what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 147 RSS Feed

Files

Plone CMS Credential Disclosure
Posted Jan 17, 2014
Authored by Cyrill Bannwart

Plone CMS suffers from a URL redirection credential disclosure vulnerability.

tags | exploit
advisories | CVE-2013-4200
SHA-256 | c8126f47351b05580931419b3561fe0a88c1f95cf8946c7dcd4656a6d3036dc7
bloofoxCMS 0.5.0 CSRF / LFI / SQL Injection
Posted Jan 17, 2014
Authored by AtT4CKxT3rR0r1ST

bloofoxCMS version 0.5.0 suffers from cross site request forgery, local file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion, csrf
SHA-256 | 668beef15d4f8f90dfb10c1735f36d023ec89384dee1488778317af0eb2ea645
Enghouse Interactive IVR Pro (VIP2000) Remote Root
Posted Jan 17, 2014
Authored by Peter Norin, Fredrik Soderblom | Site xpd.se

Enghouse Interactive IVR Pro (VIP2000) suffers from a remote root authentication bypass vulnerability due to a backdoor private/public ssh key being on the systems.

tags | exploit, remote, root, bypass
advisories | CVE-2013-6838
SHA-256 | 9a973cc7a8a5306a32bf2e720f7349327145d6bf719e12f5ffffa787228cb573
bloofoxCMS 0.5.0 CSRF / PHP Code Injection
Posted Jan 17, 2014
Authored by AtT4CKxT3rR0r1ST

bloofoxCMS version 0.5.0 suffers from a cross site request forgery vulnerability that allows for PHP code injection.

tags | exploit, php, csrf
SHA-256 | 988e6ee3eaf925c583a5a4974787622711445dbe0b89779c4e5cc37dd851f755
ManageEngine EventLog Analyzer 8.6 Cross Site Scripting
Posted Jan 17, 2014
Authored by Asheesh Kumar Mani Tripathi

ManageEngine EventLog Analyzer version 8.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fb2b863e3a6c89be1bed5b157e455b433c0efa45b5c8a60e740a73a619b3c3ba
haneWIN DNS Server 1.5.3 Denial Of Service
Posted Jan 17, 2014
Authored by sajith

haneWIN DNS Server version 1.5.3 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | fd11894f27db6ea3d16ce79549c8d30b70900e68f2b0ffdfe964f4db55ce894b
Joomla Sexy Polling 1.0.8 SQL Injection
Posted Jan 16, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

Joomla Sexy Polling extension version 1.0.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-7219
SHA-256 | 386f633addc7fcd69c71714e10ca43a9577c114d2f48bae9ca88cbf0936b85a3
Ajenti 1.2.13 Cross Site Scripting
Posted Jan 16, 2014
Authored by Project Zero Labs

Ajenti version 1.2.13 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f2384d32b3cba7169334e5e7866064ae6d12640e7c4f7b1f468bed3c547f1f20
DomPHP 0.83 SQL Injection
Posted Jan 16, 2014
Authored by Houssamix

DomPHP versions 0.83 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | cb2dcf35ad0fd792e1f894e8174876bc0f117e63ac62244dd54a12a0b864d723
SmarterMail 11.x Cross Site Scripting
Posted Jan 15, 2014
Authored by Saeed reza Zamanian

SmarterMail Enterprise and Standard versions 11.x and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2ed7fdcafc2c32f5180ce94a972dd1a299b8ef19a252dc6474a6b3e1d1d65458
XAMPP 3.2.1 Cross Site Scripting
Posted Jan 15, 2014
Authored by DevilScreaM

XAMPP version 3.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7e4de4aa57bfb79c844e7b693a14cc3809880e3e4222a8e2b4765d28905bc3cf
Q-Pulse 0.6 Cross Site Scripting
Posted Jan 15, 2014
Authored by help AG Middle East

Q-Pulse version 0.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-1238
SHA-256 | aeddee49f18b63a3ba201fb1edece17f1012a2441aad502132c7694694ce86db
Vacation Rental Script 3.0 CSRF / XSS / File Disclosure
Posted Jan 15, 2014
Authored by HackXBack

