exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 259 RSS Feed

Files

WordPress Connection Information Cross Site Request Forgery
Posted Apr 20, 2017
Authored by Yorick Koster, Securify B.V.

The FTP/SSH form functionality of WordPress was found to be vulnerable to cross site request forgery. WordPress versions 4.5.3 through 4.7.4 are affected.

tags | exploit, csrf
SHA-256 | b97c1f2af9252a37cfcaefbd0f9425ff1c4e40ba1332f9a406279cdaac8df4db
Safari Browser Memory Corruption
Posted Apr 20, 2017
Authored by Google Security Research, natashenka

Safari suffers from an out-of-bounds memcpy in Array.concat that can lead to memory corruption.

tags | exploit
advisories | CVE-2017-2464
SHA-256 | 6db1ba6357b6b2691d74c0fe51123d940627a490bc8ab5b483b0f2bce87edc4d
Oracle PeopleSoft ToolsRelease / ToolsReleaseDB / HCM SSRF
Posted Apr 20, 2017
Authored by Roman Shalymov

Oracle PeopleSoft ToolsRelease version 8.55.03, ToolsReleaseDB version 8.55, and HCM version 9.2 suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2017-3546
SHA-256 | 81aa80e8e24be6f11845f3fa0201b4cd2ffe96706536ef956f09b8e1e3273132
Oracle E-Business Suite 12.2.3 SQL Injection
Posted Apr 20, 2017
Authored by Dmitry Chastuhin

Oracle E-Business Suite version 12.2.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-3549
SHA-256 | fdf11a3dbf17bfa298933d15dd12fc9860d85cbb06c02b150b5ba4663131b3fa
Oracle PeopleSoft HCM 9.2 XXE Injection
Posted Apr 20, 2017
Authored by Nadya Krivdyuk

Oracle PeopleSoft HCM version 9.2 on PeopleTools version 8.55 suffers from an XML external entity injection vulnerability.

tags | exploit, xxe
advisories | CVE-2017-3548
SHA-256 | 6363b44c5b3ced6660487c0a4fe15d05600db5204a0187bd979e6984d878d6d5
Microsoft Windows IFEO Winlogin SYSTEM Backdooring Exploit
Posted Apr 20, 2017
Authored by Todor Donev

Microsoft Windows IFEO Winlogin SYSTEM backdooring exploit.

tags | exploit
systems | windows
SHA-256 | 1fc463280ed7deb7ca3c298d64a41c7d6fa69fba4c36a4d6a020e8902bc1b58f
October CMS 1.0.412 Code Execution / Shell Upload
Posted Apr 20, 2017
Authored by Anti Rais

October CMS version 1.0.412 suffers from access bypass, cross site scripting, code execution, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, code execution, xss
SHA-256 | f133ae1a00c61dc5828a8d5a4a01eaa1cff8d008fd292fc06836a939242285de
VirtualBox 5.0.32 Windows Process COM Injection Privilege Escalation
Posted Apr 20, 2017
Authored by Google Security Research, forshaw

The process hardening implemented by the VirtualBox driver can be circumvented to load arbitrary code inside a VirtualBox process giving access to the VBoxDrv driver which can allow routes to elevation of privilege from a normal user. Version 5.0.32 is affected.

tags | exploit, arbitrary
advisories | CVE-2017-3563
SHA-256 | 354c5c8d7eae3710b64e963597225ed3690fa9c1db8f9c46391d756eae87a99d
Trend Micro Threat Discovery Appliance 2.6.1062r1 Session Generation Authentication Bypass
Posted Apr 20, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a session generation authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2016-8584
SHA-256 | f3d0c6f0cf0554ddc299fbc8d195e141b856a55387d41d3608fe3e2b833dc7a6
Trend Micro Threat Discovery Appliance 2.6.1062r1 dlp_policy_upload.cgi Information Disclosure
Posted Apr 20, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a dlp_policy_upload.cgi information disclosure vulnerability.

