Showing 51 - 75 of 130

Files

Appologics AirBeam 1.9.2 Code Execution / XSS: Posted Nov 19, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; Appologics AirBeam version 1.9.2 suffers from remote command execution and cross site scripting vulnerabilities.; tags | exploit, remote, vulnerability, xss; SHA-256 | 8ce9c3cce7b6c656de8a899d4ab00a7c1296eda6d0e3a58196b6908a77ea2dda; Download | Favorite | View

Skidata RFID Freemotion.Gate Remote Command Execution: Posted Nov 19, 2013; Authored by Dennis Kelly; Skidata RFID Freemotion.Gate suffers from having an unauthenticated web service that allows for arbitrary remote command execution. Version 4.1.3.5 is affected. Earlier versions may also be affected.; tags | exploit, remote, web, arbitrary; SHA-256 | 5960d3c57db6941d9902fb1693d0b272bfb2b78c683a42584efc3cae2c07e1a6; Download | Favorite | View

PayPal GP+ Cross Site Scripting: Posted Nov 19, 2013; Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com; PayPal GP+ suffered from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 82b4d2446d4e666d8de3ecba090bd79d3921f13222e99bdf744771566fa7f9c6; Download | Favorite | View

PayPal Billsafe Cross Site Scripting: Posted Nov 19, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; Persistent script injection vulnerabilities were discovered in the PayPal Billsafe offering.; tags | exploit, vulnerability; SHA-256 | 2101e5745f62b7776999a807cd3411d014cb2d594bcffda669016a2200ef03b9; Download | Favorite | View

PayPal China Malicious Redirect: Posted Nov 19, 2013; Authored by Vulnerability Laboratory | Site vulnerability-lab.com; Remote attackers could influence a redirect in PayPal's www.paypal-biz.com site.; tags | exploit, remote; SHA-256 | ad30199576977fc30c90bdbd761713466c98d568a6beb827da07a26044a103e7; Download | Favorite | View

TomatoCart 1.1.8.2 LFI / Directory Traversal: Posted Nov 18, 2013; Authored by Esac; TomatoCart version 1.1.8.2 suffers from local file inclusion and directory traversal vulnerabilities.; tags | exploit, local, vulnerability, file inclusion; SHA-256 | 80edf86022b40bc33df2e29333ac72332b23148388612cd80bcc1bac5cb7b036; Download | Favorite | View

WordPress Tweet Blender 4.0.1 Cross Site Scripting: Posted Nov 18, 2013; Authored by High-Tech Bridge SA | Site htbridge.com; WordPress Tweet Blender plugin version 4.0.1 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2013-6342; SHA-256 | 7dd056ebf7a017614701914e9d8cdf3368acf8be185e3d65dc66b408e337e672; Download | Favorite | View

PHP-Nuke 8.2.4 Cross Site Scripting / File Inclusion: Posted Nov 18, 2013; Authored by Sojobo Dev Team; PHP-Nuke version 8.2.4 suffers from cross site scripting and local file inclusion vulnerabilities.; tags | exploit, local, php, vulnerability, xss, file inclusion; SHA-256 | e6a6feff30584aa0b101a715aac4a57ef1a047c221e5c1801ebe24b0f614d01e; Download | Favorite | View

Facebook Open Redirection: Posted Nov 18, 2013; Authored by Asesino04; Facebook suffers from yet another open redirection vulnerability. This time the issue is in campaign/landing.php.; tags | exploit, php; SHA-256 | fa83309f306ce394994a46fa30357ecafc806aa8106411b43263e5362d25cd29; Download | Favorite | View

DeepOfix 3.3 SMTP Authentication Bypass: Posted Nov 18, 2013; Authored by Gerardo Vazquez, Eduardo Arriols | Site pragsis-security.com; DeepOfix versions 3.3 and below suffer from an SMTP server authentication bypass vulnerability due to an LDAP issue. Exploit included.; tags | exploit, bypass; SHA-256 | 24bd2a61ed26e639e6b823b3e2f7cc39031c2662744ed2bbda21195c3924d603; Download | Favorite | View

DesktopCentral Shell Upload: Posted Nov 18, 2013; Authored by Thomas Hibbert | Site security-assessment.com; DesktopCentral versions prior to 80293 suffer from a remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | 4aad22e43397ec7360050815be62145be5467cc3cc7f5dc670993b7a63712604; Download | Favorite | View

Kaseya 6.3 Shell Upload: Posted Nov 18, 2013; Authored by Thomas Hibbert | Site security-assessment.com; Kaseya version 6.3 suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | 20dc6ed57c27f12c771790a0beb065620e6be1b55b63ed26a4bc41e7bec9b483; Download | Favorite | View

Optomise System Ltd XSS / Information Disclosure: Posted Nov 18, 2013; Authored by Juan Carlos Garcia; Optomise System Ltd suffers from cross site scripting and information disclosure vulnerabilities.; tags | exploit, vulnerability, xss, info disclosure; SHA-256 | c1f0ce5a3fe26ddb99b0616d5d61b0460e2f1e5b210f0a665619a91d61d91148; Download | Favorite | View

