exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 170 RSS Feed

Files

Dewplayer 2.2.2 Cross Site Scripting
Posted Dec 24, 2013
Authored by MustLive

Dewplayer version 2.2.2 suffers from cross site scripting and content spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, xss
SHA-256 | 5a1f3f71d04579c9bfde14b30a8e91bf8855a69002dd690629da538ec4ef6754
Fat Free CRM CSRF / SQL Injection / Known Secret
Posted Dec 24, 2013
Authored by joernchen

Fat Free CRM suffers from cross site request forgery, known session secret, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure, csrf
SHA-256 | e36735d125c4d5e421f622b4448eb7831f1aded7c14c184b6ede1eee0bf01c06
xBoard 5.0 / 5.5 / 6.0 Local File Inclusion
Posted Dec 24, 2013
Authored by TUNISIAN CYBER

xBoard versions 5.0, 5.5, and 6.0 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | ea65a2314d43263c2ca2e1369ceedc90166a109931b14ab99de74043e36f9ae7
Qatar Booking Server Struts Execution
Posted Dec 24, 2013
Authored by Hackerdesk Team

booking.qatarairways.com suffers from a Struts vulnerability that allows for remote code execution. The authors have contacted Qatar but no one has responded nor fixed the issue. It is being published publicly to help convince them to remediate the issue.

tags | exploit, remote, code execution
SHA-256 | b48a16f763565d8b3796254051c67ef4cb6a511edc1d30e0f634b8ccf3e6a90a
WebPagetest 2.7 Local File Disclosure
Posted Dec 24, 2013
Authored by TUNISIAN CYBER

WebPagetest version 2.7 suffers from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
SHA-256 | 57435b59f5fada7cf0b2b28770fccde94dfbd2552c0c550f09c2f9f521d61efa
WordPress Recommend Cross Site Scripting
Posted Dec 24, 2013
Authored by Ashiyane Digital Security Team

WordPress Recommend plugin suffers from a cross site scripting vulnerability. Note that these findings house site-specific data.

tags | exploit, xss
SHA-256 | 84b4c1e890f3ce3a47c8b869c6f834bc2675ceec8fe10b8a9976a8f6b0467086
Zen-Cart Database Backup Disclosure
Posted Dec 24, 2013
Authored by JoKeR_StEx

Zen-Cart version 1.5.1 suffers from a database backup disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 9061996cb9f8621ef614cb8cbdc9fe4527baec1b037503862ea03d28f3bad283
Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal
Posted Dec 23, 2013
Authored by Ramon de C Valle | Site metasploit.com

This Metasploit module exploits a path traversal vulnerability in the "linuxpkgs" action of "agent" controller of the Red Hat CloudForms Management Engine 5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier). It uploads a fake controller to the controllers directory of the Rails application with the encoded payload as an action and sends a request to this action to execute the payload. Optionally, it can also upload a routing file containing a route to the action. (Which is not necessary, since the application already contains a general default route.)

tags | exploit
systems | linux, redhat
advisories | CVE-2013-2068
SHA-256 | ecc3dfeae56af0d7e8234b449d220c4c30764ffe2c2b2a098d22efcf89701574
Synology DiskStation Manager SLICEUPLOAD Remote Command Execution
Posted Dec 23, 2013
Authored by Markus Wulftange | Site metasploit.com

This Metasploit module exploits a vulnerability found in Synology DiskStation Manager (DSM) versions 4.x, which allows the execution of arbitrary commands under root privileges. The vulnerability is located in /webman/imageSelector.cgi, which allows to append arbitrary data to a given file using a so called SLICEUPLOAD functionality, which can be triggered by an unauthenticated user with a specially crafted HTTP request. This is exploited by this module to append the given commands to /redirect.cgi, which is a regular shell script file, and can be invoked with another HTTP request. Synology reported that the vulnerability has been fixed with versions 4.0-2259, 4.2-3243, and 4.3-3810 Update 1, respectively; the 4.1 branch remains vulnerable.

