what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 139 RSS Feed

Files

Packet Storm New Exploits For 2016
Posted Jan 2, 2017
Authored by Todd J. | Site packetstormsecurity.com

Complete comprehensive archive of all 2,465 exploits added to Packet Storm in 2016.

tags | exploit
SHA-256 | 4a1add3c48eda74eaf39e36b3a6290fde888c8a08fcd48999b625080605b237a
Packet Storm New Exploits For December, 2016
Posted Jan 2, 2017
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 137 exploits added to Packet Storm in December, 2016.

tags | exploit
SHA-256 | d3a179c88720d9f22cc3bcc67772715e15175710ac958d5dee24539190145857
AContent CMS 1.3 Cross Site Scripting
Posted Dec 31, 2016
Authored by M.R.S.L.Y

AContent CMS version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8fd4012ef73824f6b27dd49f03c21c000e83eca919e32dc0da30862ce508c844
Dell SonicWALL Secure Mobile Access SMA 8.1 CSRF / XSS
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL Secure Mobile Access SMA version 8.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 9c6e1e62011dc14636b4f5849d5f84a87d42f3acec586620f4296ac473fb6a89
Dell SonicWALL Network Security Appliance NSA 6600 XSS
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL Network Security Appliance NSA 6600 suffers from a reflective cross site scripting vulnerability. Versions affected include NSA 6600 running SonicOS Enhanced 6.2.4.3-31n, WXA 4000 running 1.3.2.0-07, and SafeMode 6.1.0.11.

tags | exploit, xss
SHA-256 | 7acfa2c554a74790d4f42eb76bd861d05da2b1676d2dbb778bd9718473d384d5
Dell SonicWALL Global Management System GMS 8.1 Adobe Flex SOP Bypass
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL GMS versions 8.1 and below are compiled with a vulnerable version of Adobe Flex SDK allowing for same-origin request forgery and cross-site content hijacking.

tags | exploit
SHA-256 | 8f794ee7fc9e35a42edc8e64fbf6ee9b23bb21bc417c3048b02542052351a465
Dell SonicWALL Global Management System GMS 8.1 Cross Site Scripting
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL Global Management System GMS version 8.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 4ff507814e6b70172b5af043ac9e0187e3cde0d9d9dc599e3faaaaadbb3a2be8
Dell SonicWALL Global Management System GMS 8.1 Blind SQL Injection
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL Global Management System GMS version 8.1 suffers from multiple blind SQL Injection vulnerabilities.

tags | exploit, vulnerability, sql injection
SHA-256 | ed39afdb0140eefc12c029710bd973c6e28062ce928ce54e618a3047f92fce43
WordPress Templatic 2.3.6 File Upload
Posted Dec 30, 2016
Authored by r3m1ck

WordPress Templatic plugin versions 2.3.6 and below suffer from a remote file upload vulnerability.

tags | exploit, remote, file upload
SHA-256 | fff3adededad0edcf403d8a8ae2510616b9205fa30fb3b7430db7969991f8258
SwiftMailer Remote Code Execution
Posted Dec 29, 2016
Authored by Dawid Golunski

SwiftMailer versions prior to 5.4.5-DEV suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2016-10074
SHA-256 | 6c8d495f3e13599fefac246580f75812ee61962841c2cff7e333f604d3caee57
Joomla aWeb Cart Watching System For Virtuemart 2.6.0 SQL Injection
Posted Dec 29, 2016
Authored by Javi Espejo

Joomla aWeb Cart Watching System for Virtuemart component version 2.6.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7e01460777d0c5fa47b60fb42392b753f3aa3c93727eef86010d979434caf030
PHPMailer Remote Code Execution
Posted Dec 29, 2016
Authored by anarc0der

PHPMailer versions prior to 5.2.18 remote code execution exploit. Written in python.

tags | exploit, remote, code execution, python
advisories | CVE-2016-10033
SHA-256 | 0c56ae7013e3bf2befd1a423d12185599a480137baf9d7604084810574ff6517
WordPress Simply Poll 1.4.1 SQL Injection
Posted Dec 28, 2016
Authored by TAD GROUP

WordPress Simply Poll plugin version 1.4.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ef47966e67d7cfe37bcac64037fb9770922a3340d0c34e06bc26a88367e9820b
PHPMailer Remote Code Execution
Posted Dec 28, 2016
Authored by Dawid Golunski

PHPMailer versions prior to 5.2.20 zero day remote code execution exploit. This bypasses the CVE-2016-10033 patch.

tags | exploit, remote, code execution
advisories | CVE-2016-10033, CVE-2016-10045
SHA-256 | 773582183b0cfc6f38ae24f52f7dfb831cd2f3410287245bc6daea84d4d8db83
Popcorn Time 5.6 DLL Hijacking
Posted Dec 28, 2016
Authored by ZwX

Popcorn Time version 5.6 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 883530884f216f6c68ef7fc7eb9ed28a2843523eb359a4b11af300a6969b344a
WordPress Image Slider 1.1.41 / 1.1.89 Arbitrary File Deletion
Posted Dec 27, 2016
Authored by Tom Adams

