Showing 26 - 50 of 176

Files

sup Remote Command Execution: Posted Oct 29, 2013; Authored by joernchen; sup versions prior to 0.14.1.1 and prior to 0.13.2.1 suffer from an arbitrary command execution vulnerability via a forged content type of an email attachment.; tags | exploit, arbitrary; SHA-256 | 7f25065280e73ca0e7c1a1f6429061cd9ee6353dfc98cf483575c0a5d76a0da5; Download | Favorite | View

WordPress Curvo Shell Upload: Posted Oct 29, 2013; Authored by Byakuya; WordPress Curvo theme suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | c265d8b2cc6ce8faadfecc0108e2b0d861d13d909118a052dac7b78a99e62f9f; Download | Favorite | View

GTX CMS 2013 Optima XSS / SQL Injection: Posted Oct 29, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; GTX CMS 2013 Optima suffers from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | 15b0c869a76223dd746013e56d764bd49329bdf34f6ac55cc179e1aaf8849e87; Download | Favorite | View

WordPress MoneyTheme Cross Site Scripting / Shell Upload: Posted Oct 29, 2013; Authored by DevilScreaM; WordPress MoneyTheme suffers from cross site scripting and remote shell upload vulnerabilities.; tags | exploit, remote, shell, vulnerability, xss; SHA-256 | 118f2518be3ef83f488608e39f34988f8e8d867943df4d1309be1c8476a48492; Download | Favorite | View

MobileIron 4.5.4 Cross Site Scripting: Posted Oct 28, 2013; Authored by Marc Ruef, Pascal Schaufelberger; MobileIron version 4.5.4 suffers from a cross site scripting vulnerability in the device registration functionality.; tags | exploit, xss; SHA-256 | 0086a60987e5725b61729a566ad575d52c9d7f81ffe6150d619bb1da469fb747; Download | Favorite | View

ILIAS eLearning 4.3.4 / 4.4 Cross Site Scripting: Posted Oct 28, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; ILIAS eLearning CMS versions 4.3.4 and 4.4 suffer from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 59f2e84c3cc83759cdb50071ff2bddc46f93834010bcb679cfd619392d3bbd7d; Download | Favorite | View

WatchGuard Firewall XTM 11.7.4u1 Buffer Overflow Perl Exploit: Posted Oct 28, 2013; Authored by Jerome Nokin | Site funoverip.net; WatchGuard Firewall XTM version 11.7.4u1 suffers from a remote buffer overflow vulnerability in the handling of the sessionid cookie. This is the perl version of the exploit.; tags | exploit, remote, overflow, perl; advisories | CVE-2013-6021; SHA-256 | 45ceb4ca62ced50ff5102abdde412ea0e3161ebbaec885e97cd203a93e46c185; Download | Favorite | View

WatchGuard Firewall XTM 11.7.4u1 Buffer Overflow Metasploit Module: Posted Oct 28, 2013; Authored by st3n | Site funoverip.net; WatchGuard Firewall XTM version 11.7.4u1 suffers from a remote buffer overflow vulnerability in the handling of the sessionid cookie. This is the Metasploit module version of the exploit.; tags | exploit, remote, overflow; advisories | CVE-2013-6021; SHA-256 | 25e73d8a0ef4e8e0a8edf7728db4ae486de866a485e52d6b0401d2ff36d67792; Download | Favorite | View

Struts 2.3.15.3 Cross Site Scripting: Posted Oct 28, 2013; Authored by Nebula; Struts version 2.3.15.3 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | c6554f49acdc80a0d54e90157d4de1ee7f01933f3569c0eb965debf94761230d; Download | Favorite | View

Netgear ReadyNAS Remote Command Execution: Posted Oct 28, 2013; Authored by anonymous, Craig Young; Proof of concept exploit that demonstrates remote command execution on Netgear ReadyNAS.; tags | exploit, remote, proof of concept; SHA-256 | 7ae30b42d1addf06dce009c2571e44ead9195cf7589aebbb33dbd101756f76dd; Download | Favorite | View

Ops View Pre 4.4.1 Cross Site Scripting: Posted Oct 28, 2013; Authored by Jesus Oquendo; Ops View version pre 4.4.41 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2013-5695; SHA-256 | f03cc918c29800f4fb81785310e92c629c35a77aaa048713a3b86f607b6c1b59; Download | Favorite | View

vBulletin 4.1.x / 5.x.x Administrative User Injection: Posted Oct 28, 2013; Authored by Simo Ben Youssef; vBulletin versions 4.1.x and 5.x.x suffer from a remote unauthenticated administrative user injection vulnerability via upgrade.php.; tags | exploit, remote, php; SHA-256 | 56d71874ee918e0adb9b0501022ef1127c5fdefdaf17dc30ef3b50197d6283f7; Download | Favorite | View

VideoCharge Studio 2.12.3.685 Buffer Overflow: Posted Oct 27, 2013; Authored by metacom; VideoCharge Studio version 2.12.3.685 SEH buffer overflow exploit that pops calc.exe.; tags | exploit, overflow; SHA-256 | d27b5ed8cc328e282657f03687971424f237cd948b2fae44a499656a8a01baad; Download | Favorite | View

