Showing 51 - 75 of 159

Files

X2Engine CRM 4.2.1 Cross Site Scripting: Posted Sep 24, 2014; Authored by Vadodil Joel Varghese; X2Engine CRM version 4.2.1 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 1553980341872faee49549bbfd60e4d56207ceb47517d124f9a6b20c48de9053; Download | Favorite | View

HttpFileServer 2.3c Cross Site Scripting: Posted Sep 24, 2014; Authored by Mahendra; HttpFileServer version 2.3c suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 2feb5ccca4ab293462a18355f56ef10135b82ba084f052bcbb31f14e195f9380; Download | Favorite | View

X2Engine 4.1.7 Unrestricted File Upload: Posted Sep 23, 2014; Authored by EgiX; X2Engine versions 4.1.7 and below suffer from an unrestricted file upload vulnerability due to poor use of a blacklist.; tags | exploit, file upload; advisories | CVE-2014-5298; SHA-256 | f7f0d377cb996b5e9e79057b4c8a18347d9ead55c06712219f6e0ee4196c0f23; Download | Favorite | View

X2Engine 4.1.7 PHP Object Injection: Posted Sep 23, 2014; Authored by EgiX; X2Engine versions 2.8 through 4.1.7 suffer from a PHP object injection vulnerability.; tags | exploit, php; advisories | CVE-2014-5297; SHA-256 | ce312d6d96cd4f148fb2b5cecb97b68cf00a123ef5c0ba90f41a768e2c83ad31; Download | Favorite | View

Get Simple CMS 3.3.3 CSRF / XSS / Clickjacking: Posted Sep 23, 2014; Authored by Vadodil Joel Varghese; Get Simple CMS version 3.3.3 suffers from cross site request forgery, clickjacking, and various cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; SHA-256 | 7faa651d8fdd22b54845204b42b632cb90d115af238c947e3a71f13b591e3ba9; Download | Favorite | View

xcode-select 13.4.0 Buffer Overflow: Posted Sep 23, 2014; Authored by Juan Sacco; xcode-select on Darwin kernel version 13.4.0 suffers from a buffer overflow vulnerability.; tags | exploit, overflow, kernel; SHA-256 | 2cfb55fd81aab106c5b8d98a5ff07944ed05f81d33482b0074aa0884859772ad; Download | Favorite | View

TP-LINK WDR4300 XSS / Denial Of Service: Posted Sep 22, 2014; Authored by Oz Elisyan; TP-LINK WDR4300 suffers from cross site scripting and denial of service vulnerabilities.; tags | exploit, denial of service, vulnerability, xss; advisories | CVE-2014-4727, CVE-2014-4728; SHA-256 | 96f6a7503c2af655eae7292736644ce83e0a4d4f6df61a2b334857eae73d6e26; Download | Favorite | View

Joomla Mac Gallery 1.5 Arbitrary File Download: Posted Sep 22, 2014; Authored by Claudio Viviani; Joomla Mac Gallery component versions 1.5 and below suffer from an arbitrary file download vulnerability.; tags | exploit, arbitrary; SHA-256 | 92c2bf84e86e20561df1eaa9ca9f6fd9ec03e8c9b1092777059db18344af0e07; Download | Favorite | View

KonaKart Storefront Application Cross Site Request Forgery: Posted Sep 22, 2014; Authored by Christian Schneider | Site christian-schneider.net; KonaKart Storefront Application versions prior to 7.3.0.0 suffer from a cross site request forgery bypass vulnerability.; tags | exploit, bypass, csrf; advisories | CVE-2014-5516; SHA-256 | 527973821e6614b395a15c0f745e0e2351e17b8c7738921e8d17f5bcd27a4476; Download | Favorite | View

Glype Proxy 1.4.9 Cross Site Request Forgery: Posted Sep 22, 2014; Authored by Securify B.V.; Glype Proxy version 1.4.9 privacy settings can be bypassed via cross site request forgery.; tags | exploit, csrf; SHA-256 | 5f29a607322d5f837369955ce66d4a2f3d17bda78f12df427d8d7e1333243020; Download | Favorite | View

Glype Proxy 1.4.9 Filter Bypass: Posted Sep 22, 2014; Authored by Securify B.V.; Glype Proxy version 1.4.9 suffers from a local address filer bypass vulnerability.; tags | exploit, local, bypass; SHA-256 | 861ab543f64b4b0395368a45276441e04c4678908a962ea14f4f637855924384; Download | Favorite | View

Joomla Face Gallery 1.0 SQL Injection / File Download: Posted Sep 22, 2014; Authored by Claudio Viviani; Joomla Face Gallery component version 1.0 suffers from remote SQL injection and arbitrary file download vulnerabilities.; tags | exploit, remote, arbitrary, vulnerability, sql injection, file inclusion; SHA-256 | be82220d948205abc7bb6578e33091fb5a65a984d95e4e2774758733247b1f76; Download | Favorite | View

