Showing 101 - 125 of 151

Files

runAV mod_security Remote Command Execution: Posted May 14, 2016; Authored by R-73eN; runAV with mod_security suffers from a command injection vulnerability that leads to privilege escalation providing the clamscan binary is setuid.; tags | exploit; SHA-256 | bdba22ff6e69274f11a7562bef9ed503271afdbace54eebcfb3853ad25e4c0df; Download | Favorite | View

NRSS News Reader 0.3.9-1 Stack Buffer Overflow: Posted May 14, 2016; Authored by Juan Sacco; NRSS News Reader version 0.3.9-1 suffers from a buffer overflow vulnerability which allows local attackers to obtain privileged access when exploited.; tags | exploit, overflow, local; SHA-256 | b5f3a2404aafd8eda6e505827572e621bcf0d5d5702bc0d990458b962448eb94; Download | Favorite | View

FTP JCL Execution: Posted May 13, 2016; Authored by Soldier of Fortran, chiefascot, Bigendian Smalls; FTP JCL execution exploit. Requires valid credentials to the target system.; tags | exploit; SHA-256 | 288002391162bca71d1f77dd511e366a7a7a3282a4917e020423964d0f44e14a; Download | Favorite | View

Wireshark AirPDcapDecryptWPABroadcastKey Out-Of-Bounds Read: Posted May 13, 2016; Authored by Google Security Research, mjurczyk; Wireshark suffers from a heap-based out-of-bounds read in AirPDcapDecryptWPABroadcastKey.; tags | exploit; systems | linux; SHA-256 | cefcba13f26aae83ab52522e6f7f1d5b147aed9d8191978f1c74d250d888da31; Download | Favorite | View

Huawei Mobile Broadband HL Service 22.001.25.00.03 Local Privilege Escalation: Posted May 12, 2016; Authored by Florian Bogner; Huawei Mobile Broadband HL Service versions 22.001.25.00.03 and below are vulnerable to a DLL side loading attack allowing normal unprivileged users to gain full SYSTEM access.; tags | exploit; advisories | CVE-2016-2855; SHA-256 | 2563ce6275ba1108791f8d13204c1f460cd819b171ba0d2cbc4d69e26b85e5dd; Download | Favorite | View

Core FTP Server 32-Bit Build 587 Heap Overflow: Posted May 12, 2016; Authored by Paul Purcell; Core FTP Server 32-Bit build 587 heap overflow denial of service exploit.; tags | exploit, denial of service, overflow; SHA-256 | fdc372a0780e2521678e1599b9d2a6f1d4d695379cf95f8f655f26ccef873f6b; Download | Favorite | View

Adobe Reader DC 15.010.20060 Memory Corruption: Posted May 12, 2016; Authored by Pier-Luc Maltais; Adobe Reader DC versions 15.010.20060 and below memory corruption proof of concept exploit.; tags | exploit, proof of concept; systems | linux; advisories | CVE-2016-1077; SHA-256 | 8b4ce0368271005db67d2e3f262d808e9b0654c8d487017bf71bd7bc168bb853; Download | Favorite | View

Ipswitch WS_FTP LE 12.3 SEH Overwrite: Posted May 12, 2016; Authored by Zahid Adeel; Ipswitch WS_FTP LE version 12.3 search field SEH overwrite proof of concept exploit.; tags | exploit, proof of concept; SHA-256 | a06e22815ff2158c61a05fcfe0d360b6411bfee1bc6b430d27f315d4ee52f7b1; Download | Favorite | View

CIScan 1.00 SEH Overwrite: Posted May 11, 2016; Authored by Nipun Jaswal; CIScan version 1.00 hostname/IP field SEH overwrite proof of concept exploit.; tags | exploit, proof of concept; SHA-256 | 1c1639749211f240dcd240d71ae6baae3868ec116f68c568a80f04dbc1b2b775; Download | Favorite | View

Android Broadcom Wi-Fi Driver Memory Corruption: Posted May 11, 2016; Authored by AbdSec; Android Broadcom Wi-Fi driver memory corruption proof of concept exploit.; tags | exploit, proof of concept; advisories | CVE-2016-0801; SHA-256 | c4c12cb38e6d2b70be8735e7ec14759ae9fc80ee9eaf6ef89e5d82541843c1e2; Download | Favorite | View

Skype Content Spoofing / Phishing: Posted May 11, 2016; Authored by Danny Kopping; Skype appears to possibly be susceptible to a content spoofing vulnerability.; tags | exploit, spoof; systems | linux; SHA-256 | 1818fa20690442196c2929353bf64fe6a49db93abd0c384a6575fe27f68fa6fd; Download | Favorite | View

Joomla Event Manager 2.x Cross Site Scripting: Posted May 11, 2016; Authored by T3NZOG4N, Mojtaba MobhaM; Joomla Event Manager component version 2.x suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | b2b22fefa48cf08c718c9172065b478d23024466d877da760ed560e364b738a2; Download | Favorite | View

Wordpress BulletProof Security 53.3 Cross Site Scripting: Posted May 11, 2016; Authored by Onur YILMAZ | Site netsparker.com; Wordpress BulletProof Security version 53.3 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 355fd2db564941e22cb266eb97843d68bf8f592f15e9be6a9a9a9155c62fff30; Download | Favorite | View

Trend Micro Direct Pass Cross Site Scripting: Posted May 10, 2016; Authored by Vulnerability Laboratory, Karim Rahal | Site vulnerability-lab.com; Trend Micro Direct Pass suffers from bypass and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | cfbc208b57032c60c568c65bf355a0b14fe903a50f11806344635b40a39d6312; Download | Favorite | View

