Twenty Year Anniversary
Showing 1 - 25 of 214 RSS Feed

Files

Packet Storm New Exploits For October, 2012
Posted Nov 1, 2012
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 214 exploits added to Packet Storm in October, 2012.

tags | exploit
systems | linux
MD5 | dc4952350db638a41cbb9acedebb0dd1
Konqueror 4.7.3 Memory Corruption
Posted Oct 31, 2012
Authored by Tim Brown | Site nth-dimension.org.uk

Konqueror version 4.7.3 suffers from a number of memory corruption vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2012-4512, CVE-2012-4513, CVE-2012-4514, CVE-2012-4515
MD5 | f3750e70c776544c1fff83a4d931e3dc
bloofoxCMS 0.3.5 Cross Site Scripting
Posted Oct 31, 2012
Authored by Canberk BOLAT

bloofoxCMS version 0.3.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 5c23259c73260b4e14a632d34f0365b9
UMPlayer 0.98 DLL Hijacking
Posted Oct 31, 2012
Authored by Metropolis

UMPlayer version 0.98 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 5def5838143d96ca68059577c19c50a8
4ColorDesign Cross Site Scripting / SQL Injection
Posted Oct 31, 2012
Authored by Ur0b0r0x

Sites powered by 4ColorDesign suffer from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 09fa297adb6f142a5cc169720f47c8f0
VICOM STUDIO Local File Inclusion / SQL Injection
Posted Oct 31, 2012
Authored by Ur0b0r0x

Sites built by VICOM STUDIO suffer from local file inclusion and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
MD5 | 31051ccb0fdb08c7d776eea99ff126e2
Keshav Infotech Cross Site Scripting / SQL Injection
Posted Oct 31, 2012
Authored by Ur0b0r0x

Sites designed by Keshav Infotech suffer from SQL injection and cross site scripting vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, vulnerability, xss, sql injection
MD5 | 8fdf3d9d9bdf7566a0a2c99b5199d18f
DATA Estudio Cross Site Scripting / SQL Injection
Posted Oct 31, 2012
Authored by Ur0b0r0x

Sites powered by DATA Estudio suffer from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | a13ca89677e05cbc204ce2be996521ac
2Point Solutions XSS / SQL Injection / Local File Inclusion
Posted Oct 31, 2012
Authored by Ur0b0r0x

Sites designed by 2Point Solutions suffer from cross site scripting, remote SQL injection, and local file inclusion vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
MD5 | d4d2c07a9f8dc34bb15bb79c7f916f3c
SIGMA COMPUTERS SQL Injection
Posted Oct 31, 2012
Authored by Ur0b0r0x

Sites created and hosted by SIGMA COMPUTERS suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | 4c9d392b1f2f92c224d76da922d1dfc7
WordPress FoxyPress 0.4.2.5 XSS / CSRF / SQL Injection
Posted Oct 30, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress FoxyPress plugin version 0.4.2.5 suffers from cross site request forgery, cross site scripting, path disclosure, remote shell upload, open redirect, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection, csrf
MD5 | e44f54fc880cd61618e25f10fa7a4eb6
Endpoint Protector 4.0.4.2 Cross Site Scripting
Posted Oct 30, 2012
Authored by Juan Manuel Garcia | Site cybsec.com

CYBSEC Security Advisory - Endpoint Protector version 4.0.4.2 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 9e30aa23cff7ece71856b9c2985d08d1
PG Dating Pro CMS 1.0 Cross Site Scripting / SQL Injection
Posted Oct 30, 2012
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

PG Dating Pro CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 4cc3e4a27b513dbf71098d5af95bf2e6
VaM Shop 1.69 Cross Site Scripting / SQL Injection
Posted Oct 30, 2012
Authored by Security Effect | Site vulnerability-lab.com

VaM Shop version 1.69 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | b14fb8ae4f8e42e35e96117362b8d4e8
Joomla Quiz Cross Site Scripting / SQL Injection
Posted Oct 30, 2012
Authored by Daniel Barragan

The Joomla Quiz component suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 96493e2ca460de737ff4ea37e93753f6
NetCat CMS 5.0.1 Cross Site Scripting / HTTP Parameter Pollution
Posted Oct 30, 2012
Authored by Security Effect | Site vulnerability-lab.com

NetCat CMS version 5.0.1 suffers from cross site scripting and HTTP parameter pollution vulnerabilities.

tags | exploit, web, vulnerability, xss
MD5 | 49723bf8f757bb9d1179eaff1857f333
TP-LINK TL-WR841N Local File Inclusion
Posted Oct 29, 2012
Authored by Matan Azugi

TP-LINK TL-WR841N suffers from a local file inclusion vulnerability. Firmware versions 3.13.9 Build 120201 Rel.54965n and below are affected.

