Twenty Year Anniversary
Showing 1 - 25 of 193 RSS Feed

Files

Packet Storm New Exploits For January, 2016
Posted Feb 1, 2016
Authored by Todd J. | Site packetstormsecurity.com

This archive contains 192 exploits that were added to Packet Storm in January, 2016.

tags | exploit
systems | linux
MD5 | 333f924447f5059098a83ab0d1803f51
Hippo CMS 10.1 XML External Entity Information Disclosure
Posted Jan 31, 2016
Authored by LiquidWorm | Site zeroscience.mk

Hippo CMS version 10.1 suffers from an XML External Entity information disclosure vulnerability.

tags | exploit, info disclosure, xxe
MD5 | 8cc0a4b83b313629f974505430725fde
Hippo CMS 10.1 Stored Cross Site Scripting
Posted Jan 31, 2016
Authored by LiquidWorm | Site zeroscience.mk

Hippo CMS version 10.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8df9af3196961100ce97c2c63f88f8b3
WordPress Comment Rating 1.5.0 Cross Site Scripting
Posted Jan 30, 2016
Authored by Rahul Pratap Singh

WordPress Comment Rating plugin version 1.5.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 692b1844c000759c1f833dcf23c55eb9
Winhex Editor 18.7 DLL Hijacking
Posted Jan 30, 2016
Authored by Shantanu Khandelwal

Winhex Editor versions 18.7 and below suffer from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 688153c04268e41afa368c0a6b651df1
iScripts EasyCreate 3.0 Remote Code Execution
Posted Jan 29, 2016
Authored by Bikramaditya Guha | Site zeroscience.mk

iScripts EasyCreate version 3.0 remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 3b0f1a8d207b00c445070735ca5f852f
iScripts EasyCreate 3.0 XSS / CSRF / SQL Injection
Posted Jan 29, 2016
Authored by Bikramaditya Guha | Site zeroscience.mk

iScripts EasyCreate version 3.0 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
MD5 | 33189287d2184e0ea7d730c6c2ee5eb8
ManageEngine Eventlog Analyzer 10 Privilege Escalation
Posted Jan 29, 2016
Authored by Nicholas Lehman

ManageEngine Eventlog Analyzer versions 4.0 through 10 suffer from a privilege escalation vulnerability.

tags | exploit
MD5 | 69d68169f02b6f3bb22a874c6ef42f5b
ManageEngine Network Configuration Management Build 11000 CSRF
Posted Jan 29, 2016
Authored by Kaustubh G. Padwad

ManageEngine Network Configuration Management build 11000 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | f9c1968f467ae9126fb372c962dd3e1b
Avira Cross Site Scripting
Posted Jan 29, 2016
Authored by RootByte

translate.avira.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ab04777ff72d00d63da6a230c91eaed3
WordPress Simple Add Pages Or Posts 1.6 Cross Site Request Forgery
Posted Jan 29, 2016
Authored by ALIREZA_PROMIS

WordPress Simple Add Pages Or Posts plugin version 1.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 3ee8673a15eddab2fb8bea7cd7fdbad8
ProjectSend r582 Bypass / SQL Injection / File Read
Posted Jan 29, 2016
Authored by Filippo Cavallarin

ProjetSend version r582 suffers from authentication bypass, remote SQL injection, insecure direct object reference, and directory traversal / arbitrary file read vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection
MD5 | 8a8ca63e1ef564c23c17f2ea23ca1e65
Netlife Photosuite Pro Cross Site Scripting
Posted Jan 29, 2016
Authored by Iran Cyber Security Group | Site vulnerability-lab.com

Netlife Photosuite Pro suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 37cb715c8aafc9b49e879002ba181a41
Netgear GS105Ev2 Authentication Bypass / XSS / CSRF
Posted Jan 28, 2016
Authored by Benedikt Westermann

The Netgear GS105Ev2 gigabit switch suffers from authentication bypass, cross site request forgery, cross site scripting, and various other vulnerabilities.

tags | exploit, vulnerability, xss, bypass, csrf
advisories | CVE-2014-4864
MD5 | acc00afd8989058927155ac8346f03df
Log2Space Central 6.2 Cross Site Scripting
Posted Jan 28, 2016
Authored by Rahul Pratap Singh

Log2Space Central version 6.2 suffers from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | bfeda8c119a04c5e89fd2b562875e89d
Ipswitch MOVEit DMZ 8.1 Information Disclosure
Posted Jan 28, 2016
Authored by Profundis Labs, Philipp Rocholl | Site profundis-labs.com