tags | exploit, web, arbitrary, shell, cgi, root
advisories | CVE-2013-6955
SHA-256 | 513af8fcad7f15ab39a785c35d338137aeacd8422cf292ee059738323ccdea1f
OpenSIS 'modname' PHP Code Execution
Posted Dec 23, 2013
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a PHP code execution vulnerability in OpenSIS versions 4.5 to 5.2 which allows any authenticated user to execute arbitrary PHP code under the context of the web-server user. The 'ajax.php' file calls 'eval()' with user controlled data from the 'modname' parameter.

tags | exploit, web, arbitrary, php, code execution
advisories | CVE-2013-1349
SHA-256 | 7c1e06a8368ff3ba80da09ec39f138b29b87f7223b028687a6f1c5149cc3a95f
Zimbra Collaboration Server LFI
Posted Dec 23, 2013
Authored by rubina119 | Site metasploit.com

This Metasploit module exploits a local file inclusion on Zimbra 8.0.2 and 7.2.2. The vulnerability allows an attacker to get the LDAP credentials from the localconfig.xml file. The stolen credentials allow the attacker to make requests to the service/admin/soap API. This can then be used to create an authentication token for the admin web interface. This access can be used to achieve remote code execution. This Metasploit module has been tested on Zimbra Collaboration Server 8.0.2 with Ubuntu Server 12.04.

tags | exploit, remote, web, local, code execution, file inclusion
systems | linux, ubuntu
advisories | CVE-2013-7091
SHA-256 | e41cf490ab9469ce31ade3e3bc8198d90c941e76e3bd760f92078a0dc9e99472
HP SiteScope issueSiebelCmd Remote Code Execution
Posted Dec 23, 2013
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a code execution flaw in HP SiteScope. The vulnerability exists in the APISiteScopeImpl web service, specifically in the issueSiebelCmd method, which allows the user to execute arbitrary commands without authentication. This Metasploit module has been tested successfully on HP SiteScope 11.20 over Windows 2003 SP2, Windows 2008 and CentOS 6.5.

tags | exploit, web, arbitrary, code execution
systems | linux, windows, centos
advisories | CVE-2013-4835, OSVDB-99230
SHA-256 | b961edaf771081e73dba11e81febc940689847d6bed6412bc6f0a4ad23ff2aae
Firefox 15.0.1 Code Execution
Posted Dec 23, 2013
Site metasploit.com

On versions of Firefox from 5.0 to 15.0.1, the InstallTrigger global, when given invalid input, would throw an exception that did not have an __exposedProps__ property set. By re-setting this property on the exception object's prototype, the chrome-based defineProperty method is made available. With the defineProperty method, functions belonging to window and document can be overriden with a function that gets called from chrome-privileged context. From here, another vulnerability in the crypto.generateCRMFRequest function is used to "peek" into the context's private scope. Since the window does not have a chrome:// URL, the insecure parts of Components.classes are not available, so instead the AddonManager API is invoked to silently install a malicious plugin.

tags | exploit, cryptography
advisories | CVE-2012-3993, CVE-2013-1710, OSVDB-86111, OSVDB-96019
SHA-256 | f9c391aa7b550b10c8e9686f804da688eca5b3b20ea450df0a1b9e0dac71ac00
Synology DSM 4.3-3810 Directory Traversal
Posted Dec 23, 2013
Authored by Andrea Fabrizi

Synology DSM versions 4.3-3810 and below suffer from multiple directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion
advisories | CVE-2013-6987
SHA-256 | baddc783cba3ba3012c1d9f37e58531b749662074b81d95266d64e6544b90e21
Leed Authentication Bypass, SQL Injection, CSRF
Posted Dec 21, 2013
Authored by Alexandre Herzog

