Exploit the possiblities
Showing 1 - 25 of 165 RSS Feed

Files

Packet Storm New Exploits For March, 2013
Posted Apr 1, 2013
Authored by Todd J. | Site packetstormsecurity.org

This archive contains all of the 164 exploits added to Packet Storm in March, 2013.

tags | exploit
systems | linux
MD5 | 8cfd9959b93f4bd326b9c0270f543519
Portal Web Services CRLF Injection / XSS
Posted Mar 31, 2013
Authored by Ashiyane Digital Security Team

Sites powered by Portal Web Services suffer from cross site scripting and CRLF injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, web, vulnerability, xss
MD5 | cf64b1cf94f41cb666461ee6c9a5bc81
DCMS 2.4 Cross Site Scripting
Posted Mar 31, 2013
Authored by Ashiyane Digital Security Team

DCMS version 2.4 suffers from multiple cross site scripting vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, vulnerability, xss
MD5 | 10bc89aa2971c2a4c22a0e4bb4dd7b5e
Netgear WNR1000 Authentication Bypass
Posted Mar 30, 2013
Authored by Roberto Paleari

Netgear WNR1000 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | 1da8155c7c2e479cd819b6144972d9d0
mRemote 1.50 Update Spoofing
Posted Mar 29, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

mRemote version 1.50 suffers from an update spoofing vulnerability.

tags | exploit, spoof
MD5 | 5f0a05105f4eac25a94fcdac8802592f
Royal TS 2.1.5 Update Spoofing
Posted Mar 29, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Royal TS version 2.1.5 suffers from an update spoofing vulnerability.

tags | exploit, spoof
MD5 | 716632b0b203b43be35e845638c4c9b1
Daddy's File Hosting Cross Site Scripting
Posted Mar 29, 2013
Authored by Mr.0c3aN

Daddy's File Hosting version 2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0db64aecf4510c5ed6ebf7a988ddd54c
STUNSHELL Web Shell PHP Eval
Posted Mar 29, 2013
Authored by bwall | Site metasploit.com

This Metasploit module exploits unauthenticated versions of the "STUNSHELL" web shell. This Metasploit module works when safe mode is enabled on the web server. This shell is widely used in automated RFI payloads.

tags | exploit, web, shell
MD5 | 14fe20dbc0bd59c275dc99df677548aa
STUNSHELL Web Shell Remote Code Execution
Posted Mar 29, 2013
Authored by bwall | Site metasploit.com

This Metasploit module exploits unauthenticated versions of the "STUNSHELL" web shell. This Metasploit module works when safe mode is disabled on the web server. This shell is widely used in automated RFI payloads.

tags | exploit, web, shell
MD5 | f26790bb1fd499aae352a4ad6c8754a0
WordPress podPress 8.8.10.13 Cross Site Scripting
Posted Mar 29, 2013
Authored by hip

WordPress podPress third party plugin version 8.8.10.13 suffers from a cross site scripting vulnerability via 1pixelout_player.swf.

tags | exploit, xss
advisories | CVE-2013-2714
MD5 | 23b3c8ff0f431cb3accef9a7a1caf12d
MailOrderWorks 5.907 Cross Site Scripting
Posted Mar 29, 2013
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

MailOrderWorks version 5.907 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 0416fc31d9a84249488a44c0f31e36f6
PayPal GP+ Cross Site Scripting
Posted Mar 29, 2013
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

The PayPal GP+ service application for analyzing websites suffered from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8b9b0ec34469b618d47df0ad6b1a69ef
PayPal Sellers CMS Cross Site Scripting
Posted Mar 29, 2013
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

The PayPal content manager system for sellers suffered from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5c3a52b8fea4e5a703b7d4fcd32502f4
ALLMediaServer 0.94 Buffer Overflow
Posted Mar 29, 2013
Authored by metacom | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in ALLMediaServer version 0.94. The vulnerability is caused due to a boundary error within the handling of an HTTP request.

