exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 164 RSS Feed

Files

Counter-Strike 1.6 GameInfo Query Reflection Denial Of Service
Posted Jul 21, 2015
Authored by Todor Donev

Counter-Strike version 1.6 GameInfo query reflection denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | d88c5d35e07f94e50c9cdb08db697a01e63c1bfaa68fe25c3c562c74dc0ed946
Joomla Helpdesk Pro XSS / File Disclosure / SQL Injection
Posted Jul 21, 2015
Authored by Gregor Mynarsky, Kristian Varnai, Simon Rawet

Joomla Helpdesk Pro versions prior to 1.4.0 suffers from cross site scripting, local file disclosure, remote file upload, remote SQL injection, and insecure direct object reference vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion, file upload
advisories | CVE-2015-4071, CVE-2015-4072, CVE-2015-4073, CVE-2015-4074, CVE-2015-4075
SHA-256 | 9712ee16b62ebd84fa316ca9325157ce4e08bf0486e35985aa2ded84460b3fa7
WordPress Portfolio 1.0 Cross Site Request Forgery
Posted Jul 21, 2015
Authored by Nitin Venkatesh

WordPress Portfolio plugin version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | bbfb396ecb41eebf274e643cf76d32fbc4d7901ac899120d06b816988c0822c0
tcpdump rpki_rtr_pdu_print Out-Of-Bounds Denial Of Service
Posted Jul 21, 2015
Authored by Luke Arntson

tcpdump suffers from a rpki_rtr_pdu_print denial of service vulnerability. Versions affected include 4.6.2, 4.5.1, and 4.4.0.

tags | exploit, denial of service
advisories | CVE-2015-2153
SHA-256 | 76f3283d0ab1af6950691a1d53179bcf5061e40fa7a181aa998c1ee2900c4473
Microsoft Word Local Machine Zone Remote Code Execution
Posted Jul 21, 2015
Authored by Eduardo Braun Prado

Microsoft Word, Excel, and Powerpoint 2007 contain a remote code execution vulnerability because it is possible to reference documents such as Works document (.wps) as HTML. It will process HTML and script code in the context of the local machine zone of Internet Explorer which leads to arbitrary code execution. By persuading users into opening eg. specially crafted .WPS, ".doc ", ".RTF " (with a space at the end) it is possible to trigger the vulnerability and run arbitrary code in the context of the logged on Windows user. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".

tags | exploit, remote, arbitrary, local, code execution
systems | windows
advisories | CVE-2015-0097
SHA-256 | 80524257f08622d540b1f1a756c7449341987c8dd9213ef86ba1e8b6a1038bf6
Internet Download Manager OLE Automation Array Remote Code Execution
Posted Jul 21, 2015
Authored by Mohammad Reza Espargham

Internet Download Manager OLE automation array remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2014-6332
SHA-256 | 9fee27531464c1903e96190b869e185a39b391d09399d36916a4e68518150a8b
SysAid Help Desk 'rdslogs' Arbitrary File Upload
Posted Jul 20, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in SysAid Help Desk v14.3 and v14.4. The vulnerability exists in the RdsLogsEntry servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. By combining both weaknesses, a remote attacker can accomplish remote code execution. Note that this will only work if the target is running Java 6 or 7 up to 7u25, as Java 7u40 and above introduces a protection against null byte injection in file names. This Metasploit module has been tested successfully on version v14.3.12 b22 and v14.4.32 b25 in Linux. In theory this module also works on Windows, but SysAid seems to bundle Java 7u40 and above with the Windows package which prevents the vulnerability from being exploited.

tags | exploit, java, remote, code execution, file upload
systems | linux, windows
advisories | CVE-2015-2995
SHA-256 | 1e9a143a1b5de756cddc1fdd9fa8d7bc4b814bf2c25ac0074023cc3b3fb3e4be
Airdroid 3.1.3 Script Insertion
Posted Jul 20, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Airdroid version 3.1.3 suffers from a malicious script insertion vulnerability.

tags | exploit
SHA-256 | 16bdfffa85eb8722d4f81f39619c9f5161666f6be0e5e6d7a1e8482054755700
WordPress Mobile Pack 2.1.2 Information Disclosure
Posted Jul 20, 2015
Authored by Nitin Venkatesh

WordPress Mobile Pack plugin version 2.1.2 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 86b11c51c08452116cdba134c05255d187c7e8adb670829ed17ec574ea6f3a48
OpenSSH Two Minute Cracking Window
Posted Jul 19, 2015
Authored by Kingcope

OpenSSH allows for unlimited password cracking in a two minute timeframe.

tags | exploit
SHA-256 | 25629b480318a8e57f7afa8ce9daa4ea9ed171b4e2087d872c4851d327423301
Active Super Shop 1.0 Cross Site Scripting
Posted Jul 19, 2015
Authored by Angelo Ruwantha

Active Super Shop version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3869aba5e13206d5477fbcf9ad1903f84c9bfa9ec684f5add583c66d48339757
WordPress Mailcwp 1.99 Shell Upload
Posted Jul 18, 2015
Authored by Larry W. Cashdollar

WordPress Mailcwp plugin version 1.99 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | b6c75244bccb060654da18817320f01d79e2899cd3f9645e3a63098f65ced174
Chrome ui::AXTree::Unserialize Use-After-Free
Posted Jul 18, 2015
Authored by SkyLined

