what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 145 RSS Feed

Files

i-Tech Nepal Radio CMS 2.0 SQL Injection
Posted Apr 25, 2016
Authored by T3NZOG4N, Mojtaba MobhaM

i-Tech Nepal Radio CMS version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d1025bd4c1202de1ad50de8a8a3ce98318bb2d479a1f19446a1bf6463fed0877
CompuSource Systems Local Privilege Escalation
Posted Apr 25, 2016
Authored by singularitysec

CompuSource Systems Real Time Home Banking suffers from a local privilege escalation vulnerability.

tags | exploit, local
SHA-256 | eb1e66983b629065e937bcc9d3f4d042428232857116f37391fd6d668cdf8fdc
Cyberoam Central Console 02.03.1 Cross Site Scripting
Posted Apr 25, 2016
Authored by Vulnerability Laboratory, Lawrence Amer | Site vulnerability-lab.com

Cyberoam Central Console version 02.03.1 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 25723eb7a1086e2370f53a54fa6647c9acdf0499d3a3aba9295cb297b783c6fd
Totemomail 4.x / 5.x Script Insertion
Posted Apr 25, 2016
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Totemomail versions 4.x and 5.x suffer from filter bypass and script insertion vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 347ed963a8f8484f164328a3c14f97f30cce1083e75ae2e5b8613af5d9932d20
RATS 2.3 Crash Proof Of Concept
Posted Apr 25, 2016
Authored by David Silveiro

Rough Auditing Tool for Security (RATS) version 2.3 crash proof of concept code that results in a denial of service.

tags | exploit, denial of service, proof of concept
SHA-256 | 12d7b29ab56ac354a7a7bb73a02be8eab943b3498e0f538c356807a4c3766040
Django CMS 3.2.3 Cross Site Scripting
Posted Apr 25, 2016
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Django CMS version 3.2.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | cd0d8627e3d4f429c5205644da8cc99c824b6ba06df465b5a3f2d52c570dc592
Texas Instruments Calculators Emulator 3.03 Buffer Overflow
Posted Apr 25, 2016
Authored by N_A

Texas Instruments Calculators Emulator version 3.03 buffer overflow exploit that can use custom offsets.

tags | exploit, overflow
SHA-256 | 0261e280ea524d7c2831dd9bd565f7a419d891b1642208d0fe44afae9bd4d78d
Telisca IPS Lock 2 Remote Phone Lock
Posted Apr 25, 2016
Authored by Fakhir Karim Reda

Telisca IPS Lock 2 suffers from a bypass vulnerability that allows the locking of any phone with only a mac address. Metasploit module included.

tags | exploit, bypass
SHA-256 | b6003d594cc09a8801ce447a82f3c84e8fedad95171104c449337ea0d019a587
Ubiquiti Networks XXE Injection
Posted Apr 25, 2016
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

The Ubiquiti Networks web application suffered from an XXE injection vulnerability.

tags | exploit, web, xxe
SHA-256 | d645f5c22a117c00797ef6ddd30973f63867c5fa0aab82f98789a422cbf5aa34
Negin Group CMS SQL Injection
Posted Apr 25, 2016
Authored by Amir, Vulnerability Laboratory | Site vulnerability-lab.com

Negin Group CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ad141442ab12e00b67e2cf9ec428556e760a92c6d787be756cace677a1597514
C And C++ For OS Filter Bypass / Script Insertion
Posted Apr 25, 2016
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

C and C++ for OS suffers from filter bypass and script insertion vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 329b1aa3f14ffa8cc34a901452d00ed59a2075257c1f02e7647ba5dab1f0ebd8
WordPress Unlimited Pop-Ups 1.4.3 Cross Site Scripting
Posted Apr 24, 2016
Authored by Rahul Pratap Singh

WordPress Unlimited Pop-Ups plugin version 1.4.3 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 943fa2efcfdbec658d83613399d35548f5db42af4a4e46260001e923b0c595c6
WordPress CM Ad Changer 1.7.2 Cross Site Scripting
Posted Apr 24, 2016
Authored by Rahul Pratap Singh

WordPress CM Ad Changer plugin version 1.7.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 0e299b1da211c516c4fe7bf2343d8e5cc837b4ab5a77b90b236816e14876df7c
WordPress Easy Social Share Buttons 3.2.5 XSS
Posted Apr 24, 2016
Authored by Rahul Pratap Singh

