exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 190 RSS Feed

Files

ATutor 2.1.1 Cross Site Scripting
Posted Feb 22, 2014
Authored by HauntIT

ATutor version 2.1.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 7772d5d04726dc9eca9f992b4b09c7718cd6b7879c83584b7b588b41971c633d
Embedthis Goahead 3.1.3-0 Denial Of Service
Posted Feb 22, 2014
Authored by 0in

Embedthis Goahead webserver version 3.1.3-0 suffers from multiple denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
SHA-256 | 44cd51d338e32d88e1eaa567a6bbc3e1b11cda0771b9da276ef085ebd630834f
Barracuda Firewall Exception Handling Cross Site Scripting
Posted Feb 22, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Barracuda Firewall suffers from a cross site scripting vulnerability in the exception handling functionality.

tags | exploit, xss
SHA-256 | dc40815561f66aa5a2bb21a7ca2b1f03cd6c36a9519c40953253af410f5f16d2
Stark CRM 1.0 Script Injection / Session Riding
Posted Feb 21, 2014
Authored by LiquidWorm | Site zeroscience.mk

Multiple stored cross site scripting and cross site request forgery vulnerabilities exist when parsing user input to several POST parameters in Stark CRM version 1.0. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site and/or execute arbitrary HTML and script code in a user's browser session.

tags | exploit, web, arbitrary, vulnerability, xss, csrf
SHA-256 | 8c7cb8470dd05d45f08a3c8bf719e35d3641de67c99f53df0cf0f5d685cf33c5
AdRotate 3.9.4 SQL Injection
Posted Feb 21, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

AdRotate version 3.9.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-1854
SHA-256 | e266028eac942f15f6d5c12f24958ce411494ef2b61a024a7a8ebda861c5fcd0
Barracuda Networks Web Firewall X300 Cross Site Scripting
Posted Feb 21, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Barracuda Networks Web Firewall X300 suffers from multiple script insertion vulnerabilities.

tags | exploit, web, vulnerability
SHA-256 | 36ae852bde5cb477c4ae3614c988ae04b0ae0022389592cbd8ba055f726c683f
Egroupware 1.8.005 PHP Object Insertion
Posted Feb 21, 2014
Authored by Pedro Ribeiro

Egroupware versions 1.8.005 and below suffer from a PHP object insertion vulnerability that can allow for arbitrary file deletion and possibly code execution.

tags | exploit, arbitrary, php, code execution
advisories | CVE-2014-2027
SHA-256 | 6acf0c7bb78bf16c4e7a80bf94295df8ed76adf8b9f716ddf1396c8f075f25e8
Lotus Sametime 8.5.1 Password Disclosure
Posted Feb 21, 2014
Authored by Adriano Marcio Monteiro

Verbose logging in Lotus Sametime version 8.5.1 logs a user password simply base64 encoded.

tags | exploit, info disclosure
SHA-256 | 83a7b3d0184d9980f17866ccfef1a87269f5a9bffc36ad1349b83d3f04116a88
Catia V5-6R2013 Stack Buffer Overflow
Posted Feb 21, 2014
Authored by Mohamed Shetta

Dassault Systemes Catia V5-6R2013 "CATV5_Backbone_Bus" stack buffer overflow exploit.

tags | exploit, overflow
SHA-256 | b9c312295d8a073944dc628dace9c57b37d1c0999e861122190110bb6b4e4bd6
VideoCharge Studio 2.12.3.685 MITM Code Execution
Posted Feb 21, 2014
Authored by Julien Ahrens | Site rcesecurity.com

VideoCharge Studio version 2.12.3.685 GetHttpResponse() man in the in middle remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 228da2a55f85e238a38f51f0a1e8c982a474297369a89295f5a2d46727406ec5
VideoCharge Studio 2.12.3.685 Stack Buffer Overflow
Posted Feb 20, 2014
Authored by Julien Ahrens | Site rcesecurity.com

VideoCharge Studio version 2.12.3.685 suffers from a stack buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 73fd64057ffa4960396c8186ba3b099299420ab0955d8d2a7ad8d4308d44e0eb
Barracuda Message Archiver 650 Cross Site Scripting
Posted Feb 20, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Barracuda Message Archiver 650 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c5e54f9d0079086202b8f53bdb2e3aae88194dc2ae39e9f989565f1b9d4ec9ff
D-LINK DIR-615 Cross Site Request Forgery
Posted Feb 20, 2014
Authored by Dhruv Shah

