Exploit the possiblities
Showing 1 - 25 of 192 RSS Feed

Files

Packet Storm New Exploits For June, 2013
Posted Jul 1, 2013
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 192 exploits added to Packet Storm in June, 2013.

tags | exploit
systems | linux
MD5 | 2e44e7990f49341ce457a46b7cc36d4d
Carberp Web Panel C2 Backdoor Remote PHP Code Execution
Posted Jun 30, 2013
Authored by Luis Santana, bwall, Steven K | Site metasploit.com

This Metasploit module exploits backdoors that can be sighted all over the leaked source code of the Carberp botnet C2 Web Panel.

tags | exploit, web
MD5 | 5980f13b254ff37b493422740671301a
Xorbin Analog Flash Clock 1.0 For Joomla XSS
Posted Jun 30, 2013
Authored by Prakhar Prasad, Rafay Baloch

Xorbin Analog Flash Clock plugin version 1.0 for Joomla suffers from a flash-based cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-4692
MD5 | 3f7ac9003a3fcd1c75083c6aa615a9d3
Xorbin Digital Flash Clock 1.0 For WordPress XSS
Posted Jun 30, 2013
Authored by Prakhar Prasad, Rafay Baloch

Xorbin Digital Flash Clock plugin version 1.0 for WordPress suffers from a flash-based cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-4693
MD5 | 5b9fe462d2808c7fd466b7313128599e
Xorbin Analog Flash Clock 1.0 For WordPress XSS
Posted Jun 30, 2013
Authored by Prakhar Prasad, Rafay Baloch

Xorbin Analog Flash Clock plugin version 1.0 for WordPress suffers from a flash-based cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-4692
MD5 | 33e9475e6620739e77bd9d7370a4c82a
C.P.Sub 4.5 Privilege Escalation
Posted Jun 30, 2013
Authored by Chako

C.P.Sub versions 4.5 and below allows for administrative access escalation by the simple tweak of a user-supplied parameter.

tags | exploit, bypass
MD5 | 63d7a9adc4e8a44659d46a3236c49358
Vatican Cross Site Scripting
Posted Jun 30, 2013
Authored by Andrea Menin

The Vatican vaticanstate.va webcam page suffered from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d11b2aa337348ce126f25f467227d11e
Atomymaxsite Shell Upload
Posted Jun 30, 2013
Authored by Iranian_Dark_Coders_Team

Sites powered by ATOMYMAXSITE appear to suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 9283ccc36522316ed467a036853d3a01
Nameko Webmail Cross Site Scripting
Posted Jun 29, 2013
Authored by Andrea Menin

Nameko Webmail versions 0.10.146 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3d21692e1e13afe7a200f66fcab00615
Static HTTP Server 1.0 SEH Overflow
Posted Jun 29, 2013
Authored by Jacob Holcomb

Static HTTP Server version 1.0 SEH overflow exploit that leverages the configuration file and binds a shell to port 4444.

tags | exploit, web, overflow, shell
MD5 | e7496895749f7c883a90a2e50982c685
AVS Media Player 4.1.11.100 Denial Of Service
Posted Jun 29, 2013
Authored by metacom

AVS Media Player version 4.1.11.100 local denial of service exploit that generates a malicious AC3 file.

tags | exploit, denial of service, local
MD5 | b1edb4d4ec3a451f488e40f3f8b4c8a2
WordPress WP-Private-Messages SQL Injection
Posted Jun 29, 2013
Authored by IeDb

WordPress WP-Private-Messages this party plugin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 83c286a433013961d7df49cfc52968b6
Fortigate Firewall Cross Site Request Forgery
Posted Jun 28, 2013
Authored by Sven Wurth

Fortigate Firewall versions prior to 4.3.13 and 5.0.2 suffer from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2013-1414
MD5 | fbca49c87adc2d6887f9b55df4504d6b
YOPMail XSS / Injection / HTTP Response Splitting
Posted Jun 28, 2013
Authored by Juan Carlos Garcia

YOPMail suffers from cross site scripting, HTTP response splitting, CRLF injection, and session token handling vulnerabilities.

tags | exploit, web, vulnerability, xss
MD5 | a5d9881d634167e06e2db886f4cca8b3
Windows 7 SP1 Local Access SYSTEM Compromise
Posted Jun 28, 2013
Authored by Anastasios Monachos

If you have physical access to a Microsoft Windows 7 SP1 instance, you can leverage the "Launch startup Repair" functionality to gain SYSTEM access.

