Twenty Year Anniversary
Showing 51 - 75 of 191 RSS Feed

Files

Joomla Huge IT Gallery 1.1.5 Cross Site Scripting / SQL Injection
Posted Jul 24, 2016
Authored by Larry W. Cashdollar, Elitza Neytcheva

Joomla Huge IT Gallery component version 1.1.5 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2016-1000113
MD5 | a39872e48bbd09218e7d52ba78508b73
Joomla Weblinks Shell Upload
Posted Jul 23, 2016
Authored by howucan

The Joomla Weblinks component suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | c8a50290788fda4ec11a505213deab62
Autobahn|Python Origin Header Manipulation
Posted Jul 23, 2016
Authored by mgill

Autobahn|Python incorrectly checks the Origin header when the 'allowedOrigins' value is set. This can allow third parties to execute legitimate requests for WAMP WebSocket requests against an Autobahn|Python/Crossbar.io server within another browser's context. This is addressed in version 0.15.0.

tags | exploit, python, bypass
MD5 | b5e56a17d55d166124be2e6885b8dea7
NetBSD mail.local(8) Local Root
Posted Jul 22, 2016
Authored by Akat1

NetBSD mail.local(8) local root exploit that leverages a race condition as noted in NetBSD-SA2016-006.

tags | exploit, local, root
systems | netbsd
advisories | CVE-2016-6253
MD5 | da3f7174a3da6c72191ca5cb6e44a124
Barracuda Web App Firewall / Load Balancer Remote Root
Posted Jul 22, 2016
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware version 8.0.1.007 and below and Load Balancer Firmware versions 5.4.0.004 and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configurations on the appliances.

tags | exploit, remote, web, root
MD5 | e1a7bb9cde66071052ef2852ba90e603
Barracuda Spam And Virus Firewall 5.1.3.007 Remote Root
Posted Jul 22, 2016
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in the Barracuda Spam and Virus firewall firmware versions 5.1.3.007 and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.

tags | exploit, remote, web, local, root, virus
MD5 | 2a96fb51418e508bdae5e924090c797d
Rapid7 AppSpider 6.12 Privilege Escalation
Posted Jul 22, 2016
Authored by LiquidWorm | Site zeroscience.mk

Rapid7 AppSpider version 6.12 web application vulnerability scanner suffers from an unquoted search path issue impacting the services 'AppSpider REST Server', 'AppSpider REST Service' and 'AppSpiderUpgradeService' for Windows deployed as part of AppSpider solution. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.

tags | exploit, web, arbitrary, local, root
systems | windows
MD5 | c1ee868f5b0f95d997aa0ee05c17c679
TeamPass Passwords Management System 2.1.26 File Download
Posted Jul 22, 2016
Authored by Hasan Emre Ozer

TeamPass Passwords Management System versions 2.1.26 and below suffer from an unauthenticated arbitrary file download vulnerability.

tags | exploit, arbitrary
MD5 | 34adada6439a4ff0125697f7f17b27ec
TFTP Server 1.4 WRQ Buffer Overflow
Posted Jul 21, 2016
Authored by Karn Ganeshen

TFTP server version 1.4 WRQ buffer overflow exploit with egghunter shellcode.

tags | exploit, overflow, shellcode
MD5 | fe5dce41ea7ae479599f167ae29fb639
Drupal RESTWS Module Remote PHP Code Execution
Posted Jul 21, 2016
Authored by Mehmet Ince, Devin Zuczek | Site metasploit.com

This Metasploit module exploits a Remote PHP Code Execution vulnerability in Drupal RESTWS Module. Unauthenticated users can execute arbitrary code under the context of the web server user. RESTWS alters the default page callbacks for entities to provide additional functionality. A vulnerability in this approach allows an unauthenticated attacker to send specially crafted requests resulting in arbitrary PHP execution. RESTWS 2.x prior to 2.6 and 1.x prior to 1.7 versions are affected by issue. This Metasploit module was tested against RESTWS 2.5 with Drupal 7.5 installation on Ubuntu server.

