what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 127 RSS Feed

Files

Matterdaddy Market 1.4.2 Cross Site Request Forgery / Arbitrary File Upload
Posted May 24, 2013
Authored by KedAns-Dz | Site market.matterdaddy.com

Matterdaddy Market version 1.4.2 and below suffers from cross site request forgery and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, php, vulnerability, file upload, csrf
SHA-256 | 0b8140e53c7c0f1f92e8675c79e10a58397a4335cc65b525b3ae336d8c75f408
AVE.CMS 2.09 Blind SQL Injection
Posted May 23, 2013
Authored by mr.pr0n | Site overdoze.ru

AVE.CMS versions less than 2.09 suffer from a remote blind SQL injection vulnerability in the "module" parameter. This is a proof of concept exploit. This issue is addressed in later versions.

tags | exploit, remote, sql injection, proof of concept
SHA-256 | a58ccee98e2766a83b2334654aae4e4bd323c91cb8f725358879fb1018be8100
vBulletin 5b SQL Injection
Posted May 23, 2013
Authored by stealth, UberLame | Site zempirians.com

This is an SQL Injection proof of concept that will display information about the vBulletin software and the admin details from the database. It can be adjusted to read any part of the database.

tags | exploit, sql injection, proof of concept
SHA-256 | 31b6c134bd12e2c8a3b7dce76200bcb7e83f26adecf9774a722a58a1aa24bab1
Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow
Posted May 23, 2013
Authored by Greg MacManus, hal, saelo | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in versions 1.3.9 to 1.4.0 of nginx. The exploit first triggers an integer overflow in the ngx_http_parse_chunked() by supplying an overly long hex value as chunked block size. This value is later used when determining the number of bytes to read into a stack buffer, thus the overflow becomes possible.

tags | exploit, overflow
advisories | CVE-2013-2028, OSVDB-93037
SHA-256 | 5caa8725f0b0e52002e2804749d851584f474a1d0b411c2a827865afd2da031c
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
Posted May 23, 2013
Authored by Felipe Andres Manzano, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability on Adobe Reader X Sandbox. The vulnerability is due to a sandbox rule allowing a Low Integrity AcroRd32.exe process to write register values which can be used to trigger a buffer overflow on the AdobeCollabSync component, allowing to achieve Medium Integrity Level privileges from a Low Integrity AcroRd32.exe process. This Metasploit module has been tested successfully on Adobe Reader X 10.1.4 over Windows 7 SP1.

tags | exploit, overflow
systems | windows
advisories | CVE-2013-2730, OSVDB-93355
SHA-256 | 362b070d8c1cff7e3047e6ccc9833c6d39410fbd8d44ca7e08e17d15068ff919
Weyal CMS SQL Injection
Posted May 23, 2013
Authored by XroGuE | Site Att4ck3r.ir

Weyal CMS suffers from a remote SQL injection vulnerability. Note that this finding has site-specific information.

tags | exploit, remote, sql injection
SHA-256 | 83692401cd0bb507fa938e88a9e9e351a2a29d0810f21072c7eef4a2e38bdc33
Spider Event Calendar 1.3.0 Cross Site Scripting / Path Disclosure / SQL Injection
Posted May 22, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Spider Event Calendar version 1.3.0 is a Wordpress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | e1280c273978d2943c741ebee56c227367b4ac94ad923128afa07f35b1146ed6
Spider Catalog 1.4.6 Cross Site Scripting / Path Disclosure / SQL Injection
Posted May 22, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Spider Catalog version 1.4.6 is a Wordpress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 37e63ff3e32d65df162db6c051518d4a1fcd556135bdae06ee5a5a69e189c813
Wordpress Flagallery-Skins SQL Injection
Posted May 22, 2013
Authored by Ashiyane Digital Security Team

Wordpress Flagallery-skins plugin suffers from an SQL Injection vulnerability. Note that this advisory has site-specific information.

tags | exploit, remote, sql injection
SHA-256 | 8e7321e57a191458bb0488828e864521503137f0590d73239395524588a9079f
Kimai 0.9.2.1306-3 SQL Injection
Posted May 21, 2013
Authored by drone | Site kimai.org

Kimai version 0.9.2.1306-3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
systems | linux, windows
SHA-256 | 0500e2f1f7402ade9a36fb3bbcdf907836374db397c71ed558baeaefcc940edc
Ophcrack 3.50 Buffer Overflow / Code Execution
Posted May 21, 2013
Authored by xis_one | Site ophcrack.sourceforge.net

Ophcrack version 3.5.0 suffers from stack based buffer overflow vulnerability that leads to local code execution.

tags | exploit, overflow, local, code execution
systems | windows
SHA-256 | 85e4c42a672fe0a884bdf1e279ba0680a6f49152f227aadb304bf714bbb09e86
Linksys WRT160n apply.cgi Remote Command Injection
Posted May 21, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Some Linksys Routers are vulnerable to an authenticated OS command injection on their web interface where default credentials are admin/admin or admin/password. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic payload. This Metasploit module has been tested on a Linksys WRT160n version 2 - firmware version v2.0.03. A ping command against a controlled system could be used for testing purposes. The exploit uses the tftp client from the device to stage to native payloads from the command injection.

tags | exploit, web
advisories | OSVDB-90093
SHA-256 | f9f09e58e33c3c7939cc2ed16b2c26b3cc52e2b7e29498141ef9d035fec7d9f7
Sony PS3 Firmware 4.31 Code Execution
Posted May 21, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

A local code execution vulnerability is detected in the official PlayStation 3 v4.31 Firmware. The vulnerability allows local attackers to inject and execute code out of vulnerable PlayStation 3 menu main web context.