Stanford SQL Injection: Posted May 10, 2016; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; Stanford suffered from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 488b1c83e4bd6987e90181b72a1f482b05b23b147b14bdecab75c7a0c3d6162b; Download | Favorite | View

Notes 4.5 Arbitrary File Upload: Posted May 10, 2016; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; Notes version 4.5 for iOS suffers from an arbitrary file upload vulnerability.; tags | exploit, arbitrary, file upload; systems | ios; SHA-256 | 70c5eab78b2c0d9472c025b166a4d138c9f033ca2b9ececb1124e657261aca1c; Download | Favorite | View

Certec EDV atvise SCADA Server 2.5.9 Privilege Escalation: Posted May 10, 2016; Authored by LiquidWorm | Site zeroscience.mk; Certec EDV atvise SCADA server version 2.5.9 suffers from a privilege escalation vulnerability.; tags | exploit; SHA-256 | 8a666916eaf09070cb8201511edd0565c336897f502249870044a9ab56e4dd88; Download | Favorite | View

Dell SonicWall Scrutinizer 11.0.1 SQL Injection / Code Execution: Posted May 10, 2016; Authored by mr_me, Brandon Perry; Dell SonicWall Scrutinizer versions 11.0.1 and below setUserSkin/deleteTab SQL injection / remote code execution exploit that leverages a vulnerability found by Brandon Perry in July of 2014.; tags | exploit, remote, code execution, sql injection; SHA-256 | 6dc759bc14a238d30a49e98bea0afabd99f1ed4bda69fec060f0fc09e8cf5e1a; Download | Favorite | View

Micrsoft Windows BSOD Privilege Escalation: Posted May 10, 2016; Authored by koczkatama; Microsoft Windows blue screen of death exploit that leverages a privilege escalation vulnerability as defined in CVE-2016-0051.; tags | exploit; systems | windows; advisories | CVE-2016-0051; SHA-256 | 67d82404d6a35158b3347f4bd5cd1f5636bbcb06bb08385ad27e8018e31b2bc1; Download | Favorite | View

Skype Manager Filter Bypass: Posted May 10, 2016; Authored by Vulnerability Laboratory, Karim Rahal | Site vulnerability-lab.com; manager.skype.com suffered from a filter bypass vulnerability.; tags | exploit, bypass; SHA-256 | e7fdc3f2838742e57eca2759b9ce7eff642e725f08be5a1d47c623e98d27f5d6; Download | Favorite | View

WordPress Event Registration 6.02.02 XSS / SQL Injection: Posted May 9, 2016; Authored by Michael Helwig; WordPress Event Registration plugin version 6.02.02 suffers from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | c68bc624b9c59b3929a3f69f844c90408587a093736cafbe16c9de5602ab2d87; Download | Favorite | View

PHPWebFTP 3.3b Cross Site Scripting: Posted May 8, 2016; Authored by N_A; PHPWebFTP version 3.3b suffers from cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 9d68d46015cb9bd4cd46ee567443d110deb5c32da2e2ad61e485ef37bb6e30b2; Download | Favorite | View

Ajaxel CMS 8.0 XSS / CSRF / File Disclosure / SQL Injection: Posted May 7, 2016; Authored by Krzysztof DizzyDuck Kosinski; Ajaxel CMS version 8.0 suffers from cross site request forgery, cross site scripting, file disclosure, and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection, info disclosure, csrf; SHA-256 | ba065418c9fddd4cde997ef1cc0e2ca3ffb37968eeaba86670b5847e55ca2a43; Download | Favorite | View

Aruba Authentication Bypass / Insecure Transport / Tons Of Issues: Posted May 6, 2016; Authored by Google Security Research, Sven Blumenstein; Multiple vulnerabilities were identified in Aruba AP, IAP and AMP devices. The vulnerabilities were discovered during a black box security assessment and therefore the vulnerability list should not be considered exhaustive. Several of the high severity vulnerabilities listed in this report are related to the Aruba proprietary PAPI protocol and allow remote compromise of affected devices.; tags | exploit, remote, vulnerability, protocol; advisories | CVE-2007-0932, CVE-2014-7299, CVE-2016-2031, CVE-2016-2032; SHA-256 | 3a3494bcdbe8f6b8c31c2a7fca58aaa5c1af0d80362f0ec65e759ae54b68b2ac; Download | Favorite | View

ImageMagick Delegate Arbitrary Command Execution: Posted May 6, 2016; Authored by wvu, Nikolay Ermishkin, hdm, stewie | Site metasploit.com; This Metasploit module exploits a shell command injection in the way "delegates" (commands for converting files) are processed in ImageMagick versions <= 7.0.1-0 and <= 6.9.3-9 (legacy). Since ImageMagick uses file magic to detect file format, you can create a .png (for example) which is actually a crafted SVG (for example) that triggers the command injection. Tested on Linux, BSD, and OS X. You'll want to choose your payload carefully due to portability concerns. Use cmd/unix/generic if need be.; tags | exploit, shell; systems | linux, unix, bsd, apple, osx; SHA-256 | b4c6b0e7acc235fa1688e82fff7eedb021357977c009bfb8d3faf0171a733bf1; Download | Favorite | View

Page 5 of 6 Back 2 3 4 5 6 Next

Top Authors In Last 30 Days

Red Hat 229 files
indoushka 167 files
Jay Turla 150 files
Ubuntu 67 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

Files

Top Authors In Last 30 Days

Recent News