Vacation Rental Script version 3.0 suffers from file disclosure, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
SHA-256 | 0a5e63d846266b7f8ce568eb5fb1d48f4ca2ea10715cc7d83810fba312734bda
Vacation Packages Listing 2.0 CSRF / XSS / File Disclosure
Posted Jan 14, 2014
Authored by HackXBack

Vacation Packages Listing version 2.0 suffers from local file disclosure, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, local, vulnerability, xss, info disclosure, csrf
SHA-256 | 2bdf5252a437ed9b82fc9a36984e8ce2950adc00f97d72f42e80839b21d2f155
Collabtive 1.1 SQL Injection
Posted Jan 14, 2014
Authored by Yogesh Phadtare

Collabtive version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-6872
SHA-256 | 4ccd9392451157e07b80a97d674467a3ad3cd4c6211a3ac5eb02251e20a3f80d
Feixun FWR-604H Remote Command Execution
Posted Jan 14, 2014
Authored by Arash Abedian

Feixun wireless router model FWR-604H suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | a4d469886a452ba3ca6841d255b83c33a9d2eb192562894a501300d27c415c3a
Starbucks 2.6.1 Information Disclosure
Posted Jan 14, 2014
Authored by Daniel E. Wood

Starbucks mobile application version 2.6.1 stores user credentials in the clear.

tags | exploit, info disclosure
advisories | CVE-2014-0647
SHA-256 | f357262cd9b2c84a1496c59559c4d8a36bac082c31aa8a2cd66a36eea00f39b0
Hotel Booking System 3.0 CSRF / XSS / File Disclosure
Posted Jan 14, 2014
Authored by HackXBack

Hootel Booking System version 3.0 suffers from file disclosure, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
SHA-256 | f11147ea6f2aed760f4ad6a0e7accb507d0036a71ce14fc127752e18bebeb542
Property Listing Script 2.0 Cross Site Request Forgery
Posted Jan 14, 2014
Authored by HackXBack

Property Listing Script version 2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | e80ab65a3f1d49557eb6f680730572fdfee9645a2c0d6934525c5217d5c4221b
Pet Listing Script 1.0 Cross Site Request Forgery / Cross Site Scripting
Posted Jan 14, 2014
Authored by HackXBack

Pet Listing Script version 1.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 4b171a2301b674180ecc85661048b60eafae8407b2cc0708295835dc4ad7f961
Web eXperts Shell Upload / SQL Injection
Posted Jan 14, 2014
Authored by TUNISIAN CYBER

Web eXperts suffers from remote shell upload and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, web, shell, vulnerability, sql injection
SHA-256 | 29a0b07f364907ca5a8f9f9460b45a293c40de6d5feebac7fb0362ac7a1255f0
SoapUI Remote Code Execution
Posted Jan 14, 2014
Authored by Barak Tawily

SoapUI versions prior to 4.6.4 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2014-1202
SHA-256 | fdafc7da1814b9291ce4fb8a036001c106992cd441f8dafe7c706b07de221cbf
NETGEAR WNR1000v3 Password Disclosure
Posted Jan 13, 2014
Authored by c1ph04

Netgear WNR1000v3 routers suffer from a flaw in the password recovery flow that allows for disclosure of the plaintext router credentials. The flaw was reported to Netgear in April of 2013 and the vendor has yet to issue a patch. Included is a proof of concept exploit.

tags | exploit, proof of concept, info disclosure
SHA-256 | 10ceab3cf4e7cbcfbcc0663fea13a84947509762cb859ef415f65fff661f9866
Auto Classifieds Script 2.0 Cross Site Request Forgery
Posted Jan 13, 2014
Authored by HackXBack

Auto Classifieds Script version 2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | f4f0fffe69805f55c03dd4a31592eafbfc1421a48ec87d99f775c50b1aad2ad3
Job Listing Script Cross Site Request Forgery / Cross Site Scripting
Posted Jan 13, 2014
Authored by HackXBack

Job Listing Script suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | b2338f2a886d952aed1cde8bf6be26f46771fabd7fff42691f37fb3b50f7c6b6
Page 4 of 6
Back23456Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close