exploit the possibilities

Recent Files

Files RSS Feed
TestSSL 3.0rc4
Posted Feb 19, 2019
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This is the fourth release candidate of testssl.sh 3.0 to reflect changes. All distributors and others who use it also for production-like environment are encouraged to switch to this branch as 2.9.5 won't be supported anymore once 3.0 has been released. Various other updates and fixes.
tags | tool, scanner, protocol, bash
systems | unix
Belkin Wemo UPnP Remote Code Execution
Posted Feb 19, 2019
Authored by wvu, phikshun | Site metasploit.com

This Metasploit module has been tested on a Wemo-enabled Crock-Pot, but other Wemo devices are known to be affected, albeit on a different RPORT (49153).

tags | exploit
FaceTime Texture Processing Memory Corruption
Posted Feb 19, 2019
Authored by Google Security Research, natashenka

FaceTime suffers from a memory corruption vulnerability in texture processing.

tags | exploit
Microsoft Edge Insecure click2play Whitelist
Posted Feb 19, 2019
Authored by Ivan Fratric, Google Security Research

Microsoft Edge has an issue where the default flash click2play whitelist is insecure.

tags | advisory
Android seccomp Filter Ptrace Hole
Posted Feb 19, 2019
Authored by Jann Horn, Google Security Research

On Android, a ptrace hold makes the seccomp filter useless on devices with a kernel with a version lower than 4.8.

tags | exploit, kernel
Red Hat Security Advisory 2019-0373-01
Posted Feb 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0373-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.5.1 ESR. Issues addressed include integer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2019-0380-01
Posted Feb 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0380-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.6 serves as a replacement for Red Hat Single Sign-On 7.2.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 Privilege Escalation
Posted Feb 19, 2019
Authored by Mike Siegel

MaxxAudio Drivers WavesSysSvc64.exe version 1.6.2.0 suffers from a file permission privilege escalation vulnerability that results in SYSTEM level access.

tags | exploit
Typo3 CMS Shop System tt_products 2.9.4 SQL Injection
Posted Feb 19, 2019
Authored by KingSkrupellos

Typo3 CMS Shop System tt_products version 2.9.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Jenkins Remote Code Execution
Posted Feb 19, 2019
Authored by Orange

This write up contains details on how to perform remote code execution within Jenkins.

tags | exploit, remote, code execution
Webiness Inventory 2.3 Arbitrary File Upload
Posted Feb 19, 2019
Authored by Mehmet Emiroglu

Webiness Inventory version 2.3 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
Typo3 CMS T3 EasyEvent tx_easyevent_pi1 0.37.3 SQL Injection
Posted Feb 19, 2019
Authored by KingSkrupellos

Typo3 CMS T3 EasyEvent tx_easyevent_pi1 version 0.37.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
WordPress WooCommerce GloBee Payment Gateway 1.1.1 Bypass / Spoofing
Posted Feb 19, 2019
Authored by GeekHack

WordPress WooCommerce plugin with GloBee cryptocurrency payment gateway versions 1.1.1 and below suffer from payment bypass and unauthorized order status spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, bypass
Typo3 CMS Realty Manager tx_realty_pi1 2.0.0 Database Disclosure / SQL Injection
Posted Feb 19, 2019
Authored by KingSkrupellos

Typo3 CMS Realty Manager tx_realty_pi1 version 2.0.0 suffers from database disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
Zoho ManageEngine ServiceDesk Plus (SDP) Arbitrary File Upload
Posted Feb 19, 2019
Authored by Dao Duy Hung

Zoho ManageEngine ServiceDesk Plus (SDP) versions prior to 10.0 build 10012 suffer from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
Typo3 CMS Commerce DAM connector tx_commerce_pi1 0.1.0 SQL Injection
Posted Feb 19, 2019
Authored by KingSkrupellos

Typo3 CMS Commerce DAM connector tx_commerce_pi1 version 0.1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 Traversal / XSS
Posted Feb 19, 2019
Authored by Rafael Pedrero

Zoho ManageEngine Netflow Analyzer Professional version 7.0.0.2 suffers from cross site scripting and path traversal vulnerabilities.

tags | exploit, vulnerability, xss
XAMPP 5.6.8 Cross Site Scripting / SQL Injection
Posted Feb 19, 2019
Authored by Rafael Pedrero

XAMPP version 5.6.8 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
NetSetMan 4.7.1 Denial Of Service
Posted Feb 19, 2019
Authored by Victor Mondragon

NetSetMan version 4.7.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
Typo3 Calendar Base tx_pxkalender_pi1 2.0.0 Database Disclosure / SQL Injection
Posted Feb 19, 2019
Authored by KingSkrupellos

Typo3 Calendar Base tx_pxkalender_pi1 version 2.0.0 suffers from database disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
Typo3 CMS BrowserMaps Leaflet Tutorial tx_browser_pi1 8.0.39 SQL Injection
Posted Feb 19, 2019
Authored by KingSkrupellos

Typo3 CMS BrowserMaps Leaflet Tutorial tx_browser_pi1 version 8.0.39 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Joomla JWallPapers 2.0.1 Cross Site Request Forgery / Shell Upload
Posted Feb 19, 2019
Authored by KingSkrupellos

Joomla JWallPapers component version 2.0.1 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
eDirectory SQL Injection / File Disclosure
Posted Feb 19, 2019
Authored by Efren Diaz

eDirectory suffers from file disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
BulletProof FTP Server 2019.0.0.50 Denial Of Service
Posted Feb 19, 2019
Authored by Victor Mondragon

BulletProof FTP Server version 2019.0.0.50 suffers from a denial of service vulnerability.

tags | exploit, denial of service
Valentina Studio 9.0.4 Denial Of Service
Posted Feb 19, 2019
Authored by Victor Mondragon

Valentina Studio version 9.0.4 suffers from a denial of service vulnerability.

tags | exploit, denial of service
View Older Files →

Recent News

News RSS Feed
UK Lawmakers Say Facebook Broke Rules, Should Be Regulated
Posted Feb 18, 2019

tags | headline, government, privacy, britain, data loss, facebook, social
Australian Political Parties Hit By State Actor Hack
Posted Feb 18, 2019

tags | headline, hacker, government, australia, cyberwar
Special Counsel Robert Mueller Questioned Ex-Cambridge Analytica Director
Posted Feb 18, 2019

tags | headline, government, usa, russia, fraud, facebook, fbi
Google Earth Accidentally Reveals Secret Military Sites
Posted Feb 18, 2019

tags | headline, government, data loss, cyberwar, google, spyware, taiwan, military
GAO Gives Congress Go-Ahead For A GDPR-Like Legislation
Posted Feb 16, 2019

tags | headline, government, privacy, usa
FB Tackles Databases Leaking Over A Million User Records
Posted Feb 15, 2019

tags | headline, privacy, database, data loss, flaw, facebook
Facebook May Face Multi-Billion Dollar US Fine Over Privacy Lapses
Posted Feb 15, 2019

tags | headline, government, privacy, usa, data loss, fraud, facebook
Mobile Networks Call For 5G Security Inspector
Posted Feb 15, 2019

tags | headline, phone
JP Morgan Is Creating A Cryptocurrency Pegged To The Dollar
Posted Feb 15, 2019

tags | headline, bank, usa, cryptography
Thousands Of Android Apps Permanently Record Your Online Activity For Ad Targeting
Posted Feb 15, 2019

tags | headline, privacy, phone, data loss, google, spyware
View More News →

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    32 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close