Showing 76 - 100 of 175

Files

Landesk Management Suite 9.5 RFI / CSRF: Posted Apr 19, 2015; Authored by Alex Haynes; Landesk Management Suite version 9.5 suffers from cross site request forgery and remote file inclusion vulnerabilities.; tags | exploit, remote, vulnerability, code execution, file inclusion, csrf; advisories | CVE-2014-5361, CVE-2014-5362; SHA-256 | 7bdfe59dc30a3b71753bd3a33281c2051ca69929c42f568988b546e2de5d4ccd; Download | Favorite | View

BlueDragon CFChart Servlet 7.1.1.17759 Directory Traversal: Posted Apr 19, 2015; Authored by Mike Westmacott | Site portcullis-security.com; The CFChart servlet of BlueDragon (component com.naryx.tagfusion.cfm.cfchartServlet) is vulnerable to arbitrary file retrieval due to a directory traversal vulnerability. In certain circumstances the retrieved file is also deleted. Versions 7.1.1.17759 is affected.; tags | exploit, arbitrary, file inclusion; advisories | CVE-2014-5370; SHA-256 | c7fba25e82be748cfef6834fae314b9c87f9647ed21ced05ff757e5a06e0bb5f; Download | Favorite | View

ADB Backup Traversal / File Overwrite: Posted Apr 19, 2015; Authored by Imre Rad; ADB backup on Android version 4.0.4 allows for file overwrite via modified tar headers.; tags | exploit, file inclusion; advisories | CVE-2014-7951; SHA-256 | 05f57d5729d25c00164ccfa74bfb76fe4328bb79a10efd4cf3e895cd21b26843; Download | Favorite | View

WordPress Content Slide 1.4.2 CSRF / Cross Site Scripting: Posted Apr 19, 2015; Authored by Tom Adams; WordPress Content Slide plugin version 1.4.2 suffers from cross site request forgery and stored cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; SHA-256 | 4766ca76e4e167f91e8d6586e49ab8b197c4767255485e74d57daa27c79079ed; Download | Favorite | View

Android Backup Agent Arbitrary Code Execution: Posted Apr 19, 2015; Authored by Imre Rad; The Android backup agent implementation was vulnerable to privilege escalation and race condition. An attacker with adb shell access could run arbitrary code as the system (1000) user (or any other valid package). The attack is tested on Android OS 4.4.4.; tags | exploit, arbitrary, shell; advisories | CVE-2014-7951; SHA-256 | 179057ea228364a9ce3f89ec74a1a1873d65e8c8b3dd447dccc0af6935bf1a87; Download | Favorite | View

WordPress Citizen Space 1.1 Cross Site Scripting: Posted Apr 19, 2015; Authored by Glyn Wintle; WordPress Citizen Space plugin version 1.1 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | f85ae4ff7e5349a8c27498d31e4740d3b651ac5a808ca4756f703363ae30f397; Download | Favorite | View

Mac OS X Local Denial Of Service: Posted Apr 19, 2015; Authored by Maxime Villard; Local denial of service exploit for Mac OS X kernel versions prior to 10.10.3.; tags | exploit, denial of service, kernel, local; systems | apple, osx; advisories | CVE-2015-1100; SHA-256 | 8b8206b45dab552c0adf67970b3e4fcfdbb4fc7e2eb2c3e21b6e0df9e621e2d3; Download | Favorite | View

Wolf CMS 0.8.2 Shell Upload: Posted Apr 18, 2015; Authored by CWH Underground, ZeQ3uL; Wolf CMS version 0.8.2 suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | 4990d8207294db847c52a10db69b2d36845054777429b586fc9dc3d039882413; Download | Favorite | View

Nodes Studio CMS XSS / Path Disclosure / SQL Injection: Posted Apr 18, 2015; Authored by MustLive; Nodes Studio CMS suffers from cross site scripting, path disclosure, and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | 48c4b8ee1b1536b0509531c834ad18f7f741a4940839a87127f8f0668b6c019a; Download | Favorite | View

ProFTPd 1.3.5 File Copy: Posted Apr 18, 2015; ProFTPd installations that use the mod_copy module's SITE CPFR/SITE CPTO commands allows these commands to be used by unauthenticated clients.; tags | exploit; advisories | CVE-2015-3306; SHA-256 | 906b064525d55e5b1133812165abc4af404b78a47f8824d1d53e9802f8d546ff; Download | Favorite | View

WordPress WP-Mon Arbitrary File Download: Posted Apr 18, 2015; Authored by Ashiyane Digital Security Team, ACC3SS; WordPress WP-Mon plugin suffers from an arbitrary file disclosure vulnerability.; tags | exploit, arbitrary, info disclosure; SHA-256 | 4d1770940cecf45c0e9b92a8e2c05a7ec722c48648c44835feacd66a4247719f; Download | Favorite | View

Oracle Hyperion Smart View For Office 11.1.2.3.000 DoS: Posted Apr 17, 2015; Authored by sajith; Oracle Hyperion Smart View for Office version 11.1.2.3.000 crash proof of concept exploit.; tags | exploit, denial of service, proof of concept; advisories | CVE-2015-2572; SHA-256 | bb69d53198e80e76ff0eca4eb90e217e462a2cec929d7d3170521851e6381dee; Download | Favorite | View

WordPress Ajax Store Locator 1.2 SQL Injection: Posted Apr 16, 2015; Authored by Claudio Viviani; WordPress Ajax Store Locator versions 1.2 and below suffer from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | fd61a90ff71456bbb57803a78ab4b9979a249f8fe9d9954c7d0fb7e5c79ff6de; Download | Favorite | View