Leed suffers from authentication bypass, cross site request forgery, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
advisories | CVE-2013-2627, CVE-2013-2628, CVE-2013-2629
SHA-256 | 5d7cef70be868bc4ba37188215a7df2faffb093a6b4998f815979327d8478874
USP Secure Entry Server URL Redirection
Posted Dec 21, 2013
Authored by Alexandre Herzog | Site csnc.ch

USP Secure Entry Server suffers from a URL redirection vulnerability.

tags | exploit
advisories | CVE-2013-2764
SHA-256 | 995509d4226fbde7623bf7db3c4f9482a0db97f34ae2b2c1d1ded1f9c49e979b
Avast.com Cross Site Scripting
Posted Dec 21, 2013

Avast.com suffers from a cross site scripting vulnerability. This was sent to Packet Storm anonymously and was reported to the vendor. The vendor has not addressed the issue for months so it is being disclosed publicly in order to shed light on the issue.

tags | exploit, xss
SHA-256 | 1c3a06c072fae66bc640f5b7d482bbf52f72ae43fd03ae40a890739e3abdc7e3
Easy Karaoke Player 3.3.31 Integer Division By Zero
Posted Dec 21, 2013
Authored by Osanda Malith

Easy Karaoke Player version 3.3.31 integer division by zero exploit that creates a malicious wav file.

tags | exploit
SHA-256 | 6d06432f54e8ec7ac7db4d9cbb05a0800262ff09f5a802304ab7ffd7400318a2
HP Operations Orchestration Central 9.06 Cross Site Scripting
Posted Dec 20, 2013
Authored by Bart Leppens

HP Operations Orchestration Central version 9.06 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-6191, CVE-2013-6192
SHA-256 | 1cce985e37ff678546bdbfc58d9240c9e77f144952a275bef85b1bd85a23cb13
Huawei Technologies du Mobile Broadband 16.0 Local Privilege Escalation
Posted Dec 20, 2013
Authored by LiquidWorm | Site zeroscience.mk

du Mobile Broadband version 16.002.03.16.124 suffers from a local privilege escalation vulnerability due to improper permissions.

tags | exploit, local
SHA-256 | 2c70f2ccec1017caae9ab7e58c850bf30dd22596312e63d647efc6b69e032bcc
MBB CMS 004 Local File Inclusion / SQL Injection
Posted Dec 20, 2013
Authored by cr4wl3r

MBB CMS versions 004 and below suffer from local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
SHA-256 | 398c2a077d4abbc969a441b3fd784add2425de7c3d23257f5dcdd5847b8a0415
Codiad 2.0.7 Cross Site Scripting
Posted Dec 20, 2013
Authored by Project Zero Labs

Codiad version 2.0.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6fd396ea8dd173caabd6c81d45224dd5d0b1746c6bb28918a6904caa9714cd8c
RealPlayer Heap-Based Buffer Overflow
Posted Dec 20, 2013
Authored by Core Security Technologies, Ricardo Narvaja | Site coresecurity.com

Core Security Technologies Advisory - RealPlayer is prone to a security vulnerability when processing RMP files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine, by enticing RealPlayer users to open a specially crafted RMP file (client-side attack). Versions 16.0.2.32 and 16.0.3.51 are affected.

tags | exploit, remote, arbitrary
advisories | CVE-2013-6877
SHA-256 | 138c669ee28a20c01fad95f2ddae01490a953b8043d0631d15f8c2f418a3d9c1
Song Exporter 2.1.1 RS Local File Inclusion
Posted Dec 20, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Song Exporter version 2.1.1 RS suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | ea65da253d616e40f5ffe502874617705b1161d1a0b2f8c0e9df02a8b9936669
WordPress Persuasion Theme File Download / Deletion
Posted Dec 20, 2013
Authored by Interference Security

WordPress Persuasion Theme suffers from an arbitrary file download and deletion vulnerability.

tags | exploit, arbitrary
SHA-256 | 2a70725a6c45899c35c6c0202c7202b59dda01342cecd7705353378bc1f85037
Page 2 of 7
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close