exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 162 RSS Feed

Files

Packet Storm New Exploits For April, 2014
Posted May 1, 2014
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 162 exploits added to Packet Storm in April, 2014.

tags | exploit
systems | linux
SHA-256 | 5007010267078b63a4b3b6a4243ee9a14e54335fe86b574a638aafce29bff230
BarracudaDrive 6.7.1 Cross Site Scripting
Posted Apr 29, 2014
Authored by Shakeel Bhat | Site secpod.com

BarracudaDrive version 6.7.1 suffers from multiple persistent and reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 0a2ef5f75a8530b4c12f4d929e7c3fa5ef16f61b8b0b3a34dbfee192690742b5
Lavarel-Security XSS Filter Bypass
Posted Apr 29, 2014
Authored by Rafay Baloch

Lavarel-Security cross site scripting filter suffers from a bypass vulnerability.

tags | exploit, xss, bypass
SHA-256 | 74a3d9484d7c2708d5444ae78215745101425b380c8a4b50a833eee46fd07a68
Adobe Flash Player Type Confusion Remote Code Execution
Posted Apr 29, 2014
Authored by bannedit, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a type confusion vulnerability found in the ActiveX component of Adobe Flash Player. This vulnerability was found exploited in the wild in November 2013. This Metasploit module has been tested successfully on IE 6 to IE 10 with Flash 11.7, 11.8 and 11.9 prior to 11.9.900.170 over Windows XP SP3 and Windows 7 SP1.

tags | exploit, activex
systems | windows
advisories | CVE-2013-5331
SHA-256 | 2547432fd02f1ba4aff29ae93a0c14c41a56c95f4cec7e25e1165d0846aa03ec
NULL NUKE CMS 2.2 CSRF / XSS / SQL Injection / Shell Upload
Posted Apr 29, 2014
Authored by LiquidWorm | Site zeroscience.mk

NULL NUKE CMS version 2.2 suffers from cross site request forgery, cross site scripting, arbitrary file deletion, remote command execution, arbitrary file access, directory traversal, open redirection, and remote shell upload vulnerabilities.

tags | exploit, remote, arbitrary, shell, vulnerability, xss, csrf
SHA-256 | 885c0aa9f9866fb98106773eb936825f19e7e0540b5ae94b279a5b78a8858214
TRENDnet TEW-634GRU 1.00.23 Disclosure / DoS / Privilege Escalation
Posted Apr 28, 2014
Authored by SirGod

TRENDnet TEW-634GRU version 1.00.23 suffers from local file disclosure, router crash, and privilege escalation vulnerabilities.

tags | exploit, local, vulnerability
SHA-256 | 38342dcf82a4e158add2c032f5e76a186438778accbb57fe5bb4c316489090c3
NTP DDoS Amplification
Posted Apr 28, 2014
Authored by Danilo PC

NTP ntpd monlist query reflection denial of service exploit.

tags | exploit, denial of service
advisories | CVE-2013-5211
SHA-256 | fc458431c984a824aac0863ef7422ed300c3dc830b42f819b52b5db6f76ba518
McAfee ePolicy Owner (ePowner) 0.1
Posted Apr 28, 2014
Authored by Jerome Nokin

McAfee ePolicy Owner (ePowner) version 0.1 is an exploit that can add an administrative user to McAfee ePolicy Orchestrator as well as execute arbitrary commands on versions 4.6.0 through 4.6.5.

tags | exploit, arbitrary
systems | unix
advisories | CVE-2013-0140, CVE-2013-0141
SHA-256 | 0d651b0edd706e44bde243c2797b7f496490b9316136b12f61d3d2aa3d0e1523
SEP Manager 12.1.2015.2015 Overflow Proof Of Concept
Posted Apr 28, 2014
Authored by Jerome Nokin

Symantec Endpoint Protection Manager version 12.1.2015.2015 SEH overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
systems | unix
advisories | CVE-2013-1612
SHA-256 | 8bee128e1781c61bead3c3b0efa4f85a7a42194ff51d0beaf8d2d0e973d01216
Cells Blog 3.4 Cross Site Scripting
Posted Apr 28, 2014
Authored by kurdish hackers team

Cells Blog version 3.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ac38eaafb762b8cd9ec3b83028d2896357b2d5a6ff887d5e608437f19de3ff8e
CalendarScript 3.2.1 Password Disclosure
Posted Apr 28, 2014
Authored by Felipe Andrian Peixoto

CalendarScript version 3.2.1 suffers from a remote password disclosure vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, info disclosure
SHA-256 | 2e13799d7288e78b76f6fa3dbafdf7e565429515f7fc0f98fd86950948824f2d
Adem 0.5.1 Local File Inclusion
Posted Apr 28, 2014
Authored by jiko

Adem version 0.5.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 5490331b8db5b36ceac02b07263b7087277af584b62dbd78bccb2cfc1a49abbc
Kmplayer 3.8.0.122 / 3.8.0.123 DLL Hijacking
Posted Apr 28, 2014
Authored by Aryan Bayaninejad

