Showing 76 - 100 of 119

Files

Ruby Gem Karteek Docsplit 0.5.4 Command Injection: Posted Apr 10, 2013; Authored by Larry W. Cashdollar; Ruby Gem Karteek Docsplit version 0.5.4 fails to sanitize user-supplied input. If a user is tricked into extracting a file with shell characters in the name, code can be executed remotely.; tags | exploit, shell, ruby; advisories | CVE-2013-1933; SHA-256 | b21afb51938c4e491625c88dec36626c10a2f58c611fc3dcdcfd45693ccba644; Download | Favorite | View

phpMyAdmin 3.5.7 Cross Site Scripting: Posted Apr 10, 2013; Authored by Janek Vind aka waraxe | Site waraxe.us; phpMyAdmin version 3.5.7 suffers from a reflective cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 373323d449040d80cf19a424efb57660421ebce6af076a5b804b8d44f7724af3; Download | Favorite | View

ZAPms 1.41 SQL Injection: Posted Apr 10, 2013; Authored by NoGe; ZAPms version 1.41 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | fdbb3c9ac475faabb959b176c865bb90290f7c1e94579706c71fa54561f748d7; Download | Favorite | View

Adobe ColdFusion APSB13-03 Command Execution: Posted Apr 10, 2013; Authored by Jon Hart | Site metasploit.com; This Metasploit module exploits a pile of vulnerabilities in Adobe ColdFusion APSB13-03 including arbitrary command execution in scheduleedit.cfm (9.x only), directory traversal, and authentication bypass issues.; tags | exploit, arbitrary, vulnerability; advisories | CVE-2013-0625, CVE-2013-0629, CVE-2013-0631, CVE-2013-0632; SHA-256 | fc81458d632a151d75dbee734ef554512dc7bbdc7f0bfbae5d6c44fcafa675bf; Download | Favorite | View

Sysax Multi Server 6.10 SSH Denial Of Service: Posted Apr 10, 2013; Authored by Matt Andreko; Sysax Multi Server version 6.10 suffers from an SSH denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | 50cbbd9b67f7808e61c6265a8082071e7d09c673279aac4a56165ac92bd9fc96; Download | Favorite | View

WordPress Spiffy XSPF Player 0.1 SQL Injection: Posted Apr 10, 2013; Authored by Ashiyane Digital Security Team, Amirh03in; WordPress Spiffy XSPF Player third party plugin version 0.1 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.; tags | exploit, remote, sql injection; SHA-256 | a3597f51aeac54bbb4fee719e49631114cfa5a22f8b62d1e4785cfcd18eedb2c; Download | Favorite | View

Nitro Pro 8 Insecure Library Loading: Posted Apr 9, 2013; Authored by M. Heinzl | Site sec-consult.com; Nitro Pro 8 suffers from a DLL hijacking vulnerability.; tags | exploit; systems | windows; advisories | CVE-2013-2773; SHA-256 | 9753d7aab5dd59f1810174c7d04bad14e635ca6845ccfad19131f10367dfb005; Download | Favorite | View

Foscam Cross Site Request Forgery: Posted Apr 9, 2013; Authored by shekyan; Foscam versions FI8910W and FI8908W with embedded web interface version 2.4.10.3 suffer from multiple cross site request forgery vulnerabilities.; tags | exploit, web, vulnerability, csrf; SHA-256 | faa635543909b521a4f2185e437bb1f582d530fa5bbfe5788f9e98319cfa8d99; Download | Favorite | View

ZeroClipbord.swf Cross Site Scripting / Path Disclosure: Posted Apr 9, 2013; Authored by MustLive; ZeroClipboard.swf as included with multiple themes in WordPress suffers from cross site scripting and path disclosure vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2013-1808; SHA-256 | ccfe1281dfc6e4e26e5a0d6d1b3b97070667132a8dc4e5c06f901a7d32b12f8c; Download | Favorite | View

MiniWeb File Upload / Directory Traversal: Posted Apr 9, 2013; Authored by Akastep; MiniWeb build 300 suffers from remote arbitrary file upload and directory traversal vulnerabilities.; tags | exploit, remote, arbitrary, vulnerability, file inclusion, file upload; SHA-256 | a57a2db6fe50d9e301599498e605af858c7f62b49d0e6f59f1d1c1a196cf857a; Download | Favorite | View

D-Link Remote Command Execution: Posted Apr 9, 2013; Authored by Michael Messner; D-Link devices DIR-600 / DIR-300 revB / DIR-815 / DIR-645 / DIR-412 / DIR-456 / DIR-110 all suffer from a remote command injection vulnerability.; tags | exploit, remote; SHA-256 | 17eb6a8037069b38384464fb6033053265e37d9e03348a06ffc828a643e35041; Download | Favorite | View

EasyPHP Webserver PHP Command Execution: Posted Apr 9, 2013; Authored by KedAns-Dz; EasyPHP Webserver suffers from a remote shell injection vulnerability.; tags | exploit, remote, shell; SHA-256 | 8023e28ae85a6fa58ded8c8f3b1d3e28c39c30d6050dc359007394c1db06a0b3; Download | Favorite | View