tags | exploit, web, overflow
MD5 | b3294c5e0ea33e94dc0aab374786f72e
Voila CMS Cross Site Scripting
Posted Mar 29, 2013
Authored by Darksnipper, Dr.v!ru$

Sites designed by Voila Syria suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | b87a2b1bc52c077fc56354268fe2bdd3
Java CMM Remote Code Execution
Posted Mar 28, 2013
Authored by juan vazquez, temp66 | Site metasploit.com

This Metasploit module abuses the Color Management classes from a Java Applet to run arbitrary Java code outside of the sandbox as exploited in the wild in February and March of 2013. The vulnerability affects Java version 7u15 and earlier and 6u41 and earlier and has been tested successfully on Windows XP SP3 and Windows 7 SP1 systems. This exploit doesn't bypass click-to-play, so the user must accept the java warning in order to run the malicious applet.

tags | exploit, java, arbitrary
systems | windows, xp, 7
advisories | CVE-2013-1493, OSVDB-90737
MD5 | 72dd0a81f1bd243e69277d2973faf59f
v0pCr3w Web Shell Remote Code Execution
Posted Mar 28, 2013
Authored by bwall | Site metasploit.com

This Metasploit module exploits a lack of authentication in the shell developed by v0pCr3w and is widely reused in automated RFI payloads. This Metasploit module takes advantage of the shell's various methods to execute commands.

tags | exploit, shell
MD5 | 67c771e91a9f65359e28a15940a7500f
BlazeDVD Free Edition 6.1.1.6 Buffer Overflow
Posted Mar 28, 2013
Authored by metacom

BlazeDVD Free Edition version 6.1.1.6 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | d2d1ca20956fc752a390af872386dd39
AWS XMS 2.5 Path Traversal
Posted Mar 27, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

AWS XMS version 2.5 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2013-2474
MD5 | f6855dc4aed1bc18916b259a4b1d5966
McAfee Virtual Technician (MVT) 6.5.0.2101 Unsafe Active-X
Posted Mar 27, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

McAfee Virtual Technician (MVT) 6.5.0.2101 suffers from an exposed unsafe active-x method.

tags | exploit, activex
advisories | CVE-2012-5879
MD5 | 9daee446aada008191242f2e0649a9f5
PsychoStats 3.2.2b Blind SQL Injection
Posted Mar 27, 2013
Authored by Mohamed from ALG

PsychoStats version 3.2.2b suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4b152c35ec2b93500d04600917d3c06f
Konftel 300IP 2.1.2 Reboot Bypass
Posted Mar 27, 2013
Authored by Todor Donev

Konftel 300IP SIP-based conference phone versions 2.1.2 and below remote bypass reboot exploit.

tags | exploit, remote
MD5 | 465481eb9b9c69694a6fffeaccf80104
Atmail WebMail 7.0.2 Cross Site Scripting
Posted Mar 27, 2013
Authored by Vicente Aguilera Diaz

Atmail WebMail versions 7.0.2 and below suffer from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-2585
MD5 | d6636d238d75eee9ed6adbfb98cac7b6
Joomla Component JCE File Upload Remote Code Execution
Posted Mar 27, 2013
Authored by temp66 | Site metasploit.com

This Metasploit module exploits a vulnerability in the JCE component for Joomla!, which could allow an unauthenticated remote attacker to upload arbitrary files, caused by the fails to sufficiently sanitize user-supplied input. Sending specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system. This Metasploit module has been tested successfully on the JCE Editor 1.5.71 and Joomla 1.5.26.

tags | exploit, remote, web, arbitrary, php
MD5 | 351613b5116036e2b99d0dac802e3947
Ruby Thumbshooter Gem 0.1.5 Remote Command Execution
Posted Mar 27, 2013
Authored by Larry W. Cashdollar

Ruby Thumbshooter Gem version 0.1.5 suffers from a remote command execution vulnerability due to passing unsanitized user-supplied data to the shell.

tags | exploit, remote, shell, ruby
MD5 | a1cba85e9724f097a54a9ce7b26faec5
Page 1 of 7
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close