Exploit the possiblities
Showing 1 - 25 of 270 RSS Feed

Files

Packet Storm New Exploits For November, 2016
Posted Dec 1, 2016
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 270 exploits added to Packet Storm in November, 2016.

tags | exploit
MD5 | 056f455eb68dec5f2da9dd18db69420f
PDF Shaper Buffer Overflow
Posted Nov 30, 2016
Authored by metacom | Site metasploit.com

PDF Shaper is prone to a security vulnerability when processing PDF files. The vulnerability appear when we use Convert PDF to Image and use a specially crafted PDF file. This Metasploit module has been tested successfully on Win Xp, Win 7, Win 8, Win 10.

tags | exploit
MD5 | 79a38c033229091ffae0fd8e0611b6bd
e107 2.1.2 Cross Site Request Forgery / Cross Site Scripting
Posted Nov 30, 2016
Authored by Tim Herres | Site foxmole.com

e107 version 2.1.2 suffers from cross site request forgery, static cookie, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 2560b139dc88f1dc4be1e36c21451eb2
X5 Webserver 5.0 Remote Denial Of Service
Posted Nov 30, 2016
Authored by Stefan Petrushevski | Site zeroscience.mk

X5 Webserver version 5.0 suffers from a null pointer dereference denial of service vulnerability.

tags | exploit, denial of service
MD5 | e9327f001b702ed2f450b243f4d20ba2
ntpd 4.2.8 Stack Overflow Proof Of Concept
Posted Nov 30, 2016
Authored by N_A

Remote ntpd version 4.2.8 stack overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
MD5 | 736431083273dddf2edec7ebea2090c2
Peplink NGxxx/LCxxx VPN-Firewall Open Redirect
Posted Nov 29, 2016
Authored by LiquidWorm | Site zeroscience.mk

Input passed via the '_redirect' GET parameter via 'service.cgi' script on various Peplink VPN-Firewall devices is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.

tags | exploit, arbitrary, cgi
MD5 | 5af9c98feacf1c9f241e8c52fcc8846f
WinPower 4.9.0.4 Privilege Escalation
Posted Nov 29, 2016
Authored by Kacper Szurek

WinPower version 4.9.0.4 suffers from a privilege escalation vulnerability. Proof of concept code included.

tags | exploit, proof of concept
MD5 | ed0607905b845ef7350dce9ad139b90e
WordPress Insert Html Snippet 1.2 Cross Site Request Forgery
Posted Nov 29, 2016
Authored by Yorick Koster, Securify B.V.

WordPress Insert Html Snippet plugin version 1.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 70597e9717e758afa7044c6df0d23a30
Google Chrome Accessibility blink::Node Corruption
Posted Nov 29, 2016
Authored by SkyLined

A specially crafted web-page can trigger an unknown memory corruption vulnerability in Google Chrome Accessibility code. An attacker can cause code to attempt to execute a method of an object using a vftable, when the pointer to that object is not valid, or the object is not of the expected type. Successful exploitation can lead to arbitrary code execution.

tags | exploit, web, arbitrary, code execution
MD5 | ab98628c1095fe66451caf0ac7387408
Eagle Speed USB Modem Software Privilege Escalation
Posted Nov 29, 2016
Authored by R-73eN

Eagle Speed USB modem software suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | 67a4ea9e0ca59f6d85e2f3fa2dc01b16
EnCase Forensic Imager 7.10 Denial Of Service / Heap Buffer Overflow
Posted Nov 29, 2016
Authored by Wolfgang Ettlinger | Site sec-consult.com

EnCase Forensic Imager versions 7.10 and below suffer from denial of service and heap-based buffer overflow vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
MD5 | 1c5bac58a0fdaf56c3881bb3ed6e6585
Biesta Billing 4.0 Beta Cross Site Request Forgery / Traversal
Posted Nov 29, 2016
Authored by Taurus Omar

Biesta Billing version 4.0 Beta suffers from cross site request forgery and directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion, csrf
MD5 | ffa53f44ee22e91a14f026523a749b80
Tenda / D-Link / TP-Link DHCP Cross Site Scripting
Posted Nov 28, 2016
Authored by Lawrence Amer | Site vulnerability-lab.com

Tenda, D-Link, and TP-Link routers suffer from a DHCP-related cross site scripting vulnerability.

tags | exploit, xss
MD5 | 35203611e6c87286765993d433525561
Schoolhos CMS 2.29 SQL Injection
Posted Nov 28, 2016
Authored by Lawrence Amer | Site vulnerability-lab.com

Schoolhos CMS version 2.29 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9322838288cec4efea647f3760bc4e8e
Microsoft Internet Explorer MSHTML DOMImplementation Type Confusion
Posted Nov 28, 2016
Authored by SkyLined