tags | exploit, remote, web, arbitrary, php, code execution
systems | linux, ubuntu
MD5 | a07fff541bb884e4701ff7f27d49ae76
UPC Hungary Administrative Password / Insecure Transit
Posted Jul 21, 2016
Authored by Gergely Eberhardt

UPC Hungary devices have the same administrative password for all devices, send it insecurely over the wire, and also use telnetd by default.

tags | exploit
MD5 | bebbe65f28213dfa74a81de195dfd819
Technicolor TC7200 Modem / Router Session Management / Fixed Password
Posted Jul 21, 2016
Authored by Gergely Eberhardt

The Technicolor TC7200 suffers from session management issues and also uses a fixed password for backup file encryption. Proof of concept code included.

tags | exploit, proof of concept
MD5 | be3302863bceda9f8ece1413401b6a21
WordPress WooCommerce 2.6.2 Cross Site Scripting
Posted Jul 21, 2016
Authored by Han Sahin

WordPress WooCommerce plugin version 2.6.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 128f43aecf47badf4272571710225474
WordPress Paid Memberships Pro 1.8.9.3 Cross Site Scripting
Posted Jul 21, 2016
Authored by Burak Kelebek

WordPress Paid Memberships Pro plugin version 1.8.9.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e32c768b8c371dc7303205be0eba1cc9
PHP 7.0.8 / 5.6.23 / 5.5.37 bzread() OOB Write
Posted Jul 21, 2016
Authored by Hans Jerry Illikainen

PHP versions 7.0.8, 5.6.23, and 5.5.37 suffers from an out-of-bounds write vulnerability in bzread().

tags | exploit, php
advisories | CVE-2016-5399
MD5 | 6b6fb4f1de53517be6387665e5599f1a
Compal CH7465LG-LC Modem / Router Session Management / Command Injection
Posted Jul 21, 2016
Authored by Gergely Eberhardt

The Compal CH7465LG-LC suffers session management, denial of service, unauthenticated configuration changes, and command injection vulnerabilities. Proof of concept included.

tags | exploit, denial of service, vulnerability, proof of concept, bypass
MD5 | df44524323cde2bddb6548a8a7631cf4
Cisco EPC3925 UPC Modem / Router Default Passphrase
Posted Jul 21, 2016
Authored by Gergely Eberhardt

The default SSID and passphrase on the Cisco EPC3925 are derived from the MAC address and the DOCSIS serial number. Since the MAC address of the device is broadcasted via WiFi and the typical serial number is within the range 200.000.000 and 260.000.000, the default password can be brute-forced within minutes. Proof of concept included.

tags | exploit, proof of concept
systems | cisco
MD5 | aee1f536046790ca1bc25977b15d4f5d
OpenSSHD 7.2p2 User Enumeration
Posted Jul 21, 2016
Authored by 0_o

OpenSSHD versions 7.2p2 and below remote username enumeration exploit.

tags | exploit, remote
MD5 | fa557a65295528572def67f216ae854d
Oracle Patches 27 Vulnerabilities
Posted Jul 20, 2016
Authored by David Litchfield

A total of 27 vulnerabilities have been patched by Oracle. These affect eBusiness Suite R12.x and 11.5, Apex, Primavera, OBIEE, and Agile DB components. These issues include SQL injection, cross site scripting, XXE injection, SSRF, failed access controls, and more.

tags | exploit, vulnerability, xss, sql injection, xxe
advisories | CVE-2016-3448, CVE-2016-3467
MD5 | ee51786f3fcbeed16c2224dbb1d9ae36
Wowza Streaming Engine 4.5.0 Cross Site Scripting
Posted Jul 20, 2016
Authored by LiquidWorm | Site zeroscience.mk

Wowza Streaming Engine suffers from multiple reflected cross site scripting vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Version 4.5.0 build 18676 is affected.

