Exploit the possiblities
Showing 1 - 25 of 195 RSS Feed

Files

Packet Storm New Exploits For February, 2014
Posted Mar 2, 2014
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 194 exploits added to Packet Storm in February, 2014.

tags | exploit
systems | linux
MD5 | 4fbc4d1d7e04c4deee4ae637b3b0bd76
couponPHP CMS 1.0 Cross Site Scripting / SQL Injection
Posted Feb 28, 2014
Authored by LiquidWorm | Site zeroscience.mk

couponPHP CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | bbb6171551f00ca805f0fd04698eb8ae
Plex Media Server 0.9.9.2.374-aa23a69 Bypass / File Disclosure
Posted Feb 28, 2014
Authored by S. Viehbock | Site sec-consult.com

Plex Media Server versions 0.9.9.2.374-aa23a69 and below suffer from authentication bypass and local file disclosure vulnerabilities.

tags | exploit, local, vulnerability
MD5 | caef9d52859c1aa6653bf1f05c425a35
VCDGEAR 3.50 Stack Buffer Overflow
Posted Feb 28, 2014
Authored by Juan Sacco

VCDGEAR version 3.50 suffers from a stack-based buffer overflow vulnerability.

tags | exploit, overflow
MD5 | f1a5ac01cc206095a5a9896555748f15
Microsoft Office 365 Outlook Filter Bypass
Posted Feb 28, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Microsoft Office 365 Outlook suffers from filter bypass and script insertion vulnerabilities.

tags | exploit, vulnerability
MD5 | 25baa692d8e3fe0ff15188fcf7b7fc4b
OrangeHRM 3.1.1 Cross Site Scripting
Posted Feb 28, 2014
Authored by HauntIT

OrangeHRM version 3.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 20789db5c89a9555e1020f00f215cabd
SpagoBI 4.0 Privilege Escalation
Posted Feb 28, 2014
Authored by Christian Catalano

SpagoBI version 4.0 suffers from an administrative privilege escalation vulnerability.

tags | exploit
advisories | CVE-2013-6231
MD5 | 7970c993e8a493f4ef2e596031495c2b
webERP 4.11.3 SQL Injection
Posted Feb 28, 2014
Authored by HauntIT

webERP version 4.11.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | bf32ac00c8f1f5ba7806e51c9ca76392
doorGets 6.0 Cross Site Scripting
Posted Feb 28, 2014
Authored by HauntIT

doorGets version 6.0 suffers from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
MD5 | ab4a3f68900f46a38b8210a86c6be240
MICROSENS PLMISWM 10.3.1 Privilege Escalation
Posted Feb 28, 2014
Authored by Christian Kudera, Stefan Riegler | Site sec-consult.com

MICROSENS Profi Line Modular Industrial Switch Web Manager version 10.3.1 suffers from a privilege escalation vulnerability.

tags | exploit, web
MD5 | 560d4bad551ba72d0dd1220d814ca159
GE Proficy CIMPLICITY gefebt.exe Remote Code Execution
Posted Feb 28, 2014
Authored by juan vazquez, Z0mb1E, amisto0x07 | Site metasploit.com

This Metasploit module abuses the gefebt.exe component in GE Proficy CIMPLICITY, reachable through the CIMPLICIY CimWebServer. The vulnerable component allows to execute remote BCL files in shared resources. An attacker can abuse this behaviour to execute a malicious BCL and drop an arbitrary EXE. The last one can be executed remotely through the WebView server. This Metasploit module has been tested successfully in GE Proficy CIMPLICITY 7.5 with the embedded CimWebServer. This Metasploit module starts a WebDAV server to provide the malicious BCL files. When the target hasn't the WebClient service enabled, an external SMB service is necessary.

tags | exploit, remote, arbitrary
advisories | CVE-2014-0750
MD5 | 7214d05adba6a25634f88649ee6cb1dd
Total Video Player 1.3.1 Buffer Overflow
Posted Feb 28, 2014
Authored by Mike Czumak | Site metasploit.com