tags | exploit
systems | windows, 7
MD5 | c52e640cc11080951b3b69430724c758
Mobile USB Drive HD 1.2 Shell Upload
Posted Jun 28, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Mobile USB Drive HD version 1.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 57bd463871e8a0cb71bbfc62aac51778
Barracuda CudaTel Communication Server 2.6.002.040 XSS
Posted Jun 28, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Barracuda CudaTel Communication Server version 2.6.002.040 suffers from multiple script injection vulnerabilities.

tags | exploit, vulnerability
MD5 | 4684145ae35bcc6c956181686c6b3503
PCMan's FTP Server 2.0 Buffer Overflow
Posted Jun 28, 2013
Authored by Chako

PCMan's FTP Server version 2.0 remote buffer overflow exploit that leverages USER and pops calc.exe.

tags | exploit, remote, overflow
MD5 | 75b5495b82efc4e8713620080cbaa441
PayPal Enumeration / Information Disclosure
Posted Jun 28, 2013
Authored by Karim H.B. | Site vulnerability-lab.com

The PayPal Hong Kong marketing site suffers from information disclosure, user enumeration, and bruteforcing vulnerabilities.

tags | exploit, vulnerability, info disclosure
MD5 | b517c2fc98d08ea05db8c5e8e6f1a8af
eFile Wifi Transfer Manager 1.0 LFI / XSS
Posted Jun 28, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

eFile Wifi Transfer Manager version 1.0 for iOS suffers from local file inclusion and cross site scripting vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
systems | ios
MD5 | 730f03745fd75d14f23b6285dbf1288d
PCMan's FTP Server 2.0.7 Remote Root
Posted Jun 28, 2013
Authored by Jacob Holcomb

PCMan's FTP Server version 2.0.7 remote root buffer overflow exploit that leverages the USER command and binds a shell to port 4444.

tags | exploit, remote, overflow, shell, root
MD5 | 26b44400415603fc3d92809f89abd244
Java Applet ProviderSkeleton Insecure Invoke Method
Posted Jun 27, 2013
Authored by Adam Gowdiak, Matthias Kaiser | Site metasploit.com

This Metasploit module abuses the insecure invoke() method of the ProviderSkeleton class that allows to call arbitrary static methods with user supplied arguments. The vulnerability affects Java version 7u21 and earlier.

tags | exploit, java, arbitrary
advisories | CVE-2013-2460, OSVDB-94346
MD5 | eb31080dbf4908fe55f6198beec5aae0
PCMan's FTP Server 2.0 Denial Of Service
Posted Jun 27, 2013
Authored by Chako

Send an empty password to PCMan's FTP Server version 2.0 triggers a denial of service condition.

tags | exploit, denial of service
MD5 | 89cf3290aa482bb7544cd59dc529c815
Xaraya 2.4.0-b1 Cross Site Scripting
Posted Jun 26, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Xaraya version 2.4.0-b1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-3639
MD5 | f3b92b05cb0d0954d2b4e7a301584c08
InstantCMS 1.6 Code Execution
Posted Jun 26, 2013
Authored by Akastep

InstantCMS version 1.6 remote PHP code execution exploit that spawns a reverse shell.

tags | exploit, remote, shell, php, code execution
MD5 | 5a786e6ec0ba28fb6a279b4e589c45a7
Page 1 of 8
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Germany Urges Parents To Destroy Snooping Smartwatches
Posted Nov 20, 2017

tags | headline, privacy, germany
Drone Maker Makes Hacking Accusations
Posted Nov 20, 2017

tags | headline, hacker, flaw
DNS Resolver 9.9.9.9 Will Check Requests Against IBM Threat Database
Posted Nov 20, 2017

tags | headline, malware, dns
F5 DROWNing, Not Waving, In Crypto Fail
Posted Nov 20, 2017

tags | headline, flaw, cryptography
Cap'n Crunch Booted From Conferences Due To Sexual Misconduct Claims
Posted Nov 18, 2017

tags | headline, hacker, phone, conference
3 More Android Malware Families Invade Google Play Store
Posted Nov 18, 2017

tags | headline, malware, phone, google
Shamed TLS/SSL Cert Authority StartCom To Shut Up Shop
Posted Nov 18, 2017

tags | headline, privacy, data loss, flaw, cryptography
Massive US Military Social Media Spying Archive Left Wide Open In AWS S3 Buckets
Posted Nov 18, 2017

tags | headline, government, privacy, usa, amazon, data loss, flaw, spyware, social
NYPD Cops Need A Warrant To Snoop On Your Phone
Posted Nov 17, 2017

tags | headline, government, privacy, usa, phone
Oracle Scrambles To Fix Security Flaws In Tuxedo
Posted Nov 17, 2017

tags | headline, database, flaw, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close