Exploit the possiblities
Showing 1 - 25 of 152 RSS Feed

Files

Packet Storm New Exploits For May, 2016
Posted Jun 1, 2016
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 151 exploits added to Packet Storm in May, 2016.

tags | exploit
systems | linux
MD5 | cb6eb07bc728cffa15f99394b39cf0ba
CMSimple 4.6.2 Cross Site Scripting
Posted May 31, 2016
Authored by Manuel Garcia Cardenas

CMSimple versions 4.6.2 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e93f6e0a70519ec45c3974333b210d29
Relay Ajax Directory Manager 1.5.3 File Upload / Command Execution
Posted May 31, 2016
Site redteam-pentesting.de

Relay Ajax Directory Manager versions relayb01-071706, 1.5.1, and 1.5.3 suffer from an unauthenticated file upload vulnerability that can result in a shell upload.

tags | exploit, shell, file upload
MD5 | 70c083691ddb4ee8164629e359687241
Websockify 0.8.0 Buffer Overflow / Remote Code Execution
Posted May 31, 2016
Site redteam-pentesting.de

Websockify versions 0.8.0 and below suffer a buffer overflow vulnerability that allows for remote code execution.

tags | exploit, remote, overflow, code execution
MD5 | e4766a4ef58a2fb66e4cd0abcdef749d
Paessler PRTG Network Monitor 14.4.12.3282 XXE Injection
Posted May 31, 2016
Site redteam-pentesting.de

PRTG Network Monitor version 14.4.12.3282 suffers from an XML eXternal Entity expansion vulnerability.

tags | exploit
advisories | CVE-2015-7743
MD5 | e5f6ec186a8de5447c115e78b64400c0
ProcessMaker 3.0.1.7 Cross Site Request Forgery / Cross Site Scripting
Posted May 31, 2016
Authored by Mickael Dorigny

ProcessMaker version 3.0.1.7 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 3c1dd341fc8ffe2bc824278e759f1a52
Konica Minolta FTP Utility 1.0 SEH Buffer Overflow
Posted May 31, 2016
Authored by Mandar Jadhav

Konica Minolta FTP Utility version 1.0 CWD command SEH buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2015-7768
MD5 | 4469930ff497574ef623756742dc487b
FlatPress 1.0.3 Cross Site Request Forgery / Shell Upload
Posted May 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

FlatPress version 1.0.3 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | 32df419065d3bac54bc4c916500598b6
Lorex ECO DVR Backdoor Account
Posted May 30, 2016
Authored by Andrew Hofmans

Lorex LH162400 DVR firmware version 5.2.0-20141008 has a hard-coded administrative backdoor credential.

tags | exploit
MD5 | 5bd5f725e5823af0ea178474e63a0442
Microsoft Office 2010 Publisher Denial Of Service
Posted May 30, 2016
Authored by Cody Sixteen

Publisher in Microsoft Office 2010 suffers from three denial of service vulnerabilities that can result in a crash.

tags | exploit, denial of service, vulnerability
systems | windows
MD5 | 659ce7beda54305710f1b03fff6b7854
Microsoft Internet Explorer 8 Divide By Zero Proof Of Concept
Posted May 30, 2016
Authored by Cody Sixteen

Microsoft Internet Explorer divide by zero proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
MD5 | 023604e7336d88153edad098a13b2cf1
Open Source Real Estate Script 3.6.0 SQL Injection
Posted May 30, 2016
Authored by Meisam Monsef

Open Source Real Estate Script version 3.6.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0a06b3c78753e60b0908deeb0a80b1e3
Process Hacker DLL Hijacking
Posted May 29, 2016
Authored by rugk

Process Hacker suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 3c977085bb7627cc166ece5922a1efb1
MySQL Procedure Analyse Denial Of Service
Posted May 28, 2016
Authored by Osanda Malith

MySQL Procedure Analyse denial of service exploit that affects versions up to 5.5.45.

tags | exploit, denial of service
advisories | CVE-2015-4870
MD5 | 1a85e20529f00c83a924fa4025add3b4
Citrix Netscaler 11.0 Build 64.35 Cross Site Scripting
Posted May 27, 2016
Authored by Dr. Daniel Schliebner

The login page of the Citrix Netscaler Gateway web front-end is vulnerable to a DOM-based cross site scripting (XSS) vulnerability due to improper sanitization of the content of the "NSC_TMAC" cookie.

tags | exploit, web, xss
advisories | CVE-2016-4945
MD5 | 7fd954e4ba1557ede715df01dfcc253f
PHP Real Estate Script 4.9.0 SQL Injection
Posted May 27, 2016
Authored by Meisam Monsef