This Metasploit module exploits a buffer overflow in Total Video Player 1.3.1. The vulnerability occurs opening malformed Settings.ini file e.g."C:\Program Files\Total Video Player\". This Metasploit module has been tested successfully over Windows WinXp-Sp3-EN, Windows 7, Windows 8.

tags | exploit, overflow
systems | windows, xp, 7
MD5 | 6d4a1753e43464bbcdf285f46e56458c
EPESI CRM 1.5.5 Cross Site Scripting
Posted Feb 28, 2014
Authored by HauntIT

EPESI CRM version 1.5.5-20140113 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | b18526a5d2a32bd7faa9881088d47735
GDL 4.2 XSS / SQL Injection / Traversal
Posted Feb 28, 2014
Authored by ByEge

GDL version 4.2 suffers from cross site scripting, remote SQL injection, and directory traversal vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion
MD5 | c9a5025ecc61c3501600d0920577f7da
Music AlarmClock 2.1.0 Crash
Posted Feb 28, 2014
Authored by Gabor Seljan

Music AlarmClock version 2.1.0 crash denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 51c7c63b0ddb4d5c397aa505d417c089
VideoWhisper Live Streaming Integration 4.27.3 XSS / Shell Upload / Traversal
Posted Feb 27, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

VideoWhisper Live Streaming Integration version 4.27.3 suffers from cross site scripting, remote shell upload, information exposure, and path traversal vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, file inclusion
advisories | CVE-2014-1905, CVE-2014-1906, CVE-2014-1907, CVE-2014-1908
MD5 | 09168241f9f073bc603f605370e5e556
GoldMP4Player 3.3 Buffer Overflow
Posted Feb 27, 2014
Authored by metacom

GoldMP4Player version 3.3 local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | 53e819dc2f50b47cc74617e4c0512873
German Telekom Local File Inclusion
Posted Feb 27, 2014
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

The German Telekom website suffered from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 49cd97e0f2713a515fe83d852b069dc0
Bluetooth Photo Share Pro 2.0 Local File Inclusion / File Upload
Posted Feb 27, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Bluetooth Photo Share Pro version 2.0 suffers from local file inclusion and remote arbitrary file upload vulnerabilities.

tags | exploit, remote, arbitrary, local, vulnerability, file inclusion, file upload
MD5 | 276fc44638a1ae51e8531cb7db19974c
GroupOffice 5.0.44 Cross Site Scripting
Posted Feb 27, 2014
Authored by HauntIT

GroupOffice version 5.0.44 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | cded844fbd1f3f288713ee313afbe3bb
PHP-CMDB 0.7.3 Cross Site Scripting / SQL Injection
Posted Feb 27, 2014
Authored by HauntIT

PHP-CMDB version 0.7.3 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, xss, sql injection
MD5 | 7b713568be1d802a7326a4ce6f06fc37
X2Engine 3.7.3 Cross Site Scripting / Shell Upload / SQL Injection
Posted Feb 27, 2014
Authored by HauntIT

X2Engine version 3.7.3 suffers from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
MD5 | 7fb5efe01bf5fb010514f711fc818978
PHP Calendar 2.0.1 XSS / Information Disclosure
Posted Feb 27, 2014
Authored by HauntIT

PHP Calendar version 2.0.1 suffers from multiple cross site scripting and information disclosure vulnerabilities.

tags | exploit, php, vulnerability, xss, info disclosure
MD5 | 02b92168d6396bdd729a9fd916437292
Moodle 2.6.1 Cross Site Scripting
Posted Feb 27, 2014
Authored by HauntIT

Moodle version 2.6.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | c806ba416d22e01271fea9b1f75d4f37
Open-School Community Edition 2.2 Cross Site Scripting
Posted Feb 27, 2014
Authored by HauntIT

Open-School Community Edition version 2.2 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 0241f9841ff407095fa8f2e516baff9a
Page 1 of 8
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close