Easy Social Share Buttons for WordPress version 3.2.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | effdeb4ba420bf5d84d9ffd442e8582eb66e5fb009165f4955fae709de944263
WordPress Google SEO Pressor Snippet 1.2.6 XSS
Posted Apr 24, 2016
Authored by Rahul Pratap Singh

WordPress Google SEO Pressor Snipper plugin version 1.2.6 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 974082355be55610aca2df7ca32907636934fa498d55dbbd1bde0bdba2e9d605
WordPress Echosign 1.1 Cross Site Scripting
Posted Apr 23, 2016
Authored by Rahul Pratap Singh

WordPress Echosign plugin version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6f6ab95679fb960f62775b09e93953ed4e987e91fb68dfc211274f7cabaf63c0
WordPress Tweet-Wheel 1.0.3.2 Cross Site Scripting
Posted Apr 23, 2016
Authored by Rahul Pratap Singh

WordPress Tweet-Wheel plugin version 1.0.3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8d2914a71d4ff443cfcf79b23168cfe5ec719cbb01f6054d5570aa5be2b3f230
WordPress Persian Woocommerce SMS 3.3.2 XSS
Posted Apr 23, 2016
Authored by Rahul Pratap Singh

WordPress Persian Woocommerce SMS plugin version 3.3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3f9a09db46f20713c6565e00793a5392aa6bb99bdb64b1ef03899523bb44b243
HP Data Protector 6.10 / 6.11 / 6.20 Install Service
Posted Apr 22, 2016
Authored by Ben Turner | Site metasploit.com

This Metasploit module exploits HP Data Protector Omniinet process on Windows only. This exploit invokes the install service function which allows an attacker to create a custom payload in the format of an executable. To ensure this works, the SMB server created in MSF must have a share called Omniback which has a subfolder i386.

tags | exploit
systems | windows
advisories | CVE-2011-0922
SHA-256 | 3f3ee3bebaadc3f10e4f57cb6e085b314f160caf7c79688ef8fc177c8ea4eea2
Advantech WebAccess 8.0 Dashboard Viewer Arbitrary File Upload
Posted Apr 22, 2016
Authored by rgod, Zhou Yu | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability found in Advantech WebAccess 8.0. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the uploadImageCommon function in the UploadAjaxAction script allows unauthenticated callers to upload arbitrary code (instead of an image) to the server, which will then be executed under the high-privilege context of the IIS AppPool.

tags | exploit, remote, arbitrary, file upload
advisories | CVE-2016-0854
SHA-256 | eb65f546694378db27ee102831851f498e62d4fb03e39ac60cfe0233903e6505
phpLiteAdmin 1.9.6 Cross Site Request Forgery / Cross Site Scripting
Posted Apr 22, 2016
Authored by Ozer Goker

phpLiteadmin version 1.9.6 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 292be8d16f4261cf491c35a9bc824f7659e683907e5529a5962c98fc7707acbd
Gemtek CPE7000 WLTCS-106 Authentication Bypass / Code Execution
Posted Apr 22, 2016
Authored by Federico Ramondino

Gemtek CPE7000 WLTCS-106 suffers from authentication bypass and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, bypass
SHA-256 | 745cfcf489634daa60147be08fb47f037b6814b4b22fc0372c239b663d014cce
libgd 2.1.1 Signedness
Posted Apr 21, 2016
Authored by Hans Jerry Illikainen

A signedness vulnerability exists in libgd version 2.1.1 which may result in a heap overflow when processing compressed gd2 data.

tags | exploit, overflow
advisories | CVE-2016-3074
SHA-256 | 3a2ce455a8601a1585ae58c370524696afc5c9cf036efab381d9622a8c9decf1
Symantec Brightmail 10.6.0-7 LDAP Credential Grabber
Posted Apr 21, 2016
Authored by Fakhir Karim Reda

Symantec Brightmail versions 10.6.0-7 and below save the AD password in a place where it can be retrieved.

tags | exploit
advisories | CVE-2016-2203
SHA-256 | 88d3d8221a33175dc392a1dde9b17ac2dce0186a796efa0efdcc5c79c77bb457
Exponent CMS 2.3.5 File Upload Cross Site Scripting
Posted Apr 21, 2016
Authored by Sachin Wagh

Exponent CMS version 2.3.5 suffers from a file upload vulnerability that allows for cross site scripting.

tags | exploit, xss, file upload
advisories | CVE-2015-8684
SHA-256 | c4ece7a07c3fa3b38dd0fb113aad54aacd042e613d452d326da6237d70179fcc
Page 2 of 6
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close