Showing 1 - 25 of 151

Files

Packet Storm New Exploits For May, 2016: Posted Jun 1, 2016; Authored by Todd J. | Site packetstormsecurity.com; This archive contains all of the 151 exploits added to Packet Storm in May, 2016.; tags | exploit; systems | linux; SHA-256 | 7d1ae806d142e11adfdc4a4c72908bb6e3fb61700b07a9e91c2c3a795ab21e8f; Download | Favorite | View

CMSimple 4.6.2 Cross Site Scripting: Posted May 31, 2016; Authored by Manuel Garcia Cardenas; CMSimple versions 4.6.2 and below suffer from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 81de68bdf9a7b279cdc44cfd72219c6809d4b4491086e1b683f57281cbc6f591; Download | Favorite | View

Relay Ajax Directory Manager 1.5.3 File Upload / Command Execution: Posted May 31, 2016; Site redteam-pentesting.de; Relay Ajax Directory Manager versions relayb01-071706, 1.5.1, and 1.5.3 suffer from an unauthenticated file upload vulnerability that can result in a shell upload.; tags | exploit, shell, file upload; SHA-256 | 86f16a585b31311d54705ed9a9f89e3e7f9a9f7fb81cc770e74eb4ff7bc82dbc; Download | Favorite | View

Websockify 0.8.0 Buffer Overflow / Remote Code Execution: Posted May 31, 2016; Site redteam-pentesting.de; Websockify versions 0.8.0 and below suffer a buffer overflow vulnerability that allows for remote code execution.; tags | exploit, remote, overflow, code execution; SHA-256 | caea35c7d2790c9ab4ea828774b280bdbc0c89b8236bbec43cd1a0bed3e1876f; Download | Favorite | View

Paessler PRTG Network Monitor 14.4.12.3282 XXE Injection: Posted May 31, 2016; Site redteam-pentesting.de; PRTG Network Monitor version 14.4.12.3282 suffers from an XML eXternal Entity expansion vulnerability.; tags | exploit, xxe; advisories | CVE-2015-7743; SHA-256 | 41babc73fc9bda76f17c48714fa073370cc3e8261d71210d28b3b5a3b479575f; Download | Favorite | View

ProcessMaker 3.0.1.7 Cross Site Request Forgery / Cross Site Scripting: Posted May 31, 2016; Authored by Mickael Dorigny; ProcessMaker version 3.0.1.7 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; SHA-256 | 3a93fa579b0acb61f85260e2bf41982d4ffb8418eb1a4ab73d10041be2d5b819; Download | Favorite | View

Konica Minolta FTP Utility 1.0 SEH Buffer Overflow: Posted May 31, 2016; Authored by Mandar Jadhav; Konica Minolta FTP Utility version 1.0 CWD command SEH buffer overflow exploit.; tags | exploit, overflow; advisories | CVE-2015-7768; SHA-256 | 5fb3c4082734b2bea7d205e6e01eaf8eae340d8653251aa86db8fe5c587c8f88; Download | Favorite | View

FlatPress 1.0.3 Cross Site Request Forgery / Shell Upload: Posted May 30, 2016; Authored by LiquidWorm | Site zeroscience.mk; FlatPress version 1.0.3 suffers from cross site request forgery and remote shell upload vulnerabilities.; tags | exploit, remote, shell, vulnerability, csrf; SHA-256 | d278db65414293aefea2af73e991df9eb2374b5d235dccdc7abb5847713bb09e; Download | Favorite | View

Lorex ECO DVR Backdoor Account: Posted May 30, 2016; Authored by Andrew Hofmans; Lorex LH162400 DVR firmware version 5.2.0-20141008 has a hard-coded administrative backdoor credential.; tags | exploit; SHA-256 | e8f13a783ea42627048c1254e1521e597f8febb49cdc37b444c32eeec559dc49; Download | Favorite | View

Microsoft Office 2010 Publisher Denial Of Service: Posted May 30, 2016; Authored by Cody Sixteen; Publisher in Microsoft Office 2010 suffers from three denial of service vulnerabilities that can result in a crash.; tags | exploit, denial of service, vulnerability; systems | windows; SHA-256 | 92d4806502ddbfb861c44b73ab19354dd02252559e04a185f6e8ea97c63c7f33; Download | Favorite | View

Microsoft Internet Explorer 8 Divide By Zero Proof Of Concept: Posted May 30, 2016; Authored by Cody Sixteen; Microsoft Internet Explorer divide by zero proof of concept denial of service exploit.; tags | exploit, denial of service, proof of concept; SHA-256 | 0e70e4c082f946f359c63b9b6a4e594dc50965980351a81ff1b82297a5f7c2e7; Download | Favorite | View

Open Source Real Estate Script 3.6.0 SQL Injection: Posted May 30, 2016; Authored by Meisam Monsef; Open Source Real Estate Script version 3.6.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | bb88bb3834dcbef9cdc1902fa62ffb25bab0923b51d5eb8cbcd4182e4ab4c649; Download | Favorite | View

Process Hacker DLL Hijacking: Posted May 29, 2016; Authored by rugk; Process Hacker suffers from a DLL hijacking vulnerability.; tags | exploit; systems | windows; SHA-256 | 93e511472b88d8d215a59cb6899d94b2f2f2c90b30be52cea4866c56a3d6e291; Download | Favorite | View