Supermicro Onboard IPMI close_window.cgi Buffer Overflow: Posted Nov 17, 2013; Authored by H D Moore, juan vazquez | Site metasploit.com; This Metasploit module exploits a buffer overflow on the Supermicro Onboard IPMI controller web interface. The vulnerability exists on the close_window.cgi CGI application, and is due to the insecure usage of strcpy. In order to get a session, the module will execute system() from libc with an arbitrary CMD payload sent on the User-Agent header. This Metasploit module has been tested successfully on Supermicro Onboard IPMI (X9SCL/X9SCM) with firmware SMT_X9_214.; tags | exploit, web, overflow, arbitrary, cgi; advisories | CVE-2013-3623; SHA-256 | 3db49add914cadb4e6f7130ba3b4a6a1c8c69c567c9d6a7d82b5980b09616017; Download | Favorite | View

Elastix 2.4.0 Cross Site Scripting: Posted Nov 17, 2013; Authored by Bassem; Elastix version 2.4.0 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 509909bae460646e9c79ae511e3c817214b4574939b7672fc3723d3773259720; Download | Favorite | View

Limonade Framework 3.0 Local File Disclosure: Posted Nov 17, 2013; Authored by Yashar shahinzadeh; Limonade Framework version 3.0 suffers from a local file disclosure vulnerability.; tags | exploit, local, info disclosure; SHA-256 | 443d4ee19f551464d8ebd684cb014326802ade98ba48a5bd76668b40540b2616; Download | Favorite | View

WordPress Euclid Cross Site Request Forgery: Posted Nov 17, 2013; Authored by DevilScreaM; WordPress Euclid theme suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | 49fde0a1248fb3f261935e7861a803f31c5996379e540c4452c31d2caa41d47d; Download | Favorite | View

WordPress Dimension Cross Site Request Forgery: Posted Nov 17, 2013; Authored by DevilScreaM; WordPress Dimension theme suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | c79f4bdf46ea63e7957d6c6e13d78d30ac7c626decaf17605d13c77d8d8b5370; Download | Favorite | View

WordPress Amplus Cross Site Request Forgery: Posted Nov 17, 2013; Authored by DevilScreaM; WordPress Amplus theme suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | 90cdcb8d4e659c08cee7021e9bc9fa3135983a4188217e174de3a055e42dd6f1; Download | Favorite | View

WordPress Make A Statement Cross Site Request Forgery: Posted Nov 17, 2013; Authored by DevilScreaM; WordPress Make A Statement theme suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | bc164cec434beccdd48ac4cb8f5fac9449eb0916b078caa972f7ac7fe5464bbc; Download | Favorite | View

Avira Secure Backup 1.0.0.1 Build 3616 Buffer Overflow: Posted Nov 16, 2013; Authored by Julien Ahrens | Site rcesecurity.com; Avira Secure Backup version 1.0.0.1 build 3616 suffers from a buffer overflow vulnerability.; tags | exploit, overflow; advisories | CVE-2013-6356; SHA-256 | 8a2c729190e444854e9eea2ba4a3bf9fc83b7990ca632fb6cff00b8e685190a9; Download | Favorite | View

Livezilla Code Execution / Local File Inclusion: Posted Nov 15, 2013; Authored by Curesec Research Team; Livezilla versions prior to 5.1.0.0 suffers from a local file inclusion vulnerability that allows for remote code execution.; tags | exploit, remote, local, code execution, file inclusion; advisories | CVE-2013-6225; SHA-256 | 0d889dda1d61a291e63c26f5eb8833f690853477131521889e5880c66ea203d1; Download | Favorite | View

Eclipse.org SQL Injection: Posted Nov 15, 2013; Authored by Rafay Baloch, Shahmeer Amir; Eclipse.org suffers from a remote error-based SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 4891c1a9e0a985be36498559d7f6aef0c86b7914a7631895c81deb87f34be354; Download | Favorite | View

Testa Online Test Management SQL Injection: Posted Nov 15, 2013; Authored by Ashiyane Digital Security Team; Testa Online Test Management suffers from a remote SQL injection vulnerability that allows for login bypass. Note that this advisory has site-specific information.; tags | exploit, remote, sql injection; SHA-256 | 5492b8331dd06e3e35f6b3b710794cbb5e3c55fb56480ea77af36b2fa81847e7; Download | Favorite | View

Windows SYSTEM Escalation Via KiTrap0D: Posted Nov 14, 2013; Authored by H D Moore, Pusscat, Tavis Ormandy, OJ Reeves | Site metasploit.com; This Metasploit module will create a new session with SYSTEM privileges via the KiTrap0D exploit by Tavis Ormandy. If the session in use is already elevated then the exploit will not run. The module relies on kitrap0d.x86.dll and is not supported on x64 editions of Windows.; tags | exploit, x86; systems | windows; advisories | CVE-2010-0232, OSVDB-61854; SHA-256 | b61f14f2873aa1c647ab01600db74d813ae4c68913ed531266fd588ac8aff25a; Download | Favorite | View

Page 3 of 6 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 221 files
Ubuntu 59 files
Debian 30 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
tmrswrr 4 files

Files

Top Authors In Last 30 Days

Recent News