Showing 76 - 100 of 176

Files

WordPress WooCommerce 2.0.17 Cross Site Scripting: Posted Oct 18, 2013; Authored by LiquidWorm | Site zeroscience.mk; WordPress WooCommerce plugin version 2.0.17 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 628ac46d8f1244fad6d04ac0e5152e7eb4159026a41ee343f38ebfe0c886e422; Download | Favorite | View

Elite Graphix ElitCMS 1.01 / PRO Cross Site Scripting / SQL Injection: Posted Oct 18, 2013; Authored by Katharina S.L., Vulnerability Laboratory | Site vulnerability-lab.com; Elite Graphix ElitCMS versions 1.01 and PRO suffer from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | 29a67e3663b1e3c4862f2246b9ede7002b3897ace31e2a0b390b8b8838c2db15; Download | Favorite | View

Bluetooth U 1.2.0 Directory Traversal: Posted Oct 18, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; Bluetooth U version 1.2.0 suffers from a directory traversal vulnerability.; tags | exploit; SHA-256 | ca14296374929c9f6c88571a95a5740d0e443d519a9a0c903df41f3c2bcc8c26; Download | Favorite | View

WebTester 5.x Command Execution: Posted Oct 18, 2013; Authored by Brendan Coles | Site metasploit.com; This Metasploit module exploits a command execution vulnerability in WebTester version 5.x. The 'install2.php' file allows unauthenticated users to execute arbitrary commands in the 'cpusername', 'cppassword' and 'cpdomain' parameters.; tags | exploit, arbitrary, php; SHA-256 | dfea5435bcc036d47d5c594f95500152ab31c0d3ee607b8a70a2b6f399effb39; Download | Favorite | View

LinkedIn Join Group Cross Site Request Forgery: Posted Oct 18, 2013; Authored by Eduardo Garcia Melia | Site isecauditors.com; LinkedIn suffered from a cross site request forgery vulnerability in the Join Group functionality.; tags | exploit, csrf; SHA-256 | 442cba9a0c6a978e69874ca3310a79b3dd238196b467f3e2045742bf6b7bdf18; Download | Favorite | View

Zikula CMS 1.3.5 Cross Site Scripting: Posted Oct 18, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; Zikula CMS version 1.3.5 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 69f709f535989b330975f9e777157ccbbe4a049d89e1926d05079fa41e57d717; Download | Favorite | View

Adaudit Plus Online Demo CSRF / Poor Password Passing: Posted Oct 18, 2013; Authored by Juan Carlos Garcia; Adaudit Plus Online Demo suffers from multiple vulnerabilities including cross site request forgery, directory listing, and passwords being passed via a GET method.; tags | exploit, vulnerability, csrf; SHA-256 | 65032b7037f6db49f90a134d34c24c4a670cbee2a380df40c787cac1f3f32132; Download | Favorite | View

Admanager Plus Online Demo XSS / CSRF / Clickjacking: Posted Oct 18, 2013; Authored by Juan Carlos Garcia; Admanager Plus Online Demo suffers from cross site request forgery, directory listing, clickjacking, and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; SHA-256 | ef8980f8307fd85e258505ff90f13dbeb382094a1fe35e49f7d82febddc5223e; Download | Favorite | View

Quick Paypal Payments Cross Site Scripting: Posted Oct 18, 2013; Authored by Zy0d0x | Site nullsecurity.net; Quick Paypal Payments, the plugin from quick-plugins.com, suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 37a5f2452b362ab7282d84c4e598396e18994f0a1811c1715518b59a076d9641; Download | Favorite | View

PHP Point Of Sale 10.x / 11.x / 12.x Remote Code Execution: Posted Oct 18, 2013; Authored by Gabby; PHP Point Of Sale versions 10.x, 11.x, and 12.x remote code execution exploit.; tags | exploit, remote, php, code execution; SHA-256 | 2688acc1f96e93d7799ccb3540cbe12f48da9bc32d767bb22ca9db0d45a74255; Download | Favorite | View

WordPress WP Realty Blind SQL Injection: Posted Oct 18, 2013; Authored by Napsterakos; WordPress wp-realty plugin suffers from a remote blind SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 108b6fd23f8a90bbd9f2002fb29777287f9643daa0a9c90beaba3eb5d9b696c7; Download | Favorite | View

ARRIS DG860A NVRAM Backup Compressor / Decompressor: Posted Oct 18, 2013; Authored by Justin Oberdorf; This exploit lets your extract the ARRIS DG860A NVRAM backup where password information is stored in plain text.; tags | exploit; SHA-256 | 5017f2e38a000e389ed35e33f98d69940a068ef699bb039cef9ec919fd229db5; Download | Favorite | View

Oracle Portal Demo Organization Chart PL/SQL Injection: Posted Oct 17, 2013; Authored by Manuel Garcia Cardenas | Site isecauditors.com; Oracle Portal Demo Organization Chart suffers from multiple remote PL/SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; advisories | CVE-2013-3831; SHA-256 | 9cb3fdaacb46479a4b50a20bb9819648de8a75d662cac0949a85147a7341ca3e; Download | Favorite | View

