of-Bounds Read/Write
  • [webapps] XOOPS 2.5.9 - SQL Injection
  • [webapps] SOCA Access Control System 180612 - Cross-Site Request Forgery (Add Admin)
  • [webapps] SOCA Access Control System 180612 - SQL Injection
  • [webapps] SOCA Access Control System 180612 - Information Disclosure
  • [dos] DNSS 2.1.8 - Denial of Service (PoC)