what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 286 RSS Feed

Files

Joomla Anief 1.5 SQL Injection
Posted Feb 19, 2017
Authored by Song-Dl Team

Joomla Anief component version 1.5 suffers from a remote SQL injection vulnerability .

tags | exploit, remote, sql injection
SHA-256 | 96b983b9fbbb86ded1ce1015e815a5803195e844ac879039e82fec9982b19c59
Adobe Flash MP4 AMF Parsing Overflow
Posted Feb 18, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from an overflow vulnerability during MP4 AMF parsing.

tags | exploit, overflow
advisories | CVE-2017-2992
SHA-256 | 975f33074a57e3cfc572b9cf9519a6d3855366d379e71d3cc22b0b38ac580121
Adobe Flash SWF Stack Corruption
Posted Feb 18, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from a stack corruption vulnerability using a fuzzed SWF file.

tags | exploit
advisories | CVE-2017-2988
SHA-256 | 861f5baa072230b7939cd1b63451ce6753e5bfa28f6b0c8f8760db23344f9efd
Adobe Flash YUVPlane Decoding Heap Overflow
Posted Feb 18, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from a heap overflow vulnerability during YUVPLane decoding.

tags | exploit, overflow
advisories | CVE-2017-2986
SHA-256 | 2bf4e6c3b7be108e8fdfd8baf1d8546149c39e64a4f46c8b3fe36fb7fd6bca33
Adobe Flash Bitmapfilter Use-After-Free
Posted Feb 18, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from a use-after-free vulnerability in applying bitmapfilter.

tags | exploit
advisories | CVE-2017-2985
SHA-256 | c3983405af4d8f611ecd50aa0083c83ab68a09eb670364bcd670de0a0063bf60
Google Chrome Download Filetype Blacklist Bypass
Posted Feb 18, 2017
Authored by Jann Horn, Google Security Research

Google Chrome suffers from a bypass vulnerability in the download filetype blacklist functionality. Versions 54.0.2840.100 stable is affected.

tags | exploit, bypass
SHA-256 | f412918e9a8a97d1bea8165805a9f03c35f0a54bd19258721264d95feb3b814a
GDI GDI32!ConvertDxArray Insufficient Bounds Check
Posted Feb 18, 2017
Authored by Google Security Research, scvitti

GDI suffers from an insufficient bounds check on GDI32!ConvertDxArray.

tags | exploit
SHA-256 | d103fb33865c638c44eb1d2b9664aed2de06df107938c288a09492550c9a4a38
Microsoft Office Powerpoint 2010 MSO/OART Heap Out-Of-Bounds Access
Posted Feb 18, 2017
Authored by Google Security Research, scvitti

Microsoft Office 2010 running under Windows 7 x86 with Application Verifier enabled suffers from a heap out-of-bounds access issue that leads to a memory corruption condition.

tags | exploit, x86
systems | windows
SHA-256 | 83ef05a42ff7b08997720ddd16937c7105800b18b0a6bf34e392b72b87e72108
Microsoft Office 2010 MSO!Ordinal5429 Heap Corruption
Posted Feb 18, 2017
Authored by Google Security Research, scvitti

Microsoft Office 2010 running under Windows 7 x86 with Application Verifier enabled suffers from a heap corruption issue due to a missing length check.

tags | exploit, x86
systems | windows
SHA-256 | 88da86d02c741d0ff8968f5f0017c278198fca482725e6f5dbb4c524808f6d49
Elefant CMS 1.3.12-RC Code Execution
Posted Feb 18, 2017
Authored by Tim Coen | Site curesec.com

Elefant CMS version 1.3.12-RC suffers from remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution
SHA-256 | 93ab7cd15114ad9062d18ca8df2fcf662b1919081dc6bdb9660574d8243dfb8a
Plone 5.0.5 Cross Site Scripting
Posted Feb 18, 2017
Authored by Tim Coen | Site curesec.com

Plone version 5.0.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2016-7147
SHA-256 | f23f365ad7be4890c9801cbb5c09c3060407d0b8d444fc6d52637f10df958c28
Microsoft SQL Server Clr Stored Procedure Payload Execution
Posted Feb 18, 2017
Authored by OJ Reeves, Lee Christensen, Nathan Kirk | Site metasploit.com

This Metasploit module executes an arbitrary native payload on a Microsoft SQL server by loading a custom SQL CLR Assembly into the target SQL installation, and calling it directly with a base64-encoded payload. The module requires working credentials in order to connect directly to the MSSQL Server. This method requires the user to have sufficient privileges to install a custom SQL CRL DLL, and invoke the custom stored procedure that comes with it. This exploit does not leave any binaries on disk. Tested on MS SQL Server versions: 2005, 2012, 2016 (all x64).

tags | exploit, arbitrary
SHA-256 | fe2d879dbdd0c10aa7ac5b9f21f78eea25748d38856209e0eae44eec747be7d8
Elefant CMS 1.3.12-RC Cross Site Request Forgery
Posted Feb 17, 2017
Authored by Tim Coen | Site curesec.com

Elefant CMS version 1.3.12-RC suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | de7243db48cddd6c808e1a9eacb1044d56649c1f9f4181acc839a3c6a756964e
Simplessus Files 3.7.7 Path Traversal
Posted Feb 17, 2017
Authored by Dr. Adrian Vollmer | Site syss.de