Kmplayer versions 3.8.0.122 and 3.8.0.123 suffer from a dll hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2014-2985
SHA-256 | 4f4e9badb8f84d790e98982d772cc340148cbc9c1495f5667c8e623b4e81ca66
Tapatalk Forum Cross Site Scripting
Posted Apr 27, 2014
Authored by E. Burtay Sahin

Tapatalk Forum suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 253cd5c79575f7fb9259f5fda766b097a52ff591c1badea81b43b1012790918a
Wireshark 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow
Posted Apr 25, 2014
Authored by j0sm1, Wesley Neelen | Site metasploit.com

This Metasploit module triggers a stack buffer overflow in Wireshark versions 1.8.12/1.10.5 and below by generating an malicious file.

tags | exploit, overflow
advisories | CVE-2014-2299
SHA-256 | 9a0517e6d1e5163de35e4817296671008162392223a5c12c8ee4a7970047e1f9
Mac OS X NFS Mount Privilege Escalation
Posted Apr 25, 2014
Authored by joev, Kenzley Alphonse | Site metasploit.com

This exploit leverage a stack overflow vulnerability to escalate privileges. The vulnerable function nfs_convert_old_nfs_args does not verify the size of a user-provided argument before copying it to the stack. As a result by passing a large size, a local user can overwrite the stack with arbitrary content. Mac OS X Lion Kernel versions equal to and below xnu-1699.32.7 except xnu-1699.24.8 are affected.

tags | exploit, overflow, arbitrary, kernel, local
systems | apple, osx
SHA-256 | 7dda844fc6c2159587750ff9bbb7d5956502e05e69840baeb969d48120b1443f
VideoWhisper 7 Cross Site Scripting
Posted Apr 25, 2014
Authored by Mahmoud Ghorbanzadeh

VideoWhisper version 7 for Drupal suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-2715
SHA-256 | 3cb36f0f355441197eacc71c9ca9d019691be0cbec19e7c31df8fb082d3eb583
Depot WiFi 1.0.0 Code Execution / Local File Inclusion
Posted Apr 25, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Depot WiFi version 1.0.0 for iOS suffers from code execution and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, code execution, file inclusion
systems | apple, ios
SHA-256 | 239876a4258fa1ffcf2718fcb13020b5cd7008ce28f17eef80d30d9eaea994bd
GeoCore MAX DB 7.3.3 Blind SQL Injection
Posted Apr 25, 2014
Authored by Esac

GeoCore MAX DB version 7.3.3 suffers from a time-based remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 64ba7edde32456837b3726c9218f6cbada0d228c7d4a3ff8408e3d7216df33dc
WordPress iMember360is 3.9.001 XSS / Disclosure / Code Execution
Posted Apr 25, 2014
Authored by Everett Griffiths

WordPress iMember360is plugin versions 3.8.012 through 3.9.001 suffers from arbitrary code execution, database credential disclosure, arbitrary user deletion, and cross site scripting vulnerabilities.

tags | exploit, arbitrary, vulnerability, code execution, xss, info disclosure
SHA-256 | 4d85f0311356c907bff3b2196646e771d62abcd6b04f759570f4f0300a39cb77
WordPress Work-The-Flow 1.2.1 Shell Upload
Posted Apr 25, 2014
Authored by nopesled

WordPress Work-The-Flow plugin version 1.2.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 81151a69aad7d23a4b3ad3b647d219987ca81d347d7e6393e87eb89ac65182da
Kolibri 2.0 Stack Buffer Overflow
Posted Apr 25, 2014
Authored by Polunchis

Kolibri version 2.0 GET request stack buffer overflow exploit that spawns a bindshell on TCP/4444.

tags | exploit, overflow, tcp
SHA-256 | 329f1e7a41c16584e5af9f1499b811f888b81bccdba1aee77683cad9955bd7b6
InfraRecorder 0.53 Unicode Buffer Overflow
Posted Apr 25, 2014
Authored by Osanda Malith

InfraRecorder version 0.53 suffers from a unicode buffer overflow vulnerability.

tags | exploit, denial of service, overflow
SHA-256 | 0b8679268a6b10a4b2a1deab7b8b065f4eb7d1e739f4942337e4e38231c083d0
WordPress Echelon Theme Shell Upload
Posted Apr 25, 2014
Authored by th3rockst3r

The WordPress Echelon theme suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | c33b258feee36d875dc4c0082563970e58db338744d94505982121e9877a3449
xnews 3-0-0 Cross Site Scripting
Posted Apr 25, 2014
Authored by kurdish hackers team | Site kurdteam.org

xnews version 3-0-0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | cb801e3e008731eae78be6fac9fbc8ace62b194df563ec4abc47db0f3fbefd09
Page 1 of 7
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close