what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 214 RSS Feed

Files

CMSMini 0.2.2 Cross Site Scripting
Posted Oct 20, 2012
Authored by Canberk BOLAT | Site netsparker.com

CMSMini version 0.2.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | f5da4cbc8cbc824b7ed61fc5f7a9bebf79ae67af2d38be1895760605a582277c
Download | Favorite | View
Gong Interactive Web Design SQL Injection
Posted Oct 20, 2012
Authored by Siamak.Black

Sites by Gong Interactive Web Design suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, web, sql injection
SHA-256 | e7a94c0eee3c490f988f7f466774a47013976e5337b1a8c90293f3a0ddf784c6
Download | Favorite | View
NetBoot SQL Injection
Posted Oct 20, 2012
Authored by Taurus Omar

Sites designed by NetBoot suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | cf004ef90425b9d333afd5ab881acf46aea6d456eb30cb0ce543bb088e17aef4
Download | Favorite | View
CMSQLITE 1.3.2 LFI / XSS / Cross Site Request Forgery
Posted Oct 20, 2012
Authored by Katharina S.L., Vulnerability Laboratory | Site vulnerability-lab.com

CMSQLITE version 1.3.2 suffers from cross site request forgery, cross site scripting, and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion, csrf
SHA-256 | f67e0f24e0b816f207d07aa488299c941e15ae4aad66b60fe203bdb58e7b8a2e
Download | Favorite | View
ManageEngine Security Manager Plus 5.5 SQL Injection
Posted Oct 19, 2012
Authored by xistence

ManageEngine Security Manager Plus versions 5.5 build 5505 remote SYSTEM/root SQL injection exploit that spawns a shell.

tags | exploit, remote, shell, root, sql injection
SHA-256 | 6d2a8bcbddb1c5a2fce72265db430d93c35c4e46841e736af9eb65ee5db7fa47
Download | Favorite | View
ManageEngine Security Manager Plus 5.5 Traversal
Posted Oct 19, 2012
Authored by xistence

ManageEngine Security Manager Plus versions 5.5 build 5505 and below suffer from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | fa2c630e11d919d9d1b121504583b9b23aae97d94b41855b33e036271a53318b
Download | Favorite | View
ManageEngine Security Manager Plus 5.5 Build 5505 Code Execution
Posted Oct 19, 2012
Authored by xistence | Site metasploit.com

This Metasploit module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page. It will send a malicious SQL query to create a JSP file under the web root directory, and then let it download and execute our malicious executable under the context of SYSTEM. No authentication is necessary to exploit this.

tags | exploit, web, root, sql injection
SHA-256 | e2984c80e9b18bcfe0bf36c7deb7a463e4967710e4784d8a20eb3c7da32c323b
Download | Favorite | View
Joomla Commedia 3.1 SQL Injection
Posted Oct 19, 2012
Authored by Daniel Barragan

Joomla Commedia component version 3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 770a367b7480f324da5c7b2384c0f9976eb34880bfcc80a40d8be7b9a89c5974
Download | Favorite | View
Joomla Freestyle Support 1.9 SQL Injection
Posted Oct 19, 2012
Authored by Daniel Barragan

Joomla Freestyle Support component version 1.9.1.1447 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f435492e3f19abf07fe1c8d0509f446005f9930040bdd4c5203fed8c6a03ce2b
Download | Favorite | View
Joomla Tag SQL Injection
Posted Oct 19, 2012
Authored by Daniel Barragan

Joomla Tag component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 875f404515cc1703d07d6e1a0aa5738d22364d54f7524668ebfc08b3b5ea72e9
Download | Favorite | View
Legrand-003598 / Bticino-F454 Credential Disclosure
Posted Oct 18, 2012
Authored by Raphael Jacquot

Legrand-003598 / Bticino-F454 SCS web gateways both suffer from a remote credential disclosure vulnerability. Firmware 1.00.26 is affected.

tags | exploit, remote, web, info disclosure
SHA-256 | d6185b9eb25be09a765c927c9bc8f42fe2ece151cc5b0263894d654d49f4bad1
Download | Favorite | View
Oracle Database Authentication Protocol Security Bypass
Posted Oct 18, 2012
Authored by Esteban Martinez Fayo

Oracle database versions 11g R1 and R2 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2012-3137
SHA-256 | 3d1df41aeb031aab2d0c70fea0157cca30e1d068514cdf4a5bae58085165fa55
Download | Favorite | View
OTRS 3.1 Cross Site Scripting
Posted Oct 18, 2012
Authored by Mike Eduard

OTRS version 3.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-4751
SHA-256 | 90cc7b3448335eda36a48606a4d71aca4b926d5b562d231783f18d701119c009
Download | Favorite | View
Wordpress Social Discussions 6.1.1 File Inclusion / Path Disclosure
Posted Oct 18, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress Social Discussions plugin version 6.1.1 suffers from local file inclusion, path disclosure, and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion
SHA-256 | 6933e3b623f1553697b15b2ffeb7d2791b92487442eb60c7da616d9ff9df1f71
Download | Favorite | View
WordPress Slideshow 2.1.12 Cross Site Scripting / Path Disclosure
Posted Oct 18, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress Slideshow plugin versions 2.1.12 and below suffer from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | da1af48b7e10782660bd99d291eaed392728e957f960e5ad28cedbd89efdf24e
Download | Favorite | View
Amateur Photographer's Image Gallery 0.9a XSS / SQL Injection
Posted Oct 18, 2012
Authored by cr4wl3r