PHP Real Estate Script version 4.9.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | b8b1ca30b356d3e666b9a38eef83e19a
Joomla Simple Calendar 0.7.6b SQL Injection
Posted May 27, 2016
Authored by indoushka

Joomla Simple Calendar component version 0.7.6b suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e45385b15b5d375b35c688ee20e6b812
WordPress Ninja Forms Unauthenticated File Upload
Posted May 27, 2016
Authored by Rob Carr, James Golovich | Site metasploit.com

Versions 2.9.36 to 2.9.42 of the Ninja Forms plugin contain an unauthenticated file upload vulnerability, allowing guests to upload arbitrary PHP code that can be executed in the context of the web server.

tags | exploit, web, arbitrary, php, file upload
advisories | CVE-2016-1209
MD5 | f03f7b3010a384cc311fa74d6dc49d0f
Micro Focus Rumba+ 9.4 Buffer Overflow
Posted May 26, 2016
Authored by LiquidWorm | Site zeroscience.mk

Micro Focus Rumba+ version 9.4 suffers from multiple stack buffer overflow vulnerabilities.

tags | exploit, overflow, vulnerability
MD5 | fec62fc2b6154e7ce35e2b916380fcdf
Real Estate Portal 4.1 Cross Site Scripting
Posted May 26, 2016
Authored by Bikramaditya Guha | Site zeroscience.mk

Real Estate Portal version 4.1 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 5968ccd14f6e0a1d9646004927e4f4e8
Real Estate Portal 4.1 Remote Code Execution
Posted May 26, 2016
Authored by Bikramaditya Guha | Site zeroscience.mk

Real Estate Portal version 4.1 suffers from a remote code execution vulnerability via a remote shell upload.

tags | exploit, remote, shell, code execution
MD5 | 1c9414cdac2e1df3ef92780a78267907
EduSec 4.2.5 SQL Injection
Posted May 26, 2016
Authored by Bikramaditya Guha | Site zeroscience.mk

EduSec version 4.2.5 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 9ba9d14958032b71ade2f223f5f65d86
HP Data Protector A.09.00 Command Execution
Posted May 26, 2016
Authored by Ian Lovering

HP Data Protector version A.09.00 suffers from an arbitrary command execution vulnerability.

tags | exploit, arbitrary
advisories | CVE-2016-2004
MD5 | 0a352bd93169ccb7ce4f5b0346d183bd
Graphite2 NameTable::getName Out-Of-Bounds Read
Posted May 26, 2016
Authored by Google Security Research, mjurczyk

Graphite2 suffers from multiple heap-based out-of-bounds reads in NameTable::getName.

tags | exploit
systems | linux
MD5 | 2bc5fed5be74e190ba0bfa28c54c8595
Graphite2 TtfUtil::CmapSubtable4NextCodepoint Buffer Overread
Posted May 26, 2016
Authored by Google Security Research, mjurczyk

Graphite2 suffers from a heap-based over-read in TtfUtil::CmapSubtable4NextCodepoint.

tags | exploit
systems | linux
MD5 | 0074ad0372f63d7af8bce85173edb405
Page 1 of 7
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Germany Urges Parents To Destroy Snooping Smartwatches
Posted Nov 20, 2017

tags | headline, privacy, germany
Drone Maker Makes Hacking Accusations
Posted Nov 20, 2017

tags | headline, hacker, flaw
DNS Resolver 9.9.9.9 Will Check Requests Against IBM Threat Database
Posted Nov 20, 2017

tags | headline, malware, dns
F5 DROWNing, Not Waving, In Crypto Fail
Posted Nov 20, 2017

tags | headline, flaw, cryptography
Cap'n Crunch Booted From Conferences Due To Sexual Misconduct Claims
Posted Nov 18, 2017

tags | headline, hacker, phone, conference
3 More Android Malware Families Invade Google Play Store
Posted Nov 18, 2017

tags | headline, malware, phone, google
Shamed TLS/SSL Cert Authority StartCom To Shut Up Shop
Posted Nov 18, 2017

tags | headline, privacy, data loss, flaw, cryptography
Massive US Military Social Media Spying Archive Left Wide Open In AWS S3 Buckets
Posted Nov 18, 2017

tags | headline, government, privacy, usa, amazon, data loss, flaw, spyware, social
NYPD Cops Need A Warrant To Snoop On Your Phone
Posted Nov 17, 2017

tags | headline, government, privacy, usa, phone
Oracle Scrambles To Fix Security Flaws In Tuxedo
Posted Nov 17, 2017

tags | headline, database, flaw, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close