Glype Proxy 1.4.9 Cookie Jar Path Traversal / Code Execution: Posted Sep 22, 2014; Authored by Securify B.V.; A path traversal vulnerability has been identified in the Glype web-based proxy that allows an attacker to run arbitrary PHP code on the server or to remove critical files from the filesystem. Version 1.4.9 is affected.; tags | exploit, web, arbitrary, php; SHA-256 | 90908a193872545e7e1dc5fd354b168c8969c94042ebe864eaa3c75d1060efe3; Download | Favorite | View

TomatoCart 1.1.8.6.1 Cross Site Scripting: Posted Sep 22, 2014; Authored by Kenneth F. Belva; TomatoCart version 1.1.8.6.1 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 79fa551178c89cd026702176897012baab890d8c7eba697d2cb60aa11162509c; Download | Favorite | View

Pizza Inn Registration Cross Site Scripting: Posted Sep 21, 2014; Authored by Kenneth F. Belva; Pizza Inn Registration suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 5a1edb79b7fe3d9798b3fa1e02d42acaf8165ce59f390a7d27dbc6a0528d5111; Download | Favorite | View

OKCupid Cross Site Scripting: Posted Sep 21, 2014; Authored by Kenneth F. Belva; OKCupid server error pages suffered from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2014-3148; SHA-256 | 55b9edd72c42fe42439c54b83648a6ae9a40cbf862490bd921f0a61780685848; Download | Favorite | View

Your Online Shop Cross Site Scripting: Posted Sep 20, 2014; Authored by Kenneth F. Belva; Your Online Shop suffers from a reflective cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 8a1368e00d3bdd6c67cc3a0fb225fcffbf5805b7e49ded4b9610a5024c9e2a91; Download | Favorite | View

Exponent CMS 2.3.0 Cross Site Scripting: Posted Sep 20, 2014; Authored by Kenneth F. Belva; Exponent CMS version 2.3.0 suffers from a POST reflective cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 8de9029830cf1e4c70982c3606140b89c2335ac9e0895a778b8774e36b32e9e2; Download | Favorite | View

GetSimpleCMS PHP File Upload: Posted Sep 19, 2014; Authored by Ahmed Elhady Mohamed | Site metasploit.com; This Metasploit module exploits a file upload vulnerability in GetSimple CMS. By abusing the upload.php file, a malicious authenticated user can upload an arbitrary file, including PHP code, which results in arbitrary code execution.; tags | exploit, arbitrary, php, code execution, file upload; advisories | OSVDB-93034; SHA-256 | 93b94988b458fdd8ae88cd22f63db59e3b576b4062534971e43a8c37439ee4e2; Download | Favorite | View

M/Monit 3.2.2 Cross Site Request Forgery: Posted Sep 19, 2014; Authored by Dolev Farhi; M/Monit versions 3.2.2 and below suffer from multiple cross site request forgery vulnerabilities.; tags | exploit, vulnerability, csrf; advisories | CVE-2014-6409, CVE-2014-6607; SHA-256 | 560d50f9addae35f05fedbf10890391928e6f7c978e7366d56a5768cce8b88ba; Download | Favorite | View

WatchGuard XTM 11.8.3 Cross Site Scripting: Posted Sep 18, 2014; Authored by William Costa; WatchGuard XTM version 11.8.3 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 28653a9ce5d4db57c8abb7dd1263d077616114f7796467876c715230ceaffa98; Download | Favorite | View

Netgear Download Center Cross Site Scripting / Open Redirect: Posted Sep 18, 2014; Authored by Claudio Viviani; downloadcenter.netgear.com suffers from cross site scripting and open redirection vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 60a82711956e8b58fd95979ae9a77382e6d217c936db9096da12b031ae315d28; Download | Favorite | View

Oracle MyOracle Filter Bypass: Posted Sep 18, 2014; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; Oracle's MyOracle allows for malicious script code insertion into outbound emails.; tags | exploit; SHA-256 | 2fcd6931ec20a2d7cf11ff686d410dc910c65f0bee51657c6a8291716070a75b; Download | Favorite | View

Nokia Asha 501 Lock Bypass: Posted Sep 17, 2014; Authored by Hammad Shamsi; The Nokia Asha platform suffers from a lock code bypass vulnerability that allows for access to call records.; tags | exploit, bypass; SHA-256 | c3690f476187bf4b7bceed617052bbbc1450f4932dead991db1083b0707d5e1e; Download | Favorite | View

MODX Revolution 2.3.1-pl Cross Site Scripting: Posted Sep 17, 2014; Authored by High-Tech Bridge SA | Site htbridge.com; MODX Revolution version 2.3.1-pl suffers from a reflective cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2014-5451; SHA-256 | 896e235037a75dfd399a6f028da7f8f942cfe7ede4331bb0775a05c0e3064ee2; Download | Favorite | View

Page 3 of 7 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

Files

Top Authors In Last 30 Days

Recent News