Amateur Photographer's Image Gallery version 0.9a suffers from cross site scripting, remote file disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, info disclosure
SHA-256 | 5f9f29a0eb56a1f97678a27b19ab175cb15181cbf062a2ab9a42ed9109a05cc0
Download | Favorite | View
BSW Gallery Shell Upload
Posted Oct 18, 2012
Authored by cr4wl3r

BSW Gallery suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | cbe491d9281409a8c67abca0c387d9207d4efea38e9e436208e034927e06a8fb
Download | Favorite | View
jCore 1.0pre Cross Site Scripting / SQL Injection
Posted Oct 18, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

jCore version 1.0pre suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2012-4231, CVE-2012-4232
SHA-256 | 6b5298a41aa2820b67dc3beb4a6b02db1aaee7603772138dd6228a587a308157
Download | Favorite | View
Subrion CMS 2.2.1 XSS / CSRF / SQL Injection
Posted Oct 18, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Subrion CMS version 2.2.1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
advisories | CVE-2012-4771, CVE-2012-4772, CVE-2012-4773
SHA-256 | a3cf7fcdf1b5f6d220a577633d480f22b716b77a1b6f6819efe7e82d7b6fc0dd
Download | Favorite | View
ATutor AContent 1.2 XSS / Authentication / SQL Injection
Posted Oct 18, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

ATutor AContent versions 1.2 and below suffer from improper authentication, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2012-5167, CVE-2012-5168, CVE-2012-5169
SHA-256 | f884299c5d9976c978753e2b78b0f47541e45479ec64ddb6f85cd4a678ba506e
Download | Favorite | View
Internet Explorer 9 XSS Filter Bypass
Posted Oct 18, 2012
Authored by Jean Pascal Pereira

Internet Explore 9 suffers from a cross site scripting filter bypass vulnerability.

tags | exploit, xss, bypass
SHA-256 | 7efa996042e8eed00bc79381471e8b40fc3c777a09a054edbce6d231f7849cde
Download | Favorite | View
Oracle WebCenter Sites (AKA FatWire) XSS / SQL Injection / CSRF
Posted Oct 17, 2012
Authored by F. Lukavsky | Site sec-consult.com

Oracle WebCenter Sites (formerly FatWire Content Server) suffers from remote SQL injection, cross site scripting, cross site request forgery, and authorization vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
advisories | CVE-2012-3183, CVE-2012-3184, CVE-2012-3185, CVE-2012-3186
SHA-256 | 2e58dbac366be3ceaec1dea852ec97d169c2fb12f50938bea3432feb91ee6b9b
Download | Favorite | View
Unirgy uStoreLocator Magento Extension SQL Injection
Posted Oct 17, 2012
Authored by Kestutis Gudinavicius | Site sec-consult.com

Unirgy uStoreLocator Magento extension versions 2.0.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6e4abf5adbbbb92200ba426805348f157961e9a3deb1da91504764ab97eddb22
Download | Favorite | View
ModSecurity 2.6.8 Bypass
Posted Oct 17, 2012
Authored by Bernhard Mueller | Site sec-consult.com

ModSecurity versions 2.6.8 and below suffer from a bypass vulnerability.

tags | exploit, bypass
SHA-256 | 66c7ba1fb6e21281df0d67d03466172c7721ec5b0b8347c4d7e744906b811185
Download | Favorite | View
Symphony CMS 2.3 XSS / SQL Injection / Disclosure
Posted Oct 17, 2012
Authored by Wireghoul | Site justanotherhacker.com

Symphony CMS version 2.3 suffers from cross site scripting, path disclosure, remote shell upload, token brute force, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
SHA-256 | 2b1824a17383c70bba1e1643ea148290b08e042f50a7123cb88114364f39cfc2
Download | Favorite | View
Page 4 of 9
Back23456Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Juniper Networks Publishes Dozens Of New Security Advisories
Posted Apr 15, 2024

tags | headline, flaw, juniper
Favorite | View
LockBit Copycat DarkVault Spurs Rebranding Rumor
Posted Apr 12, 2024

tags | headline, hacker, malware, cybercrime, fraud, cryptography
Favorite | View
French Issue Alerte Rouge After Local Govs Knocked Offline By Cyberattack
Posted Apr 12, 2024

tags | headline, government, denial of service, france
Favorite | View
More Legal Acrimony For Truth Social, As Executive Says He Was Hacked
Posted Apr 12, 2024

tags | headline, hacker, password, social
Favorite | View
Palo Alto Networks Warns Of Exploited Firewall Vulnerability
Posted Apr 12, 2024

tags | headline, hacker, flaw
Favorite | View
Roku Says More Than 500,000 Accounts Impacted In Cyberattack
Posted Apr 12, 2024

tags | headline, hacker, privacy, data loss, flaw
Favorite | View
US Government On High Alert As Russian Hackers Steal Critical Correspondence From Microsoft
Posted Apr 12, 2024

tags | headline, hacker, government, microsoft, email, usa, russia, data loss, cyberwar
Favorite | View
Apple Drops Term State-Sponsored Attacks From Its Threat Notification Policy
Posted Apr 11, 2024

tags | headline, government, privacy, phone, india, cyberwar, spyware, apple
Favorite | View
Google Cloud Unveils New AI-Powered Security Capabilities
Posted Apr 11, 2024

tags | headline, botnet, google
Favorite | View
Fortinet Patches FortiClientLinux Critical RCE Vulnerability
Posted Apr 11, 2024

tags | headline, flaw, patch
Favorite | View
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close