Exploit the possiblities
Showing 1 - 25 of 176 RSS Feed

Files

Packet Storm New Exploits For October, 2013
Posted Nov 5, 2013
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 176 exploits added to Packet Storm in October, 2013.

tags | exploit
systems | linux
MD5 | cf69d7189f0826ad9f6ff51cf17000db
ImpressPages CMS 3.6 Arbitrary File Deletion
Posted Oct 31, 2013
Authored by LiquidWorm | Site zeroscience.mk

ImpressPages CMS version 3.6 suffers from a remote arbitrary file deletion vulnerability.

tags | exploit, remote, arbitrary
MD5 | 2296023319ae6111530e61c091f52f51
Varnish Cache Denial Of Service
Posted Oct 31, 2013
Authored by Ilia Sharov

If Varnish receives a certain illegal request, and the subroutine 'vcl_error{}' restarts the request, the varnishd worker process will crash with an assert. The varnishd management process will restart the worker process, but there will be a brief interruption of service and the cache will be emptied, causing more traffic to go to the backend. Versions 2.0.x, 2.1.x, and 3.0.x are affected.

tags | exploit, denial of service
advisories | CVE-2013-4484
MD5 | cb9615aec14bf539a5b30626f199edff
ImpressPages CMS 3.6 Cross Site Scripting / SQL Injection
Posted Oct 31, 2013
Authored by LiquidWorm | Site zeroscience.mk

ImpressPages CMS version 3.6 suffers from multiple SQL injection vulnerabilities that can be leveraged to commit cross site scripting attacks.

tags | exploit, vulnerability, xss, sql injection
MD5 | 3672d11c3639ffa8ca450dd7c8b6bbb6
Joomla Joomleague Shell Upload
Posted Oct 31, 2013
Authored by wantexz

Joomla Joomleague component suffers from a remote shell upload vulnerability due to having Open Flash Chart included.

tags | exploit, remote, shell
MD5 | 301ddfd28f2d844d15515554732a5d5b
Unicorn WB-3300NR Cross Site Request Forgery
Posted Oct 31, 2013
Authored by absane

Unicorn WB-3300NR router version 1 with firmware 5.07.18_ko_UIS02 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 3307c9e56dd0e79df8322d14a7bc1ac4
AudioCoder 0.8.22 SEH Buffer Overflow
Posted Oct 31, 2013
Authored by Mike Czumak

AudioCoder version 0.8.22 SEH buffer overflow exploit that spawns calc.exe.

tags | exploit, overflow
MD5 | 15b3d199e1ae76f08910e7af7a603c44
Watermark Master 2.2.23 Buffer Overflow
Posted Oct 31, 2013
Authored by metacom

Watermark Master version 2.2.23 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 4b1202dd7db0c2ec9f625d01f76ab620
WordPress WP-Checkout Cross Site Scripting / Shell Upload
Posted Oct 31, 2013
Authored by DevilScreaM

WordPress WP-Checkout plugin suffers from cross site scripting and remote shell upload vulnerabilities. Note that this advisory has site-specific information.

tags | exploit, remote, shell, vulnerability, xss
MD5 | 776323605c6770606267db5381623264
Apache + PHP 5.x Remote Code Execution Python Exploit #2
Posted Oct 31, 2013
Authored by noptrix | Site nullsecurity.net

Apache and PHP remote command execution exploit that leverages php5-cgi. Written in Python. Version 2 of this exploit.

Changes: Multi-threaded scanner and connect-back shell added. Various bug fixes and it now allows an input file for scanning.
tags | exploit, remote, cgi, php, python
advisories | CVE-2012-1823
MD5 | a79b540dfe48bc91f755a82796e83f2c
vTiger CRM 5.3.0 / 5.4.0 Authenticated Remote Code Execution
Posted Oct 30, 2013
Authored by Brandon Perry | Site metasploit.com

vTiger CRM allows an authenticated user to upload files to embed within documents. Due to insufficient privileges on the 'files' upload folder, an attacker can upload a PHP script and execute arbitrary PHP code remotely. This Metasploit module was tested against vTiger CRM v5.4.0 and v5.3.0.

tags | exploit, arbitrary, php
advisories | CVE-2013-3591
MD5 | f9527bf1c4d5e68b3bb1234d05074da3
NAS4Free Arbitrary Remote Code Execution
Posted Oct 30, 2013
Authored by Brandon Perry | Site metasploit.com

NAS4Free allows an authenticated user to post PHP code to a special HTTP script and have the code executed remotely. This Metasploit module was successfully tested against NAS4Free version 9.1.0.1.804. Earlier builds are likely to be vulnerable as well.

tags | exploit, web, php
advisories | CVE-2013-3631
MD5 | c020ad36feff3b44ae4323ae234db53d
Zabbix Authenticated Remote Command Execution
Posted Oct 30, 2013
Authored by Brandon Perry | Site metasploit.com

ZABBIX allows an administrator to create scripts that will be run on hosts. An authenticated attacker can create a script containing a payload, then a host with an IP of 127.0.0.1 and run the arbitrary script on the ZABBIX host. This Metasploit module was tested against Zabbix version 2.0.9.