D-LINK DIR-615 hardware version E4 with firmware version 5.10 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 79c1fce86910caf00ee360dd0bfae7427428d7e44f5672f4781cd8741683517e
SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 Buffer Overflow
Posted Feb 20, 2014
Authored by Mohamed Shetta

SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 suffers from a stack buffer overflow vulnerability.

tags | exploit, denial of service, overflow
SHA-256 | b53b0842f06abd5f681b92c8635f73be4d64f335c2f4519000c78f057c047e85
ICEWARP 11.0.0.0 Script Insertion
Posted Feb 20, 2014
Authored by Usman Saeed

ICEWARP client versions 11.0.0.0 and 10.3.4 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2c88f1ef76dc5398e8df3835afc5073a52f444ebc0c66b2712321aa934123890
WRT120N 1.0.0.7 Stack Overflow
Posted Feb 20, 2014
Authored by Craig Heffner

WRT120N version 1.0.0.7 stack overflow exploit which clears the admin password.

tags | exploit, overflow
SHA-256 | e1aa2a251a9986b0b7cc00e00e274da9c8e78a9cfc2a13541756864a4b3830d7
Catia V5-6R2013 Stack Buffer Overflow
Posted Feb 20, 2014
Authored by Mohamed Shetta

Dassault Systemes Catia V5-6R2013 "CATV5_AllApplications" stack buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2014-2072
SHA-256 | 1be0352867ab66e7dea0e60aee325461d7ff44a486cd22b219ee5c8f24f398d3
Audiotran PLS File Stack Buffer Overflow
Posted Feb 19, 2014
Authored by Philip OKeefe | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in Audiotran 1.4.2.4. An attacker must send the file to victim and the victim must open the file. Alternatively, it may be possible to execute code remotely via an embedded PLS file within a browser when the PLS extension is registered to Audiotran. This alternate vector has not been tested and cannot be exercised directly with this module.

tags | exploit, overflow
SHA-256 | 416febd41619c975530529fc936ca67953ccced226960a6d9ed2963765f0e9d1
MediaWiki Thumb.php Remote Command Execution
Posted Feb 19, 2014
Authored by Brandon Perry, Ben Harris, Netanel Rubin | Site metasploit.com

MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5 and 1.19.x before 1.19.11, when DjVu or PDF file upload support is enabled, allows remote unauthenticated users to execute arbitrary commands via shell metacharacters. If no target file is specified this module will attempt to log in with the provided credentials to upload a file (.DjVu) to use for exploitation.

tags | exploit, remote, arbitrary, shell, file upload
advisories | CVE-2014-1610
SHA-256 | 853d2b2d7b1ab2575d40f73544cf31c3010f47bbfc35b70e1a2faa0dfdf9204d
NextGEN Gallery 2.0.0 Directory Traversal
Posted Feb 19, 2014
Authored by Tom Adams

NextGEN Gallery version 2.0.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | e3458a8c74f3c001efa3bfdb570c45c30de40309b1d07179c26ba0f2f9d6e2e3
BP Group Documents 1.2.1 XSS / CSRF / File Move
Posted Feb 19, 2014
Authored by Tom Adams

BP Group Documents version 1.2.1 suffers from arbitrary file move, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss, csrf
SHA-256 | 8a707cf5bc4c2000cdf55d486b672a05ed03bbb49e8200801cd7f3292c2a619e
Concrete5 5.6.2.1 SQL Injection
Posted Feb 19, 2014
Authored by killall-9

Concrete5 version 5.6.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e042e299af9901ad5a44967e089d5c286c03a713d607a05db41f1a6ad2975889
MODx Evogallery Shell Upload
Posted Feb 19, 2014
Authored by TUNISIAN CYBER

MODx Evogallery module suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 9a784e67c0f7356664c59bb5470d74fa98e7cddf5e78d753a95b794b54442202
Giftcard Cross Site Scripting
Posted Feb 19, 2014
Authored by Stefan Schurtz

Multiple giftcard sites suffer from cross site scripting vulnerabilities. The vendor has failed to make good on their bug bounty program claiming they are duplicate findings but has never addressed the issues.

tags | exploit, vulnerability, xss
SHA-256 | 8a8a5b2527c53ec54d24e012abe5d9f6540c8d3fb6ccb01b41286319fc8fb060
File Hub 1.9.1 Code Execution / Local File Inclusion
Posted Feb 18, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

File Hub version 1.9.1 suffers from remote code execution and local file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
SHA-256 | fb2b943db8bc3e86e07c39ad67f7b3baed8d871ca32abfab010521177ba59b0a
Page 4 of 8
Back23456Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close