Horde Groupware Web Mail 5.1.2 Cross Site Request Forgery: Posted Oct 27, 2013; Authored by Marcela Benetrix; Horde Groupware Web Mail Edition version 5.1.2 suffers from multiple cross site request forgery vulnerabilities.; tags | exploit, web, vulnerability, csrf; advisories | CVE-2013-6275; SHA-256 | 8673f2fbe62fe700aec9d6ff06fc03cec542e451e35d65fa4c149331868f9a02; Download | Favorite | View

WordPress Curvo Cross Site Request Forgery: Posted Oct 27, 2013; Authored by Byakuya; WordPress Curvo theme suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | 5ff60ac7b29216353fb30ef419bb9de1554c55378b3babe5a55ed21ebf8be6ae; Download | Favorite | View

PayPal Shipping Cross Site Scripting: Posted Oct 26, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; PayPal's Shipping web application suffers from cross site scripting vulnerabilities.; tags | exploit, web, vulnerability, xss; SHA-256 | 9c4d2cb0b351592d3d9a5e20ce9df32095fe904a95ba829525059c28eafad531; Download | Favorite | View

BalkanSys Default Credentials / Redirection / File Upload: Posted Oct 26, 2013; Authored by DevilScreaM; BalkanSys suffers from default credentials, arbitrary file upload, and open redirection vulnerabilities. Note that this advisory has site-specific information.; tags | exploit, arbitrary, vulnerability, bypass, file upload; SHA-256 | 8f26c405b63c9567a1ce3478b4d6d560ea287f16b230a9696b659a3b5169206f; Download | Favorite | View

WordPress MobileChief Cross Site Scripting: Posted Oct 26, 2013; Authored by Ashiyane Digital Security Team; WordPress MobileChief Mobile Site Builder plugin suffers from a cross site scripting vulnerability. Note that this advisory has site-specific information.; tags | exploit, xss; SHA-256 | 82f649c8ad747842d6c10048a9dbcba503dcaf02a4f6bd9cfa8a8017df2d094c; Download | Favorite | View

Open Flash Chart 2 Arbitrary File Upload: Posted Oct 26, 2013; Authored by Braeden Thomas | Site metasploit.com; This Metasploit module exploits a file upload vulnerability found in Open Flash Chart version 2. Attackers can abuse the 'ofc_upload_image.php' file in order to upload and execute malicious PHP files.; tags | exploit, php, file upload; advisories | CVE-2009-4140, OSVDB-59051; SHA-256 | b8a492ec3d568f27f3072ee7a134a2a0e51461ff46fb4b93914e0b100f645e82; Download | Favorite | View

Symantec Workspace Streaming 7.5.0.493 Rmote Code Execution: Posted Oct 25, 2013; Authored by rgod | Site retrogod.altervista.org; Symantec Workspace Streaming version 7.5.0.493 suffers from a SWS streamlet engine invoker servlets remote code execution vulnerability. Proof of concept code included.; tags | exploit, remote, code execution, proof of concept; SHA-256 | 013fe724276f3efdcdb2e04f6e5462344632c6aeb84259e399b9fb314b8d088d; Download | Favorite | View

Onpub CMS 1.4 / 1.5 SQL Injection: Posted Oct 25, 2013; Authored by Benjamin Kunz Mejri, Marcel Bernhardt, Vulnerability Laboratory | Site vulnerability-lab.com; Onpub CMS versions 1.4 and 1.5 suffer from multiple remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; SHA-256 | 29be76c26f70a0a77e21ebbba24a61a7fc1665dd3abf256dbbaa9777f05ae7cf; Download | Favorite | View

WebCollab 3.30 HTTP Response Splitting: Posted Oct 25, 2013; Authored by Manuel Garcia Cardenas | Site isecauditors.com; WebCollab versions 3.30 and below suffer from an HTTP response splitting vulnerability.; tags | exploit, web; advisories | CVE-2013-2652; SHA-256 | a895d7c4a4695a9aeb270f6abf9d85d121c81cc0b634d6443284f1cfba111448; Download | Favorite | View

Feeder.co RSS Feeder 5.2 Cross Site Scripting: Posted Oct 25, 2013; Authored by Ateeq ur Rehman Khan, Vulnerability Laboratory | Site vulnerability-lab.com; Feeder.co RSS Feeder version 5.2 for Chrome suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | c227d9d9a4c7675cd2e18a765b40cd5955a316d3ece0b557dcc289f4c9d80f82; Download | Favorite | View

Uploadify 3.2.1 Shell Upload / Information Disclosure: Posted Oct 25, 2013; Authored by MustLive; Uploadify versions 3.2.1 and below suffer from remote shell upload and information disclosure vulnerabilities.; tags | exploit, remote, shell, vulnerability, info disclosure; SHA-256 | 42181d90d3a59f79ebd60cc206e7db18525b5ce197976ea8e3cd7560476156fb; Download | Favorite | View

JReport Cross Site Request Forgery: Posted Oct 25, 2013; Authored by asheesh anaconda, Asheesh Kumar Mani Tripathi; JReport suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | f1edcf7336d77073aafbe4e97e41a339bab3dfa611e51b9971a3df90fe3b8995; Download | Favorite | View

Page 2 of 7 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

Files

Top Authors In Last 30 Days

Recent News