tags | exploit, arbitrary
advisories | CVE-2013-3628
MD5 | 174edff153674935af6e4b4c43da1dcd
ISPConfig Authenticated Arbitrary PHP Code Execution
Posted Oct 30, 2013
Authored by Brandon Perry | Site metasploit.com

ISPConfig allows an authenticated administrator to export language settings into a PHP script which is intended to be reuploaded later to restore language settings. This feature can be abused to run arbitrary PHP code remotely on the ISPConfig server. This Metasploit module was tested against version 3.0.5.2.

tags | exploit, arbitrary, php
advisories | CVE-2013-3629
MD5 | dff48963b3cf6b151cf07fef50095052
OpenMediaVault Cron Remote Command Execution
Posted Oct 30, 2013
Authored by Brandon Perry | Site metasploit.com

OpenMediaVault allows an authenticated user to create cron jobs as arbitrary users on the system. An attacker can abuse this to run arbitrary commands as any user available on the system (including root).

tags | exploit, arbitrary, root
advisories | CVE-2013-3632
MD5 | 2cdc9640a702841616097d34f30fac60
Moodle Remote Command Execution
Posted Oct 30, 2013
Authored by Brandon Perry | Site metasploit.com

Moodle allows an authenticated user to define spellcheck settings via the web interface. The user can update the spellcheck mechanism to point to a system-installed aspell binary. By updating the path for the spellchecker to an arbitrary command, an attacker can run arbitrary commands in the context of the web application upon spellchecking requests. This Metasploit module also allows an attacker to leverage another privilege escalation vuln. Using the referenced XSS vuln, an unprivileged authenticated user can steal an admin sesskey and use this to escalate privileges to that of an admin, allowing the module to pop a shell as a previously unprivileged authenticated user. This Metasploit module was tested against Moodle version 2.5.2 and 2.2.3.

tags | exploit, web, arbitrary, shell
advisories | CVE-2013-3630
MD5 | 7964a087595c8dfa446e972b74ec6d64
D-Link Backdoor Czechr
Posted Oct 30, 2013
Authored by dustyfresh

This is a simple PHP script that checks to see if your D-Link device is vulnerable to the User-Agent backdoor.

tags | exploit, php
MD5 | 48621cb91d15bf5a22d97af97d22a8ac
Beetel Connection Manager NetConfig.ini Buffer Overflow
Posted Oct 30, 2013
Authored by metacom, wvu | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow on Beetel Connection Manager. The vulnerability exists in the parsing of the UserName parameter in the NetConfig.ini file. The module has been tested successfully on PCW_BTLINDV1.0.0B04 over Windows XP SP3 and Windows 7 SP1.b.

tags | exploit, overflow
systems | windows, xp, 7
MD5 | 5eee60d18123b1614e05de36dca9f2aa
ProcessMaker Open Source Authenticated PHP Code Execution
Posted Oct 30, 2013
Authored by Brendan Coles | Site metasploit.com

This Metasploit module exploits a PHP code execution vulnerability in the 'neoclassic' skin for ProcessMaker Open Source which allows any authenticated user to execute PHP code. The vulnerable skin is installed by default in version 2.x and cannot be removed via the web interface.

tags | exploit, web, php, code execution
advisories | OSVDB-99199
MD5 | ecb230017a0837b04f48532b97f21dd3
Apache Magicka Code Execution
Posted Oct 29, 2013
Authored by Kingcope

Apache and PHP remote command execution exploit that leverages php5-cgi.

tags | exploit, remote, cgi, php
advisories | CVE-2012-1823
MD5 | bdb5dbeddbd99bb47e41085bb02a8b97
Apache / PHP Remote Command Execution
Posted Oct 29, 2013
Authored by noptrix | Site nullsecurity.net

Apache and PHP remote command execution exploit that leverages php5-cgi. Written in Python.

tags | exploit, remote, cgi, php, python
advisories | CVE-2012-1823
MD5 | 1b8cde875eff98bf11b70ba0d00606d8
Olat CMS 7.8.0.1 Cross Site Scripting
Posted Oct 29, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Olat CMS version 7.8.0.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 0eab3c8f0ce95a8e9b225360ef8d5992
BlazeDVD 6.2 Buffer Overflow
Posted Oct 29, 2013
Authored by Mike Czumak

BlazeDVD version 6.2 SEH buffer overflow exploit that creates a malicious .plf file.

tags | exploit, overflow
MD5 | 42c9698e838fb4bf91ad88b5c4debb38
ASUS RT-N13U Backdoor Account
Posted Oct 29, 2013
Authored by Shellster

The ASUS RT-N13U home router comes configured with an administrative root shell with a default password and is available via telnetd. Changing the password on the web interface does not remediate the issue.

tags | exploit, web, shell, root
MD5 | a2364ad976a4429d601811b875726a35
Ops View Pre 4.4.1 Blind SQL Injection
Posted Oct 29, 2013
Authored by Jesus Oquendo

Ops View version pre 4.4.41 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-5694
MD5 | cf326a65b9d6c1390e5e954c0543a072
Page 1 of 8
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close