D-Link/TRENDnet NCC Service Command Injection: Posted Apr 16, 2015; Authored by Michael Messner, Peter Adkins, Tiago Caetano Henriques | Site metasploit.com; This Metasploit module exploits a remote command injection vulnerability on several routers. The vulnerability exists in the ncc service, while handling ping commands. This Metasploit module has been tested on a DIR-626L emulated environment only. Several D-Link and TRENDnet devices are reported as affected, including: D-Link DIR-626L (Rev A) v1.04b04, D-Link DIR-636L (Rev A) v1.04, D-Link DIR-808L (Rev A) v1.03b05, D-Link DIR-810L (Rev A) v1.01b04, D-Link DIR-810L (Rev B) v2.02b01, D-Link DIR-820L (Rev A) v1.02B10, D-Link DIR-820L (Rev A) v1.05B03, D-Link DIR-820L (Rev B) v2.01b02, D-Link DIR-826L (Rev A) v1.00b23, D-Link DIR-830L (Rev A) v1.00b07, D-Link DIR-836L (Rev A) v1.01b03, and TRENDnet TEW-731BR (Rev 2) v2.01b01; tags | exploit, remote; advisories | CVE-2015-1187; SHA-256 | 35d9cdabfd053fc6c2ff7f2de254f832a73dc49048156c4f453d8ba4b3f21bc9; Download | Favorite | View

Huawei SEQ Analyst Cross Site Scripting: Posted Apr 16, 2015; Authored by Ugur Cihan KOC; Huawei SEQ Analyst version V200R002C03LG0001SPC100 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2015-2347; SHA-256 | 23d7a6ced961a189c2a32abecdb8ca98c500a122e3542a1ccc4efa230928e57e; Download | Favorite | View

Huawei SEQ Analyst XXE Injection: Posted Apr 16, 2015; Authored by Ugur Cihan KOC; Huawei SEQ Analyst version V200R002C03LG0001SPC100 suffers from an XML external entity injection vulnerability.; tags | exploit, xxe; advisories | CVE-2015-2346; SHA-256 | c7c2407779c7f1a975e407883855dddb3f3c26e41f43b310f77c4493aaafe71b; Download | Favorite | View

Comsenz SupeSite CMS 7.0 Cross Site Scripting: Posted Apr 16, 2015; Authored by Jing Wang; Comsenz SupeSite CMS version 7.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 691f7c89b1caa0472c8a9be37459934f77fb1772af283aa43f8a6085dcae26c0; Download | Favorite | View

Opoint Media Intelligence Open Redirect: Posted Apr 16, 2015; Authored by Jing Wang; Opoint Media Intelligence suffers from an open redirect vulnerability.; tags | exploit; SHA-256 | 97726adab38a15cdc9d6396ef6393518664b286821d2b8b6a2235a7c8ff95f2c; Download | Favorite | View

Webs ID Cross Site Scripting: Posted Apr 16, 2015; Authored by Jing Wang; Webs ID suffers from a cross site scripting vulnerability.; tags | exploit, web, xss; SHA-256 | aaef7499cb1976d0bbee37571ec5fba3821d04da8aff958ec521f45274f8f211; Download | Favorite | View

NetCat CMS 3.12 HTML Injection: Posted Apr 16, 2015; Authored by Jing Wang; NetCat CMS versions 1.1, 2.0, 2.1, 2.2, 2.3, 2.4, 3.0, and 3.12 suffer from an html injection vulnerability.; tags | exploit; SHA-256 | 431273588a8007d8827bc1ced3c02b81d49af8135143df355265d68abb2c4abf; Download | Favorite | View

NetCat CMS 3.12 Directory Traversal: Posted Apr 16, 2015; Authored by Jing Wang; NetCat CMS versions 1.1, 2.0, 2.1, 2.2, 2.3, 2.4, 3.0, and 3.12 suffer from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | e33e315fb4f1085ac945c6ef7b991ad9217af60eb79756cf09747d1d6ddd857c; Download | Favorite | View

WordPress WP Statistics 9.1.2 Cross Site Scripting: Posted Apr 16, 2015; Authored by Kaustubh G. Padwad; WordPress WP Statistics plugin version 9.1.2 suffers from stored cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 7417199952c4f4c2dfe0f63ea7723e48742cb4ca58d9e91e2dd4096de4abde78; Download | Favorite | View

Apache Spark Cluster 1.3.x Arbitrary Code Execution: Posted Apr 16, 2015; Authored by Akhil Das; Apache Spark Cluster version 1.3.x suffers from a code execution vulnerability.; tags | exploit, code execution; SHA-256 | fa52b7d291365e260eefbd50b902865d8d250fb29a92eebfc41a473b27334295; Download | Favorite | View

Microsoft Windows HTTP.sys Proof Of Concept: Posted Apr 16, 2015; Authored by rhcp011235; Microsoft Windows HTTP.sys proof of concept exploit for MS15-034.; tags | exploit, web, proof of concept; systems | windows; advisories | CVE-2015-1635; SHA-256 | b962eb94796643c1f7df4412502d1acc226c3e768498d683a56c3660db367cc2; Download | Favorite | View

WordPress MiwoFTP 1.0.5 CSRF Command Execution: Posted Apr 15, 2015; Authored by LiquidWorm | Site zeroscience.mk; WordPress MiwoFTP plugin version 1.0.5 cross site request forgery arbitrary file creation exploit.; tags | exploit, arbitrary, csrf; SHA-256 | 52e296db0149040e684713523900dd03290ff51cb9294f283bbdac2f84f82b1b; Download | Favorite | View

Page 4 of 7 Back 2 3 4 5 6 Next

Top Authors In Last 30 Days

Red Hat 275 files
indoushka 177 files
Jay Turla 150 files
Ubuntu 77 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Gentoo 25 files
Karn Ganeshen 23 files

Files

Top Authors In Last 30 Days

Recent News