Exploit the possiblities
Showing 1 - 25 of 170 RSS Feed

Files

Packet Storm New Exploits For 2013
Posted Jan 3, 2014
Authored by Todd J. | Site packetstormsecurity.org

Complete comprehensive archive of all 1,926 exploits added to Packet Storm in 2013.

tags | exploit
systems | linux
MD5 | de3f1f5169ebb974559b8e5ef7e3ee40
Packet Storm New Exploits For December, 2013
Posted Jan 3, 2014
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 168 exploits added to Packet Storm in December, 2013.

tags | exploit
systems | linux
MD5 | eb4fa9b6a77080bab7f5a26d93031841
CMS Afroditi 1.0 Blind SQL Injection
Posted Dec 30, 2013
Authored by Project Zero Labs | Site projectzero.gr

CMS Afroditi version 1.0 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e0aa2f8287a21189dfdc7cb7d8373a50
ACal 2.2.6 LFI / XSS / Authentication Bypass
Posted Dec 30, 2013
Authored by TUNISIAN CYBER

ACal version 2.2.6 suffers from authentication bypass, cross site scripting, and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
MD5 | 9973d0f62ec6ffced615aff68ee1a4e6
Ophcrack 3.6 Local Buffer Overflow
Posted Dec 29, 2013
Authored by Osanda Malith

Ophcrack version 3.6 local stack based buffer overflow exploit. Works on Windows 8 64-bit.

tags | exploit, overflow, local
systems | windows
MD5 | ff9a6b400e376839f2c51664bb863489
VM86 Syscall Kernel Panic
Posted Dec 29, 2013
Authored by halfdog

This program maps memory pages to the low range above 64k to avoid conflicts with /proc/sys/vm/mmap_min_addr and then triggers the virtual-86 mode. Due to unhandled FPU errors, task switch will fail afterwards, kernel will attempt to kill other tasks when switching.

tags | exploit, kernel
MD5 | 9075820ac0281d8a25b589a6ca7c9d0a
NoticeBoardPro 1.x SQL Injection
Posted Dec 29, 2013
Authored by TUNISIAN CYBER

NoticeBoardPro version 1.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d6aeb3af4626ff02eac06b77e2c14b5d
PhotoStore 4.0.7. Shell Upload
Posted Dec 28, 2013
Authored by Gabby | Site metasploit.com

This Metasploit module exploits a vulnerability found in PhotoStore version 4.0.7. By abusing the uploadify.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
MD5 | 3b9c8d3dfb4138471a6d69832b7ab3d0
Snapchat Crypto Flaws
Posted Dec 27, 2013
Authored by GibsonSec | Site gibsonsec.org

As prior disclosure to Snapchat has not resulted in fixes, the researchers at Gibson Security have released exploits and documentation on the previously undocumented API.

tags | exploit
MD5 | be4e0243b4929fcb42b3d1f55b4bb4bb
IBM Web Content Manager XPath Injection
Posted Dec 27, 2013
Authored by Alexander Antukh, S. Temnikov | Site sec-consult.com

IBM Web Content Manager versions 6.x, 7.x, and 8.x suffer from blind XPath injection attacks. This allows an attacker to get current application configuration, enumerate nodes, and extract other valuable information from vulnerable installations of Web Content Manager.

tags | exploit, web
advisories | CVE-2013-6735
MD5 | 69f57516ca8afbdbf5d510389ecf27e0
Red Hat CloudForms Management Engine 5.1 miq_policy/explorer SQL Injection
Posted Dec 27, 2013
Authored by Ramon de C Valle | Site metasploit.com

This Metasploit module exploits a SQL injection vulnerability in the "explorer" action of "miq_policy" controller of the Red Hat CloudForms Management Engine 5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier) by changing the password of the target account to the specified password.

tags | exploit, sql injection
systems | linux, redhat
advisories | CVE-2013-2050
MD5 | 44e41933fe930ba06179d9c0f24a5cbb
Safari Phishing Alert Bypass
Posted Dec 27, 2013
Authored by WooYun

The PhishingAlert of Safari stops functioning in Windows systems if an abnormal URL is being used.