WordPress Traffic Analyzer Cross Site Scripting: Posted Apr 9, 2013; Authored by Beni_Vanda; WordPress Traffic Analyzer third-party plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.; tags | exploit, xss; SHA-256 | 8849e30d2762c019ed41393a39f69eef8ad290bbe9f2061b55bfe6e22bd914e8; Download | Favorite | View

Aastra IP Telephone Hardcoded Password: Posted Apr 8, 2013; Authored by Timo Juhani Lindfors; The Aastra 6753i IP Telephone suffers from a hardcoded telnetd administrative password.; tags | exploit, telephony; SHA-256 | 62d1199d353ae991c9baaa62acd28e5797451f8295d39267e3a0f2c29067e7fb; Download | Favorite | View

Vanilla Forums 2.0.18.4 SQL Injection: Posted Apr 8, 2013; Authored by Michael Schratt; Vanilla Forums versions 2.0.18.4 and below suffer from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 8bfc7b93915d3d494f30a5acbd234606f92c7e181f68dccfb98c4ebdb77e55da; Download | Favorite | View

HexChat 2.9.4 Buffer Overflow: Posted Apr 8, 2013; Authored by Matt Andreko; HexChat version 2.9.4 suffers from a buffer overflow vulnerability.; tags | exploit, overflow; SHA-256 | 14b5088f5a0dd9d83df5f162592dcf460932c2148bb0e62536dda4e9f6170c19; Download | Favorite | View

OTRS FAQ Cross Site Scripting: Posted Apr 7, 2013; Authored by Luigi Vezzoso; The OTRS FAQ module suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2013-2637; SHA-256 | 22e42064ae8575aeb1a04d081c859fbf0209078c9e5d23d0a639b2d588b15791; Download | Favorite | View

Belkin Wemo Arbitrary Firmware Upload: Posted Apr 7, 2013; Authored by Daniel Buentello; Belkin Wemo versions prior to WeMo_US_2.00.2176.PVT suffer from an arbitrary firmware upload vulnerability.; tags | exploit, arbitrary, file upload; advisories | CVE-2013-2748; SHA-256 | 87ce1b406dd2592abb929c4664b6ec19f436813a9c618655fd04efa8165bac9d; Download | Favorite | View

HP System Management Homepage Local Privilege Escalation: Posted Apr 7, 2013; Authored by agix | Site metasploit.com; HP System Management Homepage versions 7.1.2 and below include a setuid root smhstart which is vulnerable to a local buffer overflow in the SSL_SHARE_BASE_DIR env variable.; tags | exploit, overflow, local, root; advisories | OSVDB-91990; SHA-256 | 357a44bede2c2741756ca4862ede64872c7d755406c54c4a9748b5b8c68b77ef; Download | Favorite | View

TP-Link TD-8817 Cross Site Request Forgery: Posted Apr 6, 2013; Authored by Un0wn_X; TP-Link TD-8817 with firmware version 6.0.1 Build 111128 Release 26763 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | 75cfe0072867dc13dbeaaa17dc56bfdaf0deec508cea718365799d632ef06968; Download | Favorite | View

TinyWebGallery 1.8.9 Path Disclosure: Posted Apr 6, 2013; Authored by Manuel Garcia Cardenas | Site isecauditors.com; TinyWebGallery versions 1.8.9 and below suffer from multiple path disclosure vulnerabilities.; tags | exploit, vulnerability, info disclosure; advisories | CVE-2013-2631; SHA-256 | b7a8054330b47b3e9644442f4d4c78ae2ff6042ef2b98e0a68dec801067b434e; Download | Favorite | View

Easy FTP Server 1.7.0.2 Denial Of Service: Posted Apr 6, 2013; Authored by Akastep; Easy FTP Server version 1.7.0.2 CPU consumption denial of service exploit that causes the condition when sending a POST request with an empty body. Written in AutoIT.; tags | exploit, denial of service; SHA-256 | 5444040cb0c0fc5ebba94c6715a808fd92aca58033ee9f78ebbb2646a8c9747e; Download | Favorite | View

Groovy Media Player 3.2.0 Buffer Overflow: Posted Apr 4, 2013; Authored by Akshaysinh Vaghela; Groovy Media Player version 3.2.0 suffers from a buffer overflow vulnerability.; tags | exploit, overflow; advisories | CVE-2013-2760; SHA-256 | 154fba6d11b45be152dff83491133c68afd025c1107e9ca14a9bf8a9782ae56b; Download | Favorite | View

Censorship Professional 4 2.1.7 XSS / SQL Injection: Posted Apr 4, 2013; Authored by M. Heinzl | Site sec-consult.com; Censorship Professional version 4 2.1.7 suffers from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | eca09f06d856a2acf71f66a9d6bcb8247e827537969b963b1cad45744838ac15; Download | Favorite | View

Radio CMS 2.2 SQL Injection: Posted Apr 4, 2013; Authored by Rooster(XEKA); Radio CMS version 2.2 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 02c24c7ecb1e5eceba6a2e68fc15744da7ea2221c2ce96e58ff37befd3a20ed9; Download | Favorite | View

Page 4 of 5 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

Files

Top Authors In Last 30 Days

Recent News