Simplessus Files version 3.7.7 suffers from a path traversal vulnerability.

tags | exploit
SHA-256 | ca93aac35bd3715340c6f154e617f228396816f0d6c00017e81d884b06b9a427
Elefant CMS 1.3.12-RC Cross Site Scripting
Posted Feb 17, 2017
Authored by Tim Coen | Site curesec.com

Elefant CMS version 1.3.12-RC suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | cb68cea61a5731c1d2926a6f64a75543d5ed4edbf03a18f9eac70ef5da6d6f47
Simplessus Files 3.7.7 SQL Injection
Posted Feb 17, 2017
Authored by Dr. Adrian Vollmer | Site syss.de

Simplessus Files version 3.7.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d79a21938fcd88041127624fd9f5ba1912160c33c332652fb5b2dbfdb36b14b2
WordPress Corner Ad 1.0.7 Cross Site Scripting
Posted Feb 17, 2017
Authored by Atik Rahman

WordPress Corner Ad plugin version 1.0.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 79ca2e10f1247f6b9413b75406fbef2e991f2c4a573ac859680ce9e6ea04f3cd
Joomla Team Display 1.2.1 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla Team Display component version 1.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 14e70b0fa794bf6bbc0d06320635c01f6ad5379041bf578fef7fad22c82f7780
Joomla Spider Calendar Lite 3.2.16 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla Spider Calendar Lite component version 3.2.16 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5782b92df61aa2dc060e9f5c3d34108a2b5de2aca18cb5f23d808cf4bf210ea1
Joomla Groovy Gallery 1.0.0 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla Groovy Gallery component version 1.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2cd4d05cbe2fc0df8ebfd27f3e7c957eb5d2ac7ab07b16a16c5814c67891b79e
Joomla WMT Content Timeline 1.0 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla WMT Content Timeline component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | de7c77f4f9524697a4ce40a3724a7d5156643c454237f9228e2fde7ac0103177
Xshell5 5.0 Build 1124 DLL Hijacking
Posted Feb 17, 2017
Authored by Nassim Asrir

Xshell5 version 5.0 build 1124 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | adc9cfccf64d4a92b0becac91603ad2491206bbe65dbe08df6868b17d64fd5f9
JBoss 4.0.2 Cross Site Scripting
Posted Feb 17, 2017
Authored by justpentest

JBoss version 4.0.2 suffers from a cross site scripting vulnerability in the jmx-console HtmlAdaptor DatabasePersistencePlugin parameter.

tags | exploit, xss
SHA-256 | d1534f71c95d9024c0e3a23e0024991e7d74c1479be8ff0756971996865d685a
Geutebruck testaction.cgi Remote Command Execution
Posted Feb 17, 2017
Authored by Davy Douhine, Frederic Cikala, Florent Montel | Site metasploit.com

This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/testaction.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware <= 1.11.0.12 are concerned. Tested on 5.02024 G-Cam/EFD-2250 running 1.11.0.12 firmware.

tags | exploit, arbitrary, cgi, root
advisories | CVE-2017-5173, CVE-2017-5174
SHA-256 | 1a871ca3aa7b2e6e423f8d9e8cda9e0aa977c1488a8441163c46f083da5f5f3c
OpenText Documentum Content Server 7.3 SQL Injection
Posted Feb 16, 2017
Authored by Andrey B. Panfilov

OpenText Documentum Content Server version 7.3 suffers from a remote SQL injection vulnerability due to a previously announced fix being incomplete.

tags | exploit, remote, sql injection
advisories | CVE-2014-2520, CVE-2017-5585
SHA-256 | ace149b822a50c7993d6f686c8031fafa0ff63437d3e979c07952eb853919ff7
Page 5 of 12
Back34567Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Sam Bankman-Fried's Sentencing Hearing Over FTX Fraud Begins Today
Posted Mar 28, 2024

tags | headline, fraud, cryptography
Sellafield To Be Prosecuted For IT Security Offenses
Posted Mar 28, 2024

tags | headline, government, britain, flaw
These 17,000 Microsoft Exchange Servers Are A Ticking Time Bomb
Posted Mar 28, 2024

tags | headline, microsoft, email, flaw
Analyse, Hunt, And Classify Malware Using .NET Metadata
Posted Mar 27, 2024

tags | headline, hacker, malware, microsoft
VPN Apps On Google Play Turn Android Devices Into Proxies
Posted Mar 27, 2024

tags | headline, privacy, phone, flaw, google
Fortinet FortiClient EMS SQL Injection Flaw Exploited In The Wild
Posted Mar 27, 2024

tags | headline, hacker, flaw
Google Reveals 0-Day Exploits In Enterprise Tech Surged 64% Last Year
Posted Mar 27, 2024

tags | headline, flaw, google, zero day
Ray AI Framework Vulnerability Exploited To Hack Hundreds Of Clusters
Posted Mar 27, 2024

tags | headline, hacker, flaw
Justice Dept Indicts 7 Accused In 14 Year Long Hack Campaign By Chinese Government
Posted Mar 26, 2024

tags | headline, hacker, government, usa, china, cyberwar, spyware, backdoor
Ransomware Can Mean Life Or Death At Hospital, But DEF CON Hackers Have A Plan
Posted Mar 26, 2024

tags | headline, hacker, malware, conference, cryptography
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close