A specially crafted web-page can cause a type confusion vulnerability in Microsoft Internet Explorer 8 through to 11. An attacker can cause code to be executed with a stack layout it does not expect, or have code attempt to execute a method of an object using a vftable, when that object does not have a vftable. Successful exploitation can lead to arbitrary code execution.

tags | exploit, web, arbitrary, code execution
advisories | CVE-2016-0063
MD5 | a39c2c649d0580dbcfd87e206179520a
Sync Breeze Enterprise 9.1.16 Buffer Overflow
Posted Nov 28, 2016
Authored by Tulpa

Sync Breeze Enterprise version 9.1.16 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | d41f9c50741d4e3cbaac5d784239a86b
Disk Savvy Enterprise 9.1.14 Buffer Overflow
Posted Nov 28, 2016
Authored by Tulpa

Disk Savvy Enterprise version 9.1.14 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 897df75e132522be3c66f4a32662acf1
Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation
Posted Nov 28, 2016
Authored by FireFart

This exploit uses the pokemon exploit as a base and automatically generates a new passwd line. The original /etc/passwd is then backed up to /tmp/passwd.bak and overwritten with the new line. The user will be prompted for the new password when the binary is run. After running the exploit you should be able to login with the newly created user.

tags | exploit
advisories | CVE-2016-5195
MD5 | 2d84b48a3c7259bdcfc8b09a0c2ed0c2
Disk Sorter Enterprise 9.1.12 Buffer Overflow
Posted Nov 28, 2016
Authored by Tulpa

Disk Sorter Enterprise version 9.1.12 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | bc108454ec29731f734c2bbb84dc3b6a
Dup Scout Enterprise 9.1.14 Buffer Overflow
Posted Nov 28, 2016
Authored by Tulpa

Dup Scout Enterprise version 9.1.14 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 60ab738e6533598fb59995c92077a7c3
VX Search Enterprise 9.1.12 Buffer Overflow
Posted Nov 28, 2016
Authored by Tulpa

VX Search Enterprise version 9.1.12 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 3ea51412ddc3f221b25e6182852d5a69
Disk Pulse Enterprise 9.1.16 Buffer Overflow
Posted Nov 28, 2016
Authored by Tulpa

Disk Pulse Enterprise version 9.1.16 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 33e796078156a7d3b2b85c19d9843d06
Microsoft Windows Kernel NtSetWindowLongPtr Privilege Escalation
Posted Nov 28, 2016
Authored by Enrique Nissim

Microsoft Windows Kernel win32k.sys NtSetWindowLongPtr privilege escalation proof of concept exploit. Leverages the issue as noted in MS16-135.

tags | exploit, kernel, proof of concept
systems | windows
advisories | CVE-2016-7255
MD5 | 22e9d6e6eea9e3931c0a3320e5216f50
ChatNow 1.1 SQL Injection
Posted Nov 27, 2016
Authored by ZwX

ChatNow version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 44b4a03c5e15d476f57a5e4ff1239ffc
Core FTP LE 2.2 Build 1883 Buffer Overflow
Posted Nov 27, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Core FTP LE version 2.2 build 1883 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 1262bf63504b6b688c5785c9a24aa7ac
Page 1 of 11
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Zyklon Password Stealer Exploits Microsoft Vulnerabilities
Posted Jan 20, 2018

tags | headline, malware, microsoft, flaw, password
EFF, Look Out Uncover Dark Caracal Spy Group
Posted Jan 20, 2018

tags | headline, privacy, spyware
OnePlus Confirms Hack Exposed Credit Cards Of Phone Buyers
Posted Jan 20, 2018

tags | headline, hacker, privacy, phone, data loss
Congress Demanded NSA Spying Reform. Instead, They Let You Down
Posted Jan 20, 2018

tags | headline, government, privacy, usa, fraud, spyware, nsa
Lebanese Government Hackers Hit Thousands Of Victims With Incredibly Simple Campaign
Posted Jan 19, 2018

tags | headline, government, malware, fraud, cyberwar, phish
Dridex Banking Trojan Compromises FTP Sites In New Campaign
Posted Jan 19, 2018

tags | headline, malware, bank, trojan, cybercrime, fraud
Triton Exploited Zero-Day Flaw To Target Industrial Systems
Posted Jan 19, 2018

tags | headline, hacker, malware, cyberwar, scada
Apple Sued Over Being Susceptible To Meltdown / Spectre
Posted Jan 19, 2018

tags | headline, flaw, apple, intel
Intel Fix Causes Reboots And Slowdowns
Posted Jan 18, 2018

tags | headline, flaw, intel
Text Bomb Is Latest Apple Bug
Posted Jan 18, 2018

tags | headline, phone, denial of service, flaw, apple
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close