Microweber 0.8 Arbitrary File Deletion: Posted Oct 17, 2013; Authored by High-Tech Bridge SA | Site htbridge.com; Microweber version 0.8 suffers from an arbitrary, unauthenticated file deletion vulnerability.; tags | exploit, arbitrary; advisories | CVE-2013-5984; SHA-256 | 00e97b9578c6ea4b1d5201d508e35d8194cb39385bfa4167d6c6fece74f8402b; Download | Favorite | View

PayPal Mail Encoding Script Insertion: Posted Oct 17, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; PayPal suffered from a mail encoding flaw that allowed for script insertion.; tags | exploit; SHA-256 | b603bb923ee6756c0cf3b284eec6b7ad0910def98cf35aaa7a93f3ec633f161d; Download | Favorite | View

WordPress Image Resizer Cross Site Scripting: Posted Oct 17, 2013; Authored by Ashiyane Digital Security Team; WordPress wp-image-resizer plugin suffers from a cross site scripting vulnerability. Note that this advisory has site-specific information.; tags | exploit, xss; SHA-256 | f3cd5381c497d0ff9a43ff787405d39f9cede357c30e3dde558ede2858e1aae0; Download | Favorite | View

Level One Enterprise Access Points Password Disclosure: Posted Oct 17, 2013; Authored by Richard Weinberger; Level1 EAP Devices offer a function do download the device config file. This download mechanism is not properly protected such that an attacker can download the config file without authentication. Passwords can be retrieved at this point.; tags | exploit; SHA-256 | feb798abe8963cbdf88203291b080caa2b0b13a15a35c236457fb84cc061ff8d; Download | Favorite | View

Persistent Payload In Windows Volume Shadow Copy: Posted Oct 16, 2013; Authored by Jedediah Rodriguez | Site metasploit.com; This Metasploit module will attempt to create a persistent payload in a new volume shadow copy. This is based on the VSSOwn Script originally posted by Tim Tomes and Mark Baggett. This Metasploit module has been tested successfully on Windows 7. In order to achieve persistence through the RUNKEY option, the user should need password in order to start session on the target machine.; tags | exploit; systems | windows; SHA-256 | d72c7c4197223719655c0deb2854e9abd093b3ef32540cca84b41979d20922b1; Download | Favorite | View

Dolibarr ERP/CMS 3.4.0 SQL Injection: Posted Oct 16, 2013; Authored by drone; Dolibarr ERP/CMS version 3.4.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 17558383b563f3fc59b866cd4454a1c3f1b147cd861e3918baa96316db448057; Download | Favorite | View

DornCMS Application 1.4 Local File Inclusion / XSS: Posted Oct 16, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; DornCMS Application version 1.4 suffers from cross site scripting and local file inclusion vulnerabilities.; tags | exploit, local, vulnerability, xss, file inclusion; SHA-256 | effa62cb4eaaa12b0a23ca9706a0f1cc9087f8d782f16c149fece649db7b3103; Download | Favorite | View

WordPress Dexs PM System Cross Site Scripting: Posted Oct 16, 2013; Authored by TheXero; WordPress Dexs PM System plugin suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 46585f05ce1c8abf03275497ab4ed1b5a5b1fe6f2f5d454627d66da4e26a2725; Download | Favorite | View

Aladdin Knowledge Systems Ltd. Overflow: Posted Oct 16, 2013; Authored by Blake; Aladdin Knowledge Systems Ltd. PrivAgent active-x control overflow exploit.; tags | exploit, overflow, activex; SHA-256 | 78e1f9941ee243de2c6fa4f4dd4d806f45dbe201a8b08daf54b144678052bb4f; Download | Favorite | View

OliveOffice Mobile Suite 2.0.3 File Inclusion: Posted Oct 15, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; OliveOffice Mobile Suite Application version 2.0.3 suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; SHA-256 | 7d7261b5cb9ff0d8f4b60ec12e83b4f3f6166c30074918909602721509669623; Download | Favorite | View

UbiDisk File Manager 2.0 File Inclusion / Shell Upload: Posted Oct 15, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; UbiDisk File Manager version 2.0 suffers from local file inclusion and remote shell upload vulnerabilities.; tags | exploit, remote, shell, local, vulnerability, file inclusion; SHA-256 | 3d7f843569c22b8fd4f6b976f1f76dd77f201277ccacae468697c7dc4e343f81; Download | Favorite | View

Gazelle SQL Injection / TBDEV.NET Code Execution: Posted Oct 15, 2013; Authored by Bogdan Calin; Gazelle suffers from bypass and remote SQL injection vulnerabilities. TBDEV.NET suffers from a remote PHP code execution vulnerability.; tags | exploit, remote, php, vulnerability, code execution, sql injection; SHA-256 | 5597e1348996b8d06f84e7e9595c6350ac59a7ddfd78f4d6aa06f8fc972fe7df; Download | Favorite | View

Page 4 of 7 Back 2 3 4 5 6 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

Files

Top Authors In Last 30 Days

Recent News