tags | exploit
systems | windows
MD5 | 5a7d4bcf357ebda5a988595a3a99f082
AWS Elastic Beanstalk Code Execution
Posted Dec 27, 2013
Authored by WooYun

Amazon Web Services Elastic Beanstalk suffers from a code execution vulnerability.

tags | exploit, web, code execution
MD5 | a2bb4856b5be18ad991cfdf0ff6428b7
PHPSurveyor Shell Upload
Posted Dec 27, 2013
Authored by G4eL

PHPSurveyor suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | bb761d4b53cde626a0af2f5ee2e1c7e4
Ofilter Player 1.1 Integer Division By Zero
Posted Dec 27, 2013
Authored by Osanda Malith

Ofilter Player version 1.1 integer division by zero exploit that creates a malicious .wav file.

tags | exploit
MD5 | 50383efac54fdf46a60645be15560592
RealNetworks RealPlayer Version Attribute Buffer Overflow
Posted Dec 26, 2013
Authored by Gabor Seljan | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a remote attacker could execute arbitrary code on the system or cause the application to crash.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2013-6877
MD5 | fff49d065cfe7b602585586a45146ba4
WordPress Ad-minister 0.6 Cross Site Scripting
Posted Dec 26, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Ad-minister plugin version 0.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-6993
MD5 | dfde7cc849d3cf994252a41a9ac7f0e4
AskApache 3.0 Cross Site Request Forgery
Posted Dec 26, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

AskApache Firefox Adsense WordPress plugin version 3.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2013-6992
MD5 | f7e786267dda0364e763c5df446f887e
WordPress WP-Cron 1.1.5 Cross Site Scripting
Posted Dec 26, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress WP-Cron Dashboard plugin version 1.1.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-6991
MD5 | f7b1e8a80c3176be97f1deef498b0b02
RBS Change 3.6.8 Cross Site Scripting
Posted Dec 26, 2013
Authored by Metropolis

RBS Change version 3.6.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7f1654468ff037f92652b313a86482c0
eFront LMS 3.6.14 File Upload / Path Disclosure
Posted Dec 26, 2013
Authored by expl0i13r

eFront LMS version 3.6.14 suffers from arbitrary file upload, file read, and path disclosure vulnerabilities.

tags | exploit, arbitrary, vulnerability, info disclosure, file upload
MD5 | a6589f92f22c6212bd8ee5f31939cbe0
AFCommerce Remote File Inclusion
Posted Dec 26, 2013
Authored by NoGe

AFCommerce aka Amazing Flash Commerce suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 8e1cb2992b2ed61ffa7149405848fb57
Windows Live Movie Maker 2011 Denial Of Service
Posted Dec 26, 2013
Authored by Osanda Malith

Windows Live Movie Maker 2011 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
MD5 | 69ab42380402448542633bab3b928fc4
JForum Cross Site Request Forgery
Posted Dec 26, 2013
Authored by Arno Chen

JForum suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2013-7209
MD5 | d34ff6a57e36c82321b1586c066f95e9
RealNetworks RealPlayer 16 Buffer Overflow
Posted Dec 25, 2013
Authored by Gabor Seljan

RealNetworks RealPlayer versions 16.0.3.51 and 16.0.2.32 buffer overflow exploit that spawns calc.exe.

tags | exploit, overflow
advisories | CVE-2013-6877
MD5 | 1e1eccbf44a7e90ad4ba3ccf8e5f12c8
Page 1 of 7
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
NYPD Cops Need A Warrant To Snoop On Your Phone
Posted Nov 17, 2017

tags | headline, government, privacy, usa, phone
Oracle Scrambles To Fix Security Flaws In Tuxedo
Posted Nov 17, 2017

tags | headline, database, flaw, oracle
Github To Devs: Now You'll Get Security Alerts On Flaws In Popular Software Libraries
Posted Nov 17, 2017

tags | headline, flaw
Keystone Pipeline Leaked 210,000 Gallons Of Oil In South Dakota
Posted Nov 17, 2017

tags | headline, flaw
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close