MySQL Procedure Analyse Denial Of Service: Posted May 28, 2016; Authored by Osanda Malith; MySQL Procedure Analyse denial of service exploit that affects versions up to 5.5.45.; tags | exploit, denial of service; advisories | CVE-2015-4870; SHA-256 | d572109b0189ecd815c569ad47520780444acf35842b036897634bb7c97017fb; Download | Favorite | View

Citrix Netscaler 11.0 Build 64.35 Cross Site Scripting: Posted May 27, 2016; Authored by Dr. Daniel Schliebner; The login page of the Citrix Netscaler Gateway web front-end is vulnerable to a DOM-based cross site scripting (XSS) vulnerability due to improper sanitization of the content of the "NSC_TMAC" cookie.; tags | exploit, web, xss; advisories | CVE-2016-4945; SHA-256 | a907282e85cbd46ffd00df290cafdd51155648f582be3aa5b66d82cc3e3fbe7b; Download | Favorite | View

PHP Real Estate Script 4.9.0 SQL Injection: Posted May 27, 2016; Authored by Meisam Monsef; PHP Real Estate Script version 4.9.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, php, sql injection; SHA-256 | a3d0e8975de183eab61fd4e51fae11a0ffdb9ee0737e12c2b4f7dffaac28a836; Download | Favorite | View

Joomla Simple Calendar 0.7.6b SQL Injection: Posted May 27, 2016; Authored by indoushka; Joomla Simple Calendar component version 0.7.6b suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 909535d927b0a5f9ec70c23acbde120032291e1894baa58b23ed8900b178752e; Download | Favorite | View

WordPress Ninja Forms Unauthenticated File Upload: Posted May 27, 2016; Authored by Rob Carr, James Golovich | Site metasploit.com; Versions 2.9.36 to 2.9.42 of the Ninja Forms plugin contain an unauthenticated file upload vulnerability, allowing guests to upload arbitrary PHP code that can be executed in the context of the web server.; tags | exploit, web, arbitrary, php, file upload; advisories | CVE-2016-1209; SHA-256 | cc15398ab11d0e8cb5fd8ef9052046e7b29bea4c4d0c3133e418bc99ac79897b; Download | Favorite | View

Micro Focus Rumba+ 9.4 Buffer Overflow: Posted May 26, 2016; Authored by LiquidWorm | Site zeroscience.mk; Micro Focus Rumba+ version 9.4 suffers from multiple stack buffer overflow vulnerabilities.; tags | exploit, overflow, vulnerability; SHA-256 | b06940b609cc3f264b437346350d607cf47b03cc6ffea20d742ff4e2f5a403fb; Download | Favorite | View

Real Estate Portal 4.1 Cross Site Scripting: Posted May 26, 2016; Authored by Bikramaditya Guha | Site zeroscience.mk; Real Estate Portal version 4.1 suffers from multiple persistent cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 132b0a88c9bf85e088ae6a14d8bc97646acfe63f65b9b9e78602d0d7fc6e2ff9; Download | Favorite | View

Real Estate Portal 4.1 Remote Code Execution: Posted May 26, 2016; Authored by Bikramaditya Guha | Site zeroscience.mk; Real Estate Portal version 4.1 suffers from a remote code execution vulnerability via a remote shell upload.; tags | exploit, remote, shell, code execution; SHA-256 | ee40d9bcfcc0351770d9249cb68627f2796fa878c95e2755270299d38b835caa; Download | Favorite | View

EduSec 4.2.5 SQL Injection: Posted May 26, 2016; Authored by Bikramaditya Guha | Site zeroscience.mk; EduSec version 4.2.5 suffers from multiple remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; SHA-256 | ae2fb04d350828c0760dafcadaba1d40df871f24f55e80016a0916e53bf4cf74; Download | Favorite | View

HP Data Protector A.09.00 Command Execution: Posted May 26, 2016; Authored by Ian Lovering; HP Data Protector version A.09.00 suffers from an arbitrary command execution vulnerability.; tags | exploit, arbitrary; advisories | CVE-2016-2004; SHA-256 | d3f1ffffb6eef9ed7cc7377227cb355ba26d3c2faa89427fe68466377916027e; Download | Favorite | View

Graphite2 NameTable::getName Out-Of-Bounds Read: Posted May 26, 2016; Authored by Google Security Research, mjurczyk; Graphite2 suffers from multiple heap-based out-of-bounds reads in NameTable::getName.; tags | exploit; systems | linux; SHA-256 | 92ab9355abc4162c25a4e991f02a788212ed2613a916de8407f6e25cdf93f470; Download | Favorite | View

Graphite2 TtfUtil::CmapSubtable4NextCodepoint Buffer Overread: Posted May 26, 2016; Authored by Google Security Research, mjurczyk; Graphite2 suffers from a heap-based over-read in TtfUtil::CmapSubtable4NextCodepoint.; tags | exploit; systems | linux; SHA-256 | 98cd8ac56c6af770b144124e7601583c8dd096fb701d50c77d5360b3bb28df8e; Download | Favorite | View

Page 1 of 7 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

Files

Top Authors In Last 30 Days

Recent News