all things security
Showing 1 - 25 of 230 RSS Feed

Files

Packet Storm New Exploits For January, 2017
Posted Feb 1, 2017
Authored by Todd J. | Site packetstormsecurity.com

This archive contains 229 exploits that were added to Packet Storm in January, 2017.

tags | exploit
MD5 | 77208c271a53f9f4560bcf46374ded6c
Viscosity For Windows 1.6.7 Privilege Escalation
Posted Jan 31, 2017
Authored by Kacper Szurek

Viscosity for Windows version 1.6.7 suffers from a privilege escalation vulnerability. It is possible to execute openvpn with a custom dll as SYSTEM using ViscosityService because the path is not correctly validated.

tags | exploit
systems | windows
MD5 | 1efec6f3ea2f04fc83efd29c4e2ad149
Netgear Router Password Disclosure
Posted Jan 31, 2017
Authored by Simon Kenin | Site trustwave.com

Multiple Netgear routers suffers from remote and local password disclosure vulnerabilities.

tags | exploit, remote, local, vulnerability
advisories | CVE-2017-5521
MD5 | dde6807e42ef89f62b7461a8f2d32d98
Itech Multi Vendor Script 6.49 SQL Injection
Posted Jan 31, 2017
Authored by Kaan KAMIS

Itech Multi Vendor Script version 6.49 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0f898a8a5adab0f18ac612d87301bbcc
Netman 204 Backdoor / Password Reset
Posted Jan 31, 2017
Authored by Saeed reza Zamania, Simon Gurney

Netman 204 suffers from backdoor accounts and a password reset vulnerability. The backdoor accounts were already discovered in September of 2016 by Saeed reza Zamania.

tags | exploit
MD5 | 6dd8b61aacb6806116d51a034b9828e2
Itech News Portal Script 6.28 SQL Injection
Posted Jan 31, 2017
Authored by Kaan KAMIS

Itech News Portal Script version 6.28 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 83140b72ae392ec393a8d41052d94a71
PHP Product Designer Script Arbitrary File Upload
Posted Jan 31, 2017
Authored by Ihsan Sencan

PHP Product Designer Script suffers from a remote file upload vulnerability.

tags | exploit, remote, php, file upload
MD5 | 314e1f0de609938cd2d3e684927b5495
Hacking Printers Advisory 2
Posted Jan 31, 2017
Authored by Jens Mueller

This post is about accessing a printers file system through ordinary PostScript or PJL based print jobs -- since decades a documented feature of both languages. The attack can be performed by anyone who can print, for example through USB or network. It can even be carried out by a malicious website, using advanced cross site printing techniques in combination with a novel technique we call CORS spoofing.

tags | exploit, spoof
MD5 | 4cd24c1f328a44025060bf70ef6e1c9c
Hacking Printers Advisory 1
Posted Jan 31, 2017
Authored by Jens Mueller

This post is about manipulating and obtaining documents printed by other users, which can be accomplished by infecting the printer with PostScript malware.

tags | exploit
MD5 | 4edfeb39a5dcda64cabb6f3aa141b18f
PHP Logo Designer Script Arbitrary File Upload
Posted Jan 31, 2017
Authored by Ihsan Sencan

PHP Logo Designer Script suffers from a remote file upload vulnerability.

tags | exploit, remote, php, file upload
MD5 | 7964b8c6a72e282e33c0362351fbfdf4
Video Sharing Script 4.94 SQL Injection
Posted Jan 31, 2017
Authored by Kaan KAMIS

Video Sharing Script version 4.94 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a2d1ea4e7241b09e1f7d715599a9b241
OPSI Managed Client Remote Command Execution
Posted Jan 31, 2017
Authored by Simon Bieber

A remote attacker with knowledge of a single machine name and the corresponding OPSI machine key is able to execute arbitrary commands on any OPSI Managed client in the same managed environment by using the Remote Procedure Call (RPC) Interface of the OPSI-Server. The attacker is able to use the SYSTEM privileges of the OPSI Agent on any managed client computer and execute arbitrary commands leading to an elevation of privileges. Affected includes OPSI Server version 4.0.7.26 and OPSI ClientAgent version 4.0.7.10-1.

