Showing 26 - 50 of 170

Files

Aruba ClearPass Policy Manager 6.4 Cross Site Scripting: Posted May 27, 2015; Authored by Cristiano Maruti; Aruba ClearPass Policy Manager version 6.4 suffers from a stored cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2015-1389; SHA-256 | 56fc1e5abc70aa4b06bce984674df0bb39093a580845e17c217bedabcd24e62f; Download | Favorite | View

extjs Arbitrary File Read: Posted May 26, 2015; Authored by Jianfeng Gao; extjs suffers from an arbitrary file read vulnerability.; tags | exploit, arbitrary, info disclosure; SHA-256 | 25c706347c312a1dbec64e7145f83ad3ced43c430111d99c2af5d66c8674f7a1; Download | Favorite | View

Synology Photo Station 6.2-2858 Cross Site Scripting: Posted May 26, 2015; Authored by Securify B.V.; Synology Photo Station version 6.2-2858 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 927478dedc2f46ddf47bf2eba3a71f368d3eede44841b733a91812ac2f0c7fe4; Download | Favorite | View

Synology DiskStation Manager 5.2-5565 Cross Site Scripting: Posted May 26, 2015; Authored by Securify B.V.; Synology DiskStation Manager version 5.2-5565 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | c70cd82b2c879cc9faf4d63e2542922479c5b742ab89fdf1e169021d4de5a076; Download | Favorite | View

Synology Photo Station 6.2-2858 Command Injection: Posted May 26, 2015; Authored by Securify B.V.; Synology Photo Station version 6.2-2858 suffers from a command injection vulnerability.; tags | exploit; SHA-256 | 7036f18e0c6a38dc59ea9beaac1cea09173f31c896f8abef0c736a5664dedf77; Download | Favorite | View

Acoustica Pianissimo 1.0 Build 12 Buffer Overflow: Posted May 25, 2015; Authored by LiquidWorm | Site zeroscience.mk; Acoustica Pianissimo version 1.0 Build 12 suffers from a buffer overflow vulnerability.; tags | exploit, overflow; SHA-256 | 5b4e71656a5e56925fdd005d4978caf3ef93325e716e7619d25c2a02ea9be455; Download | Favorite | View

WordPress Landing Pages 1.8.4 Cross Site Scripting / SQL Injection: Posted May 25, 2015; Authored by Adrian M. F.; WordPress Landing Pages plugin version 1.8.4 suffers from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; advisories | CVE-2015-4064, CVE-2015-4065; SHA-256 | 38c93b584c4370e8a7448be532e3f9ddf49a3199592125e65aea3e71c9a0a8b1; Download | Favorite | View

WordPress NewStatPress 0.9.8 Cross Site Scripting / SQL Injection: Posted May 25, 2015; Authored by Adrian M. F.; WordPress NewStatPress plugin version 0.9.8 suffers from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; advisories | CVE-2015-4062, CVE-2015-4063; SHA-256 | c21475a98b02c9872e5a37cf40c15b71b1986b1e59d0d40ea8f9648d635eb20d; Download | Favorite | View

WordPress Church Admin 0.800 Cross Site Scripting: Posted May 25, 2015; Authored by woodspeed; WordPress Church Admin plugin version 0.800 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 644b4b676956c1abe46ee05aed38b45a753085c0835c7ebf5f82dfeb84eae8ec; Download | Favorite | View

WordPress GigPress 2.3.8 SQL Injection: Posted May 25, 2015; Authored by Adrian M. F.; WordPress GigPress plugin version 2.3.8 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2015-4066; SHA-256 | c6416d8e44d2b5ff46c60336bc975b7742a4a66c4fe4b8de55f81ba500e1c382; Download | Favorite | View

WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution: Posted May 25, 2015; Authored by woodspeed; WordPress MailChimp Subscribe Forms plugin version 1.1 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | 582145284854aac7ad3c3a38aafe49d11fa99d1393cd594bd61e289d08ddb5c3; Download | Favorite | View

phpwind 8.7 Open Redirect: Posted May 25, 2015; Authored by Jing Wang; phpwind version 8.7 suffers from an open redirection vulnerability.; tags | exploit; SHA-256 | 2cfb428d9695da5e3fbaec0790c4d01de2be804abe377d5a13949da00f0523b1; Download | Favorite | View

phpwind 8.7 Cross Site Scripting: Posted May 25, 2015; Authored by Jing Wang; phpwind version 8.7 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 1604166fb1c18e5c1d11256ee06a7d58052ceebc51c063aba57f96fe039e1a21; Download | Favorite | View

Vesta Control Panel 0.9.8 Cross Site Request Forgery: Posted May 25, 2015; Authored by Ben khlifa Fahmi; Vesta Control Panel version 0.9.8 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | c2645b4a8ab272752f3327b66ce8adc1b4aa50f89c60265a5dccd5488f217b87; Download | Favorite | View

