what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 193 RSS Feed

Files

glibc catopen() Unbounded Stack Allocations
Posted Jan 26, 2016
Authored by Maksymilian Arciemowicz

glibc catopen() suffers from multiple unbounded stack allocations.

tags | exploit
SHA-256 | caf84b9ea8ebc32c176093e05bebacaad33f8ab3e8422e642de67c6796682c46
WordPress Easy Gallery 4.1.4 Cross Site Scripting
Posted Jan 26, 2016
Authored by Rahul Pratap Singh

WordPress Easy Gallery plugin version 4.1.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 08b01aecf80327e52e023ead562b195bf63c36581f10efd0cf27896839fe3d55
PHP File Manager 0.9.8 Authentication Bypass / Code Execution
Posted Jan 26, 2016
Authored by Imre Rad

PHP File Manager version 0.9.8 suffers from authentication bypass and code execution vulnerabilities.

tags | exploit, php, vulnerability, code execution
SHA-256 | 65273401e57b33b4f6cd1df07fa16fbea93fa1f5b6c5d27ff3f44a84188080a5
BK Mobile CMS 2.4 Cross Site Scripting
Posted Jan 26, 2016
Authored by Rahul Pratap Singh

BK Mobile CMS version 2.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6316023a14832b630910034da391c1463e0cc2c14f5c9ea6d8d1fb5d0232aacb
Lenovo ShareIT Information Disclosure / Hardcoded Password
Posted Jan 25, 2016
Authored by Core Security Technologies, Ivan Huertas | Site coresecurity.com

Lenovo ShareIT suffers from hard-coded password, information exposure, missing encryption, and missing authorization vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2016-1489, CVE-2016-1490, CVE-2016-1491, CVE-2016-1492
SHA-256 | 96d4f6a74a820b941b3d27b4014182f1cacb7fd773eb0e70d29238ade9b5878d
Android ADB Debug Server Remote Payload Execution
Posted Jan 25, 2016
Authored by joev | Site metasploit.com

This Metasploit module writes and spawns a native payload on an android device that is listening for adb debug messages.

tags | exploit
SHA-256 | 2640ae56b805049663375ef5896d5d962a5262a64ccd23e5e08906e8bd85f1c9
pfSense Firewall 2.2.5 Cross Site Request Forgery
Posted Jan 25, 2016
Authored by Aatif Shahdad

pfSense Firewall version 2.2.5 cross site request forgery exploit.

tags | exploit, csrf
SHA-256 | cd24141bfed33f5c149656f80675d11461497302450b5ffabb4c741fb3b702b4
Linux Kernel prima WLAN Driver Heap Overflow
Posted Jan 25, 2016
Authored by Shawn the R0ck

The Linux prima WLAN driver suffers from a heap overflow vulnerability.

tags | exploit, overflow
systems | linux
advisories | CVE-2015-0569
SHA-256 | 42f77c96c79b5f34870a10d56508b7bfe738f47704af55a41749f1fe7d3b3a57
WordPress Appointment Booking Calendar 1.1.23 SQL Injection
Posted Jan 25, 2016
Authored by Joaquin Ramirez Martinez

WordPress Appointment Booking Calendar plugin versions 1.1.23 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1223ee97734c6256c00d7dc70bc97125ea8a4133dd63c31e98cdf921ed556c1e
FreeBSD SCTP ICMPv6 Denial Of Service
Posted Jan 25, 2016
Site ptsecurity.com

FreeBSD suffers from an SCTP ICMPv6 error processing denial of service vulnerability.

tags | exploit, denial of service
systems | freebsd, bsd
advisories | CVE-2016-1879
SHA-256 | 0e9739e6af079dbf01619289a6322ec59c79b437390fcdb866cdc2f4a91789c1
Buffalo NAS Remote Shutdown
Posted Jan 25, 2016
Authored by Zemnmez

Buffalo NAS devices suffer from a remote shutdown / denial of service vulnerability.

tags | exploit, remote, denial of service
SHA-256 | f99e8c369f01da7e80e9a7b0df078a3ffdd172d69408918d83065f4a607f1069
Revive Adserver 3.2.2 Open Redirect
Posted Jan 25, 2016
Authored by Ehsan Hosseini

Revive Adserver version 3.2.2 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | bc4a81ab54e8ccaad0a6c3732d35ed7c07078ebd62518e39c3de527320a5ea43
DigiKala Of Iran Cross Site Scripting
Posted Jan 25, 2016
Authored by 4TT4CK3R