tags | exploit, arbitrary, vulnerability, xss
MD5 | 169e90eaf6e2f33cc3f262fe82fbdf71
Wowza Streaming Engine 4.5.0 Cleartext Sensitive Information Storage
Posted Jul 20, 2016
Authored by LiquidWorm | Site zeroscience.mk

Wowza Streaming Engine version 4.5.0 build 18676 stores sensitive information in cleartext within a resource that might be accessible to another control sphere. When the file is modified it is automatically applied into the application with newly created user account. Wowza stores sensitive information such as username and password in cleartext in admin.password file, which is readable by local users.

tags | exploit, local
MD5 | 4b1acf67336bad2ba80dbdd003a28cea
Wowza Streaming Engine 4.5.0 Cross Site Request Forgery
Posted Jul 20, 2016
Authored by LiquidWorm | Site zeroscience.mk

Wowza Streaming Engine version 4.5.0 build 18676 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 15fd1bda51887160628be1f14fadf31d
Wowza Streaming Engine 4.5.0 Remote Privilege Escalation
Posted Jul 20, 2016
Authored by LiquidWorm | Site zeroscience.mk

The Wowza Streaming Engine application suffers from a privilege escalation issue. Normal user (read-only) can elevate his/her privileges by sending a POST request setting the parameter 'accessLevel' to 'admin' gaining admin rights and/or setting the parameter 'advUser' to 'true' and '_advUser' to 'on' gaining advanced admin rights. Version 4.5.0 build 18676 is affected.

tags | exploit
MD5 | 7387ac571be10485ca7a269cad403bba
Wowza Streaming Engine 4.5.0 Local Privilege Escalation
Posted Jul 20, 2016
Authored by LiquidWorm | Site zeroscience.mk

Wowza Streaming Engine suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'F' flag (Full) for 'Everyone' group. In combination with insecure file permissions the application suffers from an unquoted search path issue impacting the services 'WowzaStreamingEngine450' and 'WowzaStreamingEngineManager450' for Windows deployed as part of Wowza Streaming software. Version 4.5.0 build 18676 is affected.

tags | exploit
systems | windows
MD5 | b436a59d1a7e647bb91ff95d5aadac30
WordPress Video Player 1.5.16 SQL Injection
Posted Jul 19, 2016
Authored by David Vaartjes, Yorick Koster, Securify B.V.

WordPress Video Player plugin version 1.5.16 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 2a94cf912e0354a51e389018f85661cc
Page 3 of 8
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Twitter Releases 10M Tweets, Reveals Decades Of Foreign Influence, Including Russia's Efforts in 2016 Election
Posted Oct 18, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, government, usa, russia, fraud, cyberwar, twitter
Tea Party Super PAC Group Spilled 500k Voters' Info All Over Web
Posted Oct 18, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, government, privacy, usa, data loss
LuminosityLink Spyware Mastermind Gets 30 Months In The Clink
Posted Oct 18, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, hacker, malware, cybercrime, fraud
Oceansalt Linked To Defunct Chinese APT Comment Crew
Posted Oct 18, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, hacker, government, malware, china, cyberwar
Oracle Releases Patch To Address Over 300 Security Issues
Posted Oct 17, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, linux, database, flaw, patch, oracle
LibSSH Flaw Leaves Thousands Of Servers At Risk Of Hijacking
Posted Oct 17, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, hacker, flaw, cryptography
GreyEnergy Targets Critical Infrastructure Companies
Posted Oct 17, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, government, malware, cyberwar, scada
Investigation Expanded Into Bogus Net Neutrality Comments
Posted Oct 17, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, government, usa, fraud
Personal Records Of 30,000 US Department Of Defense Workers Swiped By Miscreants
Posted Oct 16, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, hacker, government, privacy, usa, data loss, cyberwar, military
Anthem Agrees To Pay $16 Million In Data Breach Privacy Settlement
Posted Oct 16, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, privacy, data loss
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close