tags | exploit, remote, arbitrary
MD5 | ee9da89b67a08e7b4cc37b97b97a4235
TrueConf Server 4.3.7 Cross Site Scripting / Open Redirect / CSRF
Posted Jan 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

TrueConf Server versions 4.3.7.12255 and 4.3.7.12219 suffer from cross site request forgery, cross site scripting, and open redirection vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 650021b13de9273d4c1aecb1bcff7c05
Sophos Web Appliance 4.2.1.3 Remote Command Injection
Posted Jan 31, 2017
Authored by Russell Sanford

Sophos Web Appliance version 4.2.1.3 is vulnerable to two remote command injection vulnerabilities.

tags | exploit, remote, web, vulnerability
advisories | CVE-2016-9553
MD5 | 0ed4270775cf8b409facfb1c19a5737e
WordPress User Access Manager 1.2.6.7 Cross Site Scripting
Posted Jan 31, 2017
Authored by Securify B.V., Burak Kelebek

WordPress User Access Manager plugin version 1.2.6.7 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4c2f3e0a987349acc82a347d65a0653a
OpenSSL 1.1.0 Remote Client Denial Of Service
Posted Jan 31, 2017
Authored by Guido Vranken

OpenSSL version 1.1.0 remote client denial of service proof of concept exploit.

tags | exploit, remote, denial of service, proof of concept
advisories | CVE-2017-3730
MD5 | 69439210d66c14111fb007ce7ddefba6
Palo Alto Networks Terminal Services Agent 7.0.3-13 Integer Overflow
Posted Jan 31, 2017
Authored by Parvez Anwar

Palo Alto Networks Terminal Services Agent version 7.0.3-13 suffers from an integer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-5329
MD5 | 4ab7e5b82076e9a1399239d75c8dc697
Caregiver Script 2.57 SQL Injection
Posted Jan 31, 2017
Authored by Kaan KAMIS

Caregiver Script version 2.57 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f76702d85495bdc31127763eaf549f02
Auction Script 6.49 SQL Injection
Posted Jan 31, 2017
Authored by Kaan KAMIS

Auction Script version 6.49 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2f5ff0ef49f4610d485c3a1649da4bf7
Itech B2B Script 4.28 SQL Injection
Posted Jan 31, 2017
Authored by Kaan KAMIS

Itech B2B Script version 4.28 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ef4fbece18c7397a15458ffd42b02874
Itech Classifieds Script 7.27 SQL Injection
Posted Jan 31, 2017
Authored by Kaan KAMIS

Itech Classifieds Script version 7.27 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d82870a7fe4f40467b63a95e66d6de52
Itech Real Estate Script 3.12 SQL Injection
Posted Jan 30, 2017
Authored by Ihsan Sencan

Itech Real Estate Script version 3.12 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 793703689142d41dd8fbc883414030d6
HelpDeskZ SQL Injection / File Download
Posted Jan 30, 2017
Authored by Mariusz Popławski

HelpDeskZ versions prior to 1.0.2 suffer from SQL injection and file download vulnerabilities.

tags | exploit, vulnerability, sql injection
MD5 | 8b04218a158a642e2e6fcdfd90e11e99
Video Sharing Script 4.94 SQL Injection
Posted Jan 30, 2017
Authored by Ihsan Sencan

Video Sharing Script version 4.94 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 96fabaea27cf284277539c56188f8344
Itech Dating Script 3.26 SQL Injection
Posted Jan 30, 2017
Authored by Kaan KAMIS

Itech Dating Script version 3.26 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 339090d63ce33bad316c257206193524
Page 1 of 10
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
New Magniber Ransomware Targets South Korea, Asia Pacific
Posted Oct 21, 2017

tags | headline, malware, china, fraud, korea
Hackers Race To Use Flash Exploit Before Vulnerable Systems Are Patched
Posted Oct 21, 2017

tags | headline, hacker, malware, flaw, cyberwar, adobe
Bitcoin Boom Prompts Growth Of Coin-Mining Malware
Posted Oct 21, 2017

tags | headline, malware, bank, fraud
How To Social Engineer Yourself Into High Security Facilities
Posted Oct 21, 2017

tags | headline, fraud, social
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close