tags | exploit, web, local, code execution
SHA-256 | 0fd5bb46569459ce46c5312e622c6ab26a6e991cedaa4c04f931ae9f2b8e725c
Trend Micro DirectPass 1.5.0.1060 Command Injection / Denial Of Service
Posted May 21, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Trend Micro DirectPass 1.5.0.1060 suffers from local command/path injection, persistent code injection, and a denial of service vulnerability.

tags | exploit, denial of service, local, code execution
SHA-256 | 0bd4cb7f71fd9f6ce6c2774f8d033e3486c4b9de01400c5a1430a846c73e58c3
Meterpreter Swaparoo Windows Backdoor Method
Posted May 20, 2013
Authored by Un0wn_X

Swaparoo - Windows backdoor method for Windows Vista/7/8. This code sneaks a backdoor command shell in place of Sticky Keys prompt or Utilman assistant at login screen.

tags | shell
systems | windows
SHA-256 | a8cd0e00d51d3b5913e9d7c69e14520295b34ecc124cbe73c93f101a16b0bc53
WordPress ProPlayer Plugin SQL Injection
Posted May 20, 2013
Authored by Ashiyane Digital Security Team

WordPress ProPlayer Plugin version 4.7.9.1 suffers from a remote SQL injection vulnerability. Note that this advisory has site-specific information.

tags | exploit, remote, sql injection
SHA-256 | cc97f9fb24702b00b0d44275e740d8353c7449cd7d2b62180d8d38729de371eb
D-Link DIR615h OS Command Injection
Posted May 20, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Some D-Link Routers are vulnerable to an authenticated OS command injection on their web interface, where default credentials are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. This Metasploit module was tested against a DIR-615 hardware revision H1 - firmware version 8.04. A ping command against a controlled system could be used for testing purposes. The exploit uses the wget client from the device to convert the command injection into an arbitrary payload execution.

tags | exploit, web, arbitrary
advisories | OSVDB-90174
SHA-256 | aad8c5ca69c9c88e6afefcbe2b486142c3227a0b49c91b9a4e140ec39830afb7
Moxiecode Image Manager 3.1.5 Shell Upload
Posted May 19, 2013
Authored by MustLive

Moxiecode Image Manager (MCImageManager) versions 3.1.5 and below suffer from a remote shell upload vulnerability. Moxiecode is a commercial plugin for TinyMCE.

tags | exploit, remote, shell
SHA-256 | fd409e0d8cd4de78eff2f6ed557b4a1f24ec4438e3f2e3e0eb5a1b05640107ce
Glibc 2.11.3 / 2.12.x LD_AUDIT libmemusage.so Local Root
Posted May 17, 2013
Authored by Todor Donev

Local root exploit for Glibc versions 2.11.3 and 2.12.x utilizing LD_AUDIT libmemusage.so.

tags | exploit, local, root
advisories | CVE-2010-3856
SHA-256 | dbe0977154f9ed4331b96211af365a5ddd2b1de1c5253179073a44cea5e541e3
Moxiecode File Manager 3.1.5 Shell Upload
Posted May 17, 2013
Authored by MustLive

Moxiecode File Manager (MCFileManager) versions 3.1.5 and below suffer from a remote shell upload vulnerability. Moxiecode is a commercial plugin for TinyMCE.

tags | exploit, remote, shell
SHA-256 | d69aae839dcc779cfba73a5bfb9cc79a717869c8399e3bd4c4f76e7dab581afe
Nginx 1.3.9 / 1.4.0 Denial Of Service
Posted May 17, 2013
Authored by Mert SARICA | Site mertsarica.com

Nginx versions 1.3.9 through 1.4.0 suffer from a denial of service vulnerability.

tags | exploit, denial of service, python
advisories | CVE-2013-2028
SHA-256 | 545ee012c3d75d1d38d47e527a614966ce9593fd109eb03f37bdf8105f5b48b0
Mutiny 5 Arbitrary File Upload
Posted May 16, 2013
Authored by juan vazquez | Site metasploit.com

This Metasploit module exploits a code execution flaw in the Mutiny 5 appliance. The EditDocument servlet provides a file upload function to authenticated users. A directory traversal vulnerability in the same functionality allows for arbitrary file upload, which results in arbitrary code execution with root privileges. In order to exploit the vulnerability a valid user (any role) in the web frontend is required. The module has been tested successfully on the Mutiny 5.0-1.07 appliance.

tags | exploit, web, arbitrary, root, code execution, file upload
advisories | CVE-2013-0136
SHA-256 | 01d6456aa6f66c843f950a3e95e6b90c8d0c5ec0cde800f6939a9ede83195de8
SSH User Code Execution
Posted May 15, 2013
Authored by Spencer McIntyre | Site metasploit.com

This Metasploit module utilizes a stager to upload a base64 encoded binary which is then decoded, chmod'ed and executed from the command shell.

tags | exploit, shell
advisories | CVE-1999-0502
SHA-256 | 4e828bd76fd9d92b7193f91ff6cdf47c21ab888c351730fc0b672b1bdfa5d5fb
Exponent CMS 2.2.0 Beta 3 LFI / SQL Injection
Posted May 15, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Exponent CMS version 2.2.0 beta 3 suffers from local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
advisories | CVE-2013-3294, CVE-2013-3295
SHA-256 | c66432c06b6aeb8a14da0a5432997dffbde3bde7c22f8d34fad4191d2231131f
Quick Search 1.1.0.189 Buffer Overflow
Posted May 15, 2013
Authored by ariarat

Quick Search version 1.1.0.189 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 14d59285c5ed109c4f6adeede8aa3624a3d43932eb94e78755c80a7b5a59e49d
Page 2 of 6
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close