WordPress Estrutura-Basica File Disclosure: Posted May 25, 2015; Authored by FullSecurity.org; WordPress Estrutura-Basica themes suffer from a local file disclosure vulnerability. Note that this advisory has site-specific information.; tags | exploit, local, info disclosure; SHA-256 | 7e6fb03ddc410197b89cb711c3d7b49bcfd1effe84cbf71e952385fd8909c84a; Download | Favorite | View

SITEFACT CMS 2.01 Cross Site Scripting: Posted May 25, 2015; Authored by Jing Wang; SITEFACT CMS version 2.01 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 25fc86df1f84c88ce94127d44b4351010b9f51233038fbac3801b2f2a88e0979; Download | Favorite | View

Gcon Tech Solutions 1.0 Cross Site Scripting: Posted May 24, 2015; Authored by Jing Wang; Gcon Tech Solutions version 1.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 78e2c8b0a4ea364a57ad54d204934326bc489abb43255c9176bf33aad8567441; Download | Favorite | View

Gcon Tech Solutions 1.0 SQL Injection: Posted May 24, 2015; Authored by Jing Wang; Gcon Tech Solutions version 1.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 6ccc427f0a64e0f68d55e041ffc40efc5beee7b19b648e187aee34eae09cc753; Download | Favorite | View

Fuse Local Privilege Escalation: Posted May 23, 2015; Authored by Tavis Ormandy; Fuse (fusermount) suffers from a local privilege escalation vulnerability. This is a proof of concept for Ubuntu.; tags | exploit, local, proof of concept; systems | linux, ubuntu; advisories | CVE-2015-3202; SHA-256 | b50e101f0fd8a29c70f51dd4db578306c1a77f5520e6a8b981293987baf4ba67; Download | Favorite | View

Lenovo System Update Privilege Escalation: Posted May 23, 2015; Authored by h0ng10, Sofiane Talmat, Micahel Milvich | Site metasploit.com; The named pipe, \SUPipeServer, can be accessed by normal users to interact with the System update service. The service provides the possibility to execute arbitrary commands as SYSTEM if a valid security token is provided. This token can be generated by calling the GetSystemInfoData function in the DLL tvsutil.dll. Please, note that the System Update is stopped by default but can be started/stopped calling the Executable ConfigService.exe.; tags | exploit, arbitrary; advisories | CVE-2015-2219; SHA-256 | a1b4e2c233f7b4436e33e4531fa6f85ed939d5f69470091600ce9b27ca87965a; Download | Favorite | View

TCPDF Library 5.9 Arbitrary File Deletion: Posted May 22, 2015; Authored by Filippo Roncari; TCPDF library versions 5.9 and below suffer from an arbitrary file deletion vulnerability via object injection.; tags | exploit, arbitrary; SHA-256 | d85aaaf04782eae8912ed94a4cb59fce8b367a908734638e2ca9f22c8b5e762c; Download | Favorite | View

WordPress Video Gallery 2.8 Unprotected Mail Page: Posted May 22, 2015; Authored by Claudio Viviani; WordPress Video Gallery plugin version 2.8 fails to protect email functionality allowing it to be leveraged for spam.; tags | exploit; SHA-256 | b38dfee27a4c0e1d32faae66624c949bb13653c914e633032fe3b5a39ed22b21; Download | Favorite | View

Sendio ESP Information Disclosure: Posted May 22, 2015; Authored by Core Security Technologies, Martin Gallo | Site coresecurity.com; Core Security Technologies Advisory - Sendio ESP (E-mail Security Platform) is a network appliance which provides anti-spam and anti-virus solutions for enterprises. Two information disclosure issues were found affecting some versions of this software, and can lead to leakage of sensitive information such as user's session identifiers and/or user's email messages.; tags | exploit, virus, info disclosure; advisories | CVE-2014-0999, CVE-2014-8391; SHA-256 | e11474848d575d94bc3dada06c86583e82c5a7ffe114e1c931a34769da9a4783; Download | Favorite | View

WordPress WP Membership 1.2.3 Privilege Escalation: Posted May 22, 2015; Authored by Panagiotis Vagenas; WordPress WP Membership plugin version 1.2.3 suffers from a privilege escalation vulnerability.; tags | exploit; advisories | CVE-2015-4038; SHA-256 | e61bf669773c2f5f27ac77cb45ed738f2bf04021b88a306527b0fb6085f0a6e2; Download | Favorite | View

WordPress WP Membership 1.2.3 Cross Site Scripting: Posted May 22, 2015; Authored by Panagiotis Vagenas; WordPress WP Membership plugin version 1.2.3 suffers from a stored cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2015-4039; SHA-256 | 36766decc9aa89c69fc6d423d64aea2c87507fd96654d86e772666c5f5bca00a; Download | Favorite | View

Page 2 of 7 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 55 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Google Security Research 6 files
Apple 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files

Files

Top Authors In Last 30 Days

Recent News