tags | exploit, local, file inclusion
MD5 | 225a2085909e50e1666f8a7262a2b9f0
HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow
Posted Oct 28, 2012
Authored by Luigi Auriemma, juan vazquez | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability in HP Operations Agent for Windows. The vulnerability exists in the HP Software Performance Core Program component (coda.exe) when parsing requests for the 0x8c opcode. This Metasploit module has been tested successfully on HP Operations Agent 11.00 over Windows XP SP3 and Windows 2003 SP2 (DEP bypass). The coda.exe components runs only for localhost by default, network access must be granted through its configuration to be remotely exploitable. On the other hand it runs on a random TCP port, to make easier reconnaissance a check function is provided.

tags | exploit, overflow, tcp
systems | windows, xp
advisories | CVE-2012-2020, OSVDB-83674
MD5 | ed46381d56c1f2696222cd8dc6d151c7
HP Operations Agent Opcode coda.exe 0x34 Buffer Overflow
Posted Oct 28, 2012
Authored by Luigi Auriemma, juan vazquez | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability in HP Operations Agent for Windows. The vulnerability exists in the HP Software Performance Core Program component (coda.exe) when parsing requests for the 0x34 opcode. This Metasploit module has been tested successfully on HP Operations Agent 11.00 over Windows XP SP3 and Windows 2003 SP2 (DEP bypass). The coda.exe components runs only for localhost by default, network access must be granted through its configuration to be remotely exploitable. On the other hand it runs on a random TCP port, to make easier reconnaissance a check function is provided.

tags | exploit, overflow, tcp
systems | windows, xp
advisories | CVE-2012-2019, OSVDB-83673
MD5 | 7858ec8ca434779fa03fa6906c9402c7
ManageEngine Security Manager Plus 5.5 build 5505 SQL Injection
Posted Oct 28, 2012
Authored by egypt, sinn3r, xistence | Site metasploit.com

This Metasploit module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page, which results in remote code execution under the context of SYSTEM in Windows; or as the user in Linux. Authentication is not required in order to exploit this vulnerability.

tags | exploit, remote, code execution, sql injection
systems | linux, windows
MD5 | d3ae3405d31d907b6c62f95cb8355fee
Aladdin Knowledge System Ltd Buffer Overflow
Posted Oct 28, 2012
Authored by b33f

Aladdin Knowledge System Ltd PrivAgent.ocx ChooseFilePath buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
MD5 | bc4b47c4dbd52167097d51c7901c8d01
hMailServer 5.3.3 Remote Denial Of Service
Posted Oct 27, 2012
Authored by John Smith

hMailServer version 5.3.3 IMAP remote crash proof of concept exploit.

tags | exploit, remote, denial of service, imap, proof of concept
MD5 | 2df638a9f43fa0a0d1b181054a93e7af
Microsoft Windows Help Program Memory Corruption
Posted Oct 27, 2012
Authored by coolkaveh

Microsoft Windows Help memory corruption proof of concept exploit.

tags | exploit, proof of concept
systems | windows
MD5 | ddb79cbbfaf49b0527cc98fca9c12e44
Microsoft Office Publisher 2010 Proof Of Concept
Posted Oct 27, 2012
Authored by coolkaveh

Microsoft Office Publisher 2010 crash proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
systems | windows
MD5 | e20641c00bb550c095acc0201d521a27
Microsoft Paint 5.1 Memory Corruption
Posted Oct 27, 2012
Authored by coolkaveh

Microsoft Paint version 5.1 memory corruption proof of concept exploit.

tags | exploit, proof of concept
MD5 | 61fe873739ca7249e1023611092c82fd
Page 1 of 9
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Google Expands Bug Bounty To Include Fraud Protection Bypass
Posted Aug 16, 2018

tags | headline, fraud, flaw, google
Credit Card Skimmers Now Need To Fear The Reaper
Posted Aug 16, 2018

tags | headline, hacker, bank, cybercrime, fraud, conference
The Hackers Hunting Down Missing People
Posted Aug 16, 2018

tags | headline, hacker, privacy, conference
President Trump Relaxes US Cyber-Attack Rules
Posted Aug 16, 2018

tags | headline, government, usa, cyberwar, fbi, nsa, cia
Mystery Russian Satellite's Behavior Raises Alarm In US
Posted Aug 15, 2018

tags | headline, usa, russia, space, cyberwar, spyware
Adobe Fixes Critical Code Execution Flaws In Latest Patch Update
Posted Aug 15, 2018

tags | headline, flaw, adobe, patch
Instagram Hack Is Locking Hundreds Of Users Out Of Their Accounts
Posted Aug 15, 2018

tags | headline, hacker, denial of service, password, facebook
Foreshadow And Intel SGX Software Attestation: The Whole Trust Model Collapses
Posted Aug 15, 2018

tags | headline, flaw, cryptography, intel
Hackers Can Edit Policy Body Cam Footage Without Anybody Noticing
Posted Aug 15, 2018

tags | headline, hacker, government
Google Tracks Users Who Turn Off Location History
Posted Aug 15, 2018

tags | headline, privacy, google, spyware
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close