WordPress Image Slider plugin versions 1.1.41 and 1.1.89 suffer from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
SHA-256 | d26c0835b8209ca0f2b538837df8ceca4fa3b26c17c033bd4da15d6d4bce5a72
PHPMailer 5.2.17 Remote Code Execution
Posted Dec 27, 2016
Authored by Dawid Golunski

PHPMailer versions prior to 5.2.18 suffer from a remote code execution vulnerability. This archive consists of the full advisory and also the proof of concept code.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2016-10033
SHA-256 | dff0fa27b99b22d59b30f33bda4811c6f57a5db1cf1cab549e564bd62faa8e9c
PHPMailer 5.2.17 Remote Code Execution
Posted Dec 26, 2016
Authored by Dawid Golunski

PHPMailer version 5.2.17 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2016-10033
SHA-256 | 71254449b5468229de9f3d24cd3659f8ff035410115b6cf7f950f99bf518712f
Wampserver 3.0.6 Privilege Escalation
Posted Dec 26, 2016
Authored by Heliand Dema

Wampserver version 3.0.6 suffers from an insecure file permissions privilege escalation vulnerability.

tags | exploit
SHA-256 | c7e89a27153abc7ebb3140264dc5c61b0e999733bfa04f0a88ce1e56a56b9a1d
Joomla! Blog Calendar SQL Injection
Posted Dec 26, 2016
Authored by X-Cisadane

Joomla! Blog Calendar versions prior to 1.2.5 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d43ceeb3d57b6a55f47e13a781d0487e123a0c2f103c3250a2c4763f565546fd
Android get_user/put_user Exploit
Posted Dec 26, 2016
Authored by timwr, fi01, cubeundcube | Site metasploit.com

This Metasploit module exploits a missing check in the get_user and put_user API functions in the linux kernel before 3.5.5. The missing checks on these functions allow an unprivileged user to read and write kernel memory. This exploit first reads the kernel memory to identify the commit_creds and ptmx_fops address, then uses the write primitive to execute shellcode as uid 0. The exploit was first discovered in the wild in the vroot rooting application.

tags | exploit, kernel, root, shellcode
systems | linux
advisories | CVE-2013-6282
SHA-256 | eac5456bcf0ec583938479375c419cbd5715505092e66d61115ffa99e92b6015
FTPShell Server 6.36 Denial Of Service
Posted Dec 26, 2016
Authored by sultan albalawi

FTPShell Server version 6.36 .csv local denial of service vulnerability.

tags | exploit, denial of service, local
SHA-256 | fbbda7e4c4d04826dd8369a377f258809c43b80bd437062af6390d7e8c6ed30d
XAMPP Control Panel Denial Of Service
Posted Dec 24, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

XAMPP Control Panel suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | f05b21834528a55bfaf91568b2e88205225e6f5c80809bcdd2ebf4368df72f26
Apache mod_session_crypt 2.5 Padding Oracle
Posted Dec 23, 2016
Site redteam-pentesting.de

Apache mod_session_crypto versions 2.3 through 2.5 suffer form a padding oracle vulnerability.

tags | exploit
advisories | CVE-2016-0736
SHA-256 | 390f7fdc6969dd238103bdc9a74a406df47dd249a11cddc2a73743e36e51e549
ASP.NET Core 5-RC1 HTTP Header Injection
Posted Dec 23, 2016
Authored by Reto Schadler

ASP.NET Core version 5.-RC1 suffers from an HTTP header injection vulnerability.

tags | exploit, web, asp
SHA-256 | 1d6c349a4c1cbeebdb441bb9d71d28155836dfc3262d25c0f5027232b302026b
Page 1 of 6
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Sam Bankman-Fried's Sentencing Hearing Over FTX Fraud Begins Today
Posted Mar 28, 2024

tags | headline, fraud, cryptography
Sellafield To Be Prosecuted For IT Security Offenses
Posted Mar 28, 2024

tags | headline, government, britain, flaw
These 17,000 Microsoft Exchange Servers Are A Ticking Time Bomb
Posted Mar 28, 2024

tags | headline, microsoft, email, flaw
Analyse, Hunt, And Classify Malware Using .NET Metadata
Posted Mar 27, 2024

tags | headline, hacker, malware, microsoft
VPN Apps On Google Play Turn Android Devices Into Proxies
Posted Mar 27, 2024

tags | headline, privacy, phone, flaw, google
Fortinet FortiClient EMS SQL Injection Flaw Exploited In The Wild
Posted Mar 27, 2024

tags | headline, hacker, flaw
Google Reveals 0-Day Exploits In Enterprise Tech Surged 64% Last Year
Posted Mar 27, 2024

tags | headline, flaw, google, zero day
Ray AI Framework Vulnerability Exploited To Hack Hundreds Of Clusters
Posted Mar 27, 2024

tags | headline, hacker, flaw
Justice Dept Indicts 7 Accused In 14 Year Long Hack Campaign By Chinese Government
Posted Mar 26, 2024

tags | headline, hacker, government, usa, china, cyberwar, spyware, backdoor
Ransomware Can Mean Life Or Death At Hospital, But DEF CON Hackers Have A Plan
Posted Mar 26, 2024

tags | headline, hacker, malware, conference, cryptography
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close