Ipswitch MOVEit DMZ versions 8.1 and below suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2015-7680
MD5 | 9c8b9103d83576d4396e98e3c50b2354
Ipswitch MOVEit Mobile 1.2.0.962 Cross Site Scripting
Posted Jan 28, 2016
Authored by Profundis Labs, Philipp Rocholl | Site profundis-labs.com

Ipswitch MOVEit Mobile versions 1.2.0.962 and below suffer from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-7679
MD5 | 40c53a2f7fd6b9fc75fee87c6ae853af
Ipswitch MOVEit Mobile 1.2.0.962 Cross Site Request Forgery
Posted Jan 28, 2016
Authored by Profundis Labs, Philipp Rocholl | Site profundis-labs.com

Ipswitch MOVEit Mobile versions 1.2.0.962 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-7678
MD5 | 24fabcc118d46c189c03241eebbbddef
Ipswitch MOVEit DMZ 8.1 File ID Enumeration
Posted Jan 28, 2016
Authored by Profundis Labs, Philipp Rocholl | Site profundis-labs.com

Ipswitch MOVEit DMZ versions 8.1 and below suffer from a file id enumeration vulnerability.

tags | exploit
advisories | CVE-2015-7677
MD5 | a3f27f5a8331f7301b58607ffb57440f
Ipswitch MOVEit DMZ 8.1 Persistent Cross Site Scripting
Posted Jan 28, 2016
Authored by Profundis Labs, Philipp Rocholl | Site profundis-labs.com

Ipswitch MOVEit DMZ versions 8.1 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-7676
MD5 | 7f8c834238cc25e75378265f025a7bcb
Ipswitch MOVEit DMZ 8.1 Authorization Bypass
Posted Jan 28, 2016
Authored by Profundis Labs, Philipp Rocholl | Site profundis-labs.com

Ipswitch MOVEit DMZ versions 8.1 and below suffer from an authorization bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2015-7675
MD5 | f2888255d1f1041c2213fd920d2e520b
Horizon HD / WiFi Weak WiFi Passphrase Generation
Posted Jan 28, 2016
Authored by Ivan Almuina

Horizon HD / WiFi suffers from a weak wifi passphrase generation vulnerability.

tags | exploit
MD5 | 51521e65078011035f75280f292f15d3
WordPress Appointment Booking Calendar 1.1.24 SQL Injection
Posted Jan 28, 2016
Authored by Joaquin Ramirez Martinez

WordPress Appointment Booking Calendar plugin version 1.1.24 suffers from a remote SQL injection through addslashes.

tags | exploit, remote, sql injection
MD5 | dc109c54c46b5d81e40f932214d18ae9
VLC Media Player 2.2.1 Heap Memory Corruption
Posted Jan 28, 2016
Authored by Francis Provencher

VLC Media Player version 2.2.1 suffers from a heap memory corruption vulnerability when handling malformed mp4 files.

tags | exploit
systems | linux
MD5 | 63dec7c2dd8130f42f6057b03812cc54
Trend Micro Direct Pass Filter Bypass / CSRF
Posted Jan 28, 2016
Authored by Karim Rahal | Site vulnerability-lab.com

Trend Micro Direct Pass suffers from filter bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 95bbf2efc7a84f4bc48ff8ef8fa47fa3
Page 1 of 8
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Ukraine Claims It Blocked VPNFilter Attack At Chemical Plant
Posted Jul 13, 2018

tags | headline, malware, cyberwar, scada
Ticketmaster Breach Part Of Massive Card Skimming Campaign
Posted Jul 12, 2018

tags | headline, hacker, privacy, bank, data loss, fraud
Hackers Are Selling Backdoors Into PCs For $10
Posted Jul 12, 2018

tags | headline, hacker, fraud, backdoor
Cambridge Analytica Staff Set Up New Firm
Posted Jul 12, 2018

tags | headline, government, privacy, data loss, fraud, cyberwar, facebook
Stolen Sensitive Drone Files Sold On Dark Web
Posted Jul 12, 2018

tags | headline, hacker, government, data loss, cyberwar
A Curious Tale Of The Priest, The Broker, The Hacked Newswires, And $100 Million Of Insider Trades
Posted Jul 11, 2018

tags | headline, hacker, bank, russia, fraud
The Crypto Currencies That Die Before They Have Bloomed
Posted Jul 11, 2018

tags | headline, bank, fraud, cryptography
Adobe Fixes Over 100 Vulnerabilities In Latest Security Patch Update
Posted Jul 11, 2018

tags | headline, flaw, adobe, patch
Arch Linux PDF Reader Package Poisoned
Posted Jul 11, 2018

tags | headline, malware, backdoor
Looks Like Macy's And Bloomingdale's Got Breached Now
Posted Jul 10, 2018

tags | headline, hacker, privacy, data loss
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close