exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Recent Files

Files RSS Feed
Backdoor.Win32.Delf.eg MVID-2022-0647 Remote Command Execution
Posted Oct 3, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Delf.eg malware suffers from an unauthenticated remote command execution vulnerability.

tags | exploit, remote
systems | windows
Joomla Rentalot Plus 19.05 Cross Site Scripting
Posted Oct 3, 2022
Authored by CraCkEr

Joomla Rentalot Plus extension version 19.05 suffers from a cross site scripting vulnerability.

tags | exploit, xss
Backdoor.Win32.NTRC MVID-2022-0646 Hardcoded Credential
Posted Oct 3, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.NTRC malware suffers from a hardcoded credential vulnerability.

tags | exploit
systems | windows
Password Manager For IIS 2.0 Cross Site Scripting
Posted Oct 3, 2022
Authored by VP4TR10T

Password Manager for IIS version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
Joomla MarvikShop ShoppingCart 3.4 Cross Site Scripting
Posted Oct 3, 2022
Authored by CraCkEr

Joomla MarvikShop ShoppingCart extension version 3.4 suffers from a suffers from a cross site scripting vulnerability.

tags | exploit, xss
Joomla MarvikShop ShoppingCart 3.4 SQL Injection
Posted Oct 3, 2022
Authored by CraCkEr

Joomla MarvikShop ShoppingCart extension version 3.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Google Chrome 103.0.5060.53 network::URLLoader::NotifyCompleted Heap Use-After-Free
Posted Oct 3, 2022
Authored by Google Security Research, Glazvunov

Google Chrome version 103.0.5060.53 (Official Build) and Chromium version 105.0.5148.0 (Developer Build) (64-bit) suffer from a network::URLLoader::NotifyCompleted heap use-after-free vulnerability.

tags | exploit
Google Chrome 103.0.5060.53 Autofill Assistant Universal Cross Site Scripting
Posted Oct 3, 2022
Authored by Google Security Research, Glazvunov

Google Chrome version 103.0.5060.53 suffers from an Autofill Assistant universal cross site scripting vulnerability.

tags | exploit, xss
Windows Kerberos RC4 MD4 Encryption Downgrade Privilege Escalation
Posted Oct 3, 2022
Authored by James Forshaw, Google Security Research

The Windows KDC allows an interposing attacker to downgrade to RC4 MD4 encryption in compromising the user's TGT session key resulting in escalation of privilege.

tags | advisory
systems | windows
Joomla JKassa ShoppingCart 2.0.0 SQL Injection
Posted Oct 3, 2022
Authored by CraCkEr

Joomla JKassa ShoppingCart extension version 2.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Joomla Easy Shop 1.4.1 Cross Site Scripting
Posted Oct 3, 2022
Authored by CraCkEr

Joomla Easy Shop extension version 1.4.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
Joomla JUX Charity Hub 1.0.4 SQL Injection
Posted Oct 3, 2022
Authored by CraCkEr

Joomla JUX Charity Hub extension version 1.0.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Packet Storm New Exploits For September, 2022
Posted Oct 1, 2022
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 118 exploits added to Packet Storm in September, 2022.

tags | exploit
Ubuntu Security Notice USN-5650-1
Posted Oct 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5650-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
Ubuntu Security Notice USN-5648-1
Posted Oct 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5648-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability, protocol
systems | linux, ubuntu
ZKSecurity BIO 3.0.5.0_R Privilege Escalation
Posted Oct 1, 2022
Authored by Silton Santos, Caio Burgardt

ZKSecurity BIO version 3.0.5.0_R suffers from a privilege escalation vulnerability.

tags | exploit
ZKSecurity BIO 4.1.2 SQL Injection / Code Execution
Posted Oct 1, 2022
Authored by Silton Santos, Caio Burgardt

ZKSecurity BIO version 4.1.2 suffers from a remote SQL injection vulnerability that can allow for remote code execution.

tags | exploit, remote, code execution, sql injection
Centreon 22.04.0 Cross Site Scripting
Posted Oct 1, 2022
Authored by syad

Centreon version 22.04.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
GuppY CMS 6.00.10 Shell Upload
Posted Oct 1, 2022
Authored by Chokri Hammedi

GuppY CMS version 6.00.10 suffers from an authenticated remote shell upload vulnerability.

tags | exploit, remote, shell
Joomla MyMuse 4.3.0 SQL Injection
Posted Oct 1, 2022
Authored by CraCkEr

Joomla MyMuse extension version 4.3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Joomla JS Jobs Pro 1.3.6 SQL Injection
Posted Oct 1, 2022
Authored by CraCkEr

Joomla JS Jobs Pro extension version 1.3.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Joomla jMarket 5.15 Cross Site Scripting
Posted Oct 1, 2022
Authored by CraCkEr

Joomla jMarket extension version 5.15 suffers from a cross site scripting vulnerability.

tags | exploit, xss
Gentoo Linux Security Advisory 202209-27
Posted Sep 30, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202209-27 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions less than 102.3.0:esr are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
Gentoo Linux Security Advisory 202209-20
Posted Sep 30, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202209-20 - Multiple vulnerabilities have been discovered in PHP, the worst of which could result in local root privilege escalation. Versions less than 7.4.30:7.4 are affected.

tags | advisory, local, root, php, vulnerability
systems | linux, gentoo
Gentoo Linux Security Advisory 202209-24
Posted Sep 30, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202209-24 - Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution. Versions less than 2.4.9 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
View Older Files →

Recent News

News RSS Feed
Microsoft Says Fix For Two Exchange Zero Days On Accelerated Timeline
Posted Oct 1, 2022

tags | headline, hacker, microsoft, email, data loss, flaw
Rights Groups Say Pentagon Is Buying Its Way Around The 4th Amendment
Posted Oct 1, 2022

tags | headline, government, privacy, usa
This Is The GrayKey 2.0, The Tool Cops Use To Hack Phones
Posted Oct 1, 2022

tags | headline, government, privacy, phone, google, password, spyware, apple, cryptography
Gone In A Day: Ethical Hackers Say It Would Take Mere Hours To Empty Your Network
Posted Oct 1, 2022

tags | headline, hacker, data loss, flaw
NYPD Considers Using Encryption To Block Public From Radio Scanner Broadcasts
Posted Sep 30, 2022

tags | headline, government, usa
Microsoft Warns Of North Korean Crew Posing As LinkedIn Recruiters
Posted Sep 30, 2022

tags | headline, microsoft, cyberwar, korea
Exchange Server Zero-Day Being Actively Exploited
Posted Sep 30, 2022

tags | headline, hacker, microsoft, email, flaw, zero day
MI5 Website Briefly Hit By Denial Of Service Attack
Posted Sep 30, 2022

tags | headline, government, britain, denial of service, spyware
FBI Arrests Former NSA Employee For Trying To Sell Top Secret Documents
Posted Sep 30, 2022

tags | headline, government, usa, data loss, spyware, fbi, nsa
Ex-eBay Execs Jailed For Cyberstalking Web Critics
Posted Sep 30, 2022

tags | headline, privacy, spyware, ebay
View More News →

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close