Chrome suffers from a ui::AXTree::Unserialize related use-after-free vulnerability.

tags | exploit
SHA-256 | c401c178ffecc2c543e0506717b170b45cb01c6106506bf7304ac67f0c08bfb4
SysAid Help Desk Administrator Portal Arbitrary File Upload
Posted Jul 17, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in SysAid Help Desk. The vulnerability exists in the ChangePhoto.jsp in the administrator portal, which does not handle correctly directory traversal sequences and does not enforce file extension restrictions. You need to have an administrator account, but there is a Metasploit auxiliary module that can create one for you. This Metasploit module has been tested in SysAid v14.4 in both Linux and Windows.

tags | exploit, file upload
systems | linux, windows
advisories | CVE-2015-2994
SHA-256 | 0c208d2f198e77dc853b8bf460e5001c9fc1655e2c941edb66fcee493d8b936a
SysAid Help Desk 'rdslogs' Arbitrary File Upload
Posted Jul 17, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in SysAid Help Desk v14.3 and v14.4. The vulnerability exists in the RdsLogsEntry servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. Combining both weaknesses a remote attacker can accomplish remote code execution. Note that this will only work if the target is running Java 6 or 7 up to 7u25, as Java 7u40 and above introduce a protection against null byte injection in file names. This Metasploit module has been tested successfully on version v14.3.12 b22 and v14.4.32 b25 in Linux. In theory this module also works on Windows, but SysAid seems to bundle Java 7u40 and above with the Windows package which prevents the vulnerability from being exploited.

tags | exploit, java, remote, code execution, file upload
systems | linux, windows
advisories | CVE-2015-2995
SHA-256 | f551636c73e5b60b9c38cb4bdd3c80dbbb6ea337669f453ce8ca689cbfedd936
Novell GroupWise 2014 Cross Site Scripting
Posted Jul 17, 2015
Authored by Dr. Adrian Vollmer | Site syss.de

Novell GroupWise 2014 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4c4c6296fd8b81448615d8372109d7607ccf6820ff46fc08d334d2f7a8f513c2
UDID+ 2.5 Command Injection
Posted Jul 17, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

UDID+ version 2.5 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | 761145c7197c1353abee758af1de37e76bf21669162d014b72a9a6a9cc8cb015
FoxyCart Filter Bypass
Posted Jul 17, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

FoxyCart suffers from filter bypass and input validation vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 718fd95d80edef23b0352b7f8154fc54cb785b8980a88329772638cb021700da
AirDroid ID Client Side JSONP Callback
Posted Jul 17, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

AirDroid ID suffers from suffers from a script insertion vulnerability.

tags | exploit
SHA-256 | 826719c31357000a9eed1c066020ee4e4342aa7e36f9d47701bd3128c7d4b9db
NetBIOS NBSTAT Name Query Reflection Denial Of Service
Posted Jul 17, 2015
Authored by Todor Donev

NetBIOS NBSTAT name query reflection denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 64eedc77e04daae82e3317cca2ba26267d63f8097003b3f9fcc142d9311aa277
D-Link Cookie Command Execution
Posted Jul 17, 2015
Authored by Michael Messner, Peter Adkins | Site metasploit.com

This Metasploit module exploits an anonymous remote upload and code execution vulnerability on different D-Link devices. The vulnerability is a command injection in the cookie handling process of the lighttpd web server when handling specially crafted cookie values. This Metasploit module has been successfully tested on D-Link DSP-W110A1_FW105B01 in emulated environment.

tags | exploit, remote, web, code execution
SHA-256 | 0775e7d0aff2f6e2825635c995a83bb54708fc9752c08058d2dc8f04aed2e87c
Oracle Application Express Cross Site Scripting
Posted Jul 17, 2015
Authored by F. Lukavsky | Site sec-consult.com

The gReport Controls Sort Widget in Oracle Application Express is prone to permanent cross site scripting. The setting "display as" of the column attributes is ignored for the filter list. Versions prior to 4.2.3.00.08 are affected.

tags | exploit, xss
advisories | CVE-2015-2655
SHA-256 | c9ce7cae929b2bfcfbbd561c21486f566a196d3064d30611bb77669161526837
glibc / tcmalloc / jemalloc Double Destructor/Free
Posted Jul 17, 2015
Authored by PIN

Three proof of concept exploits demonstrating double-free issues with glibc, tcmalloc, and jemalloc.

tags | exploit, proof of concept
systems | linux
SHA-256 | e7f0fbeb3a092dc3418be3ce25fae479f87f00d498e749ac4c04652d49e094e2
Impero Education Pro Remote Command Execution
Posted Jul 17, 2015
Authored by slipstream

Impero Education Pro suffers from a remote SYSTEM command execution vulnerability.

tags | exploit, remote
SHA-256 | 52a912335707a2c2f5ffd89fb25efa0c054326c82bae73267bb04bd65910dcf7
8 TOTOLINK Routers Backdoored / Command Execution
Posted Jul 16, 2015
Authored by Pierre Kim, Alexandre Torres

8 TOTOLINK router models have backdoor hardcoded credentials and suffer from remote command execution vulnerabilities.

tags | exploit, remote, vulnerability
SHA-256 | da4f3b45bf033743303421b024a5e6709556b805b29ed6d02f62e31906abb380
Page 3 of 7
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close