DigiKala of Iran suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3e2fdc0e340c1adf417272d57c6719fc9cae9d1d655feb4937f4283600bd5fb7
ZyXel WAP3205 Cross Site Scripting
Posted Jan 24, 2016
Authored by Nicholas Lehman

ZyXel WAP3205 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 8b34626bd7866d7c73e807f070af5d155661fde5147b19897b10deaca0d55f01
XMB - eXtreme Message Board 1.9.11.13 Weak Crypto / Insecure Password Storage
Posted Jan 23, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

XMB - eXtreme Message Board version 1.9.11.13 suffers from weak crypto and insecure password storage vulnerabilities.

tags | exploit, cryptography, vulnerability
SHA-256 | cf185568d0d31eb57770caa6704edd33b4b2d5e593729636e1f190f8ff2939a6
Microsoft Windows Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 2
Posted Jan 22, 2016
Authored by Google Security Research, forshaw

The fix for CVE-2015-2553 can be bypassed to get limited mount reparse points working again for sandbox attacks by abusing anonymous token impersonation.

tags | exploit
systems | linux
advisories | CVE-2016-0007
SHA-256 | 84d1f61ea4f0eb889ca190f3429bcfe55144ef0d1d6d2b16d24b041e21caa84f
Microsoft Windows Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 1
Posted Jan 22, 2016
Authored by Google Security Research, forshaw

The fix for CVE-2015-2553 can be bypassed to get limited mount reparse points working again for sandbox attacks.

tags | exploit
systems | linux
advisories | CVE-2016-0006
SHA-256 | bd702073eb355563b971ee560011cb8ca6c6eb53f9281cc28b3dd536b66fcbee
Golestan System Of Iran SQL Injection
Posted Jan 22, 2016
Authored by 4TT4CK3R

Golestan System of Iran suffered from a remote SQL injection vulnerability that allows for login bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | f7f5a4fe4e8cb15983730bd3bc02ea1418bbf09ce36a3db141c6a1e3a1bd4fc3
118 Telecom Cross Site Scripting
Posted Jan 22, 2016
Authored by 4TT4CK3R

118 Telecom's website suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a2a09d4a49e075b986ab674b79f96036a615e75e393bed9a2c3c9e3b59fc465a
Avast Sandbox/Autosandbox Message Filtering Vulnerable To MS13-005
Posted Jan 21, 2016
Authored by Tavis Ormandy, Google Security Research

Avast Sandbox/Autosandbox message filtering suffers from a flaw that allows for privilege escalation.

tags | exploit
systems | linux
SHA-256 | 11123d8f04f7157f84cdc92816ac901eeb5aa4e1ff0b49448154baf59b27196c
xwpe 1.5.30a-2.1 Buffer Overflow
Posted Jan 21, 2016
Authored by Juan Sacco

xwpe versions 1.5.30a-2.1 and below are prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input.

tags | exploit, overflow
SHA-256 | a4919457bf2da63d581b5aae4f06c9ad9e2b5379274e85a42e35cbaacd600302
WiX Toolset DLL Hijacking
Posted Jan 21, 2016
Authored by Stefan Kanthak

WiX Toolset installers suffer from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 392db3509927ad38eb89dd7758d1f34327b87217ca0ddcffb49a9984cd877f74
Quick CMS 6.1 Cross Site Request Forgery / Cross Site Scripting
Posted Jan 21, 2016
Authored by Amir.ght

Quick CMS version 6.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 8854dace4f9cbaee5314c4c8af2d0f77520ac18d7478291cd4888679dca4041b
Java Platform SE 6 U24 HtmlConverter.exe Buffer Overflow
Posted Jan 21, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Java Platform SE 6 U24 HtmlConverter.exe version 6.0.240.50 suffers from a buffer overflow vulnerability.

tags | exploit, java, overflow
SHA-256 | c26dad11dc7a3b97b9cbe8edf6f976878186e3d92c3d957301ddda94e2f412c6
GRR 3.0.0-RC1 Remote Code Execution / File Upload
Posted Jan 21, 2016
Authored by kmkz

GRR versions 3.0.0-RC1 and below suffer from a remote code execution vulnerability with privilege escalation through a file upload filter bypass.

tags | exploit, remote, code execution, file upload
SHA-256 | 286b498185c854403d0e567a816f5429b38d05890d5fa5454fe997be0829251f
Page 4 of 8
Back23456Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close