tags | exploit, cgi, info disclosure
advisories | CVE-2016-7547
SHA-256 | 2b95ab05b45548336e8b0ff756872ed3b5e7c96533959277415f4b7a3ac66de3
Trend Micro Threat Discovery Appliance 2.6.1062r1 logoff.cgi Directory Traversal
Posted Apr 20, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a logoff.cgi directory traversal authentication bypass vulnerability.

tags | exploit, cgi, bypass, file inclusion
advisories | CVE-2016-7552
SHA-256 | 2d89facad03b2aadfc7a64dbc4b3ae3e700fb5257315bc07a0d5dac0b54f2211
Trend Micro Threat Discovery Appliance 2.6.1062r1 admin_sys_time.cgi Remote Code Execution
Posted Apr 20, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from an admin_sys_time.cgi remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
advisories | CVE-2016-8585
SHA-256 | 831459424e49dfb11a51e3fc6d29ef5bb3f90982635cee4c7c276df9a15321c3
Trend Micro Threat Discovery Appliance 2.6.1062r1 admin_sys_time.cgi Remote Code Execution
Posted Apr 20, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a admin_sys_time.cgi remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
advisories | CVE-2016-8585
SHA-256 | 02dd6778183ba369304416f10ca5430a4f57946435559276f6499b1f6ba9bc19
Trend Micro Threat Discovery Appliance 2.6.1062r1 detected_potential_files.cgi Remote Code Execution
Posted Apr 20, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a detected_potential_files.cgi remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
advisories | CVE-2016-8586
SHA-256 | af18e899701b6b216c1194a67c18ea309e695c0a68e877ab7bcce01d4ace48be
Trend Micro Threat Discovery Appliance 2.6.1062r1 dlp_policy_upload.cgi Remote Code Execution
Posted Apr 20, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a dlp_policy_upload.cgi remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
advisories | CVE-2016-8587
SHA-256 | 31f371707b0de38f8698c711e7a95e5c8a9212e4a92c83d9717a9243315dde36
Trend Micro Threat Discovery Appliance 2.6.1062r1 hotfix_upload.cgi Remote Code Execution
Posted Apr 20, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a hotfix_upload.cgi remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
advisories | CVE-2016-8588
SHA-256 | edee6760c7f2c9ebf89f541fa00a52bf885df3f8a7630f79abf5b032785960a4
Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query_dae.cgi Remote Code Execution
Posted Apr 20, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a log_query_dae.cgi remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
advisories | CVE-2016-8589
SHA-256 | a9196290400935ef3b6319c48e7689aa9a949b9efd2be8e9d8861ef419b6e001
Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query_dlp.cgi Remote Code Execution
Posted Apr 20, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a log_query_dlp.cgi remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
advisories | CVE-2016-8590
SHA-256 | bbbed1b3bf17f683837d3fecae8f6085dee8a26a7ae1148d404cc746cff6632b
Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query.cgi Remote Code Execution
Posted Apr 20, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a log_query.cgi remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
advisories | CVE-2016-8591
SHA-256 | 5cb3107445be9dd17d7844b1475bdac38b6b7f828e25697fa092549f47228aa5
Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query_system.cgi Remote Code Execution
Posted Apr 20, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a log_query_system.cgi remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
advisories | CVE-2016-8592
SHA-256 | e465300a0c016f04a03e4baea8fb3f12dea6565a5f3c380f365cb72843951a4e
Trend Micro Threat Discovery Appliance 2.6.1062r1 upload.cgi Remote Code Execution
Posted Apr 19, 2017
Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from an upload.cgi remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
advisories | CVE-2016-8593
SHA-256 | ad7e67926b83c12120e3c277cb7491ca34beb0d29e83be6e3165d8265314ea5b
WordPress Ultimate Form Builder Cross Site Scripting
Posted Apr 19, 2017
Authored by DefenseCode, Neven Biruski

WordPress Ultimate Form Builder plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 30c734953a6cfd9df5dcae72d534c2b88c1405d19bf866e0a857c0cb8bc6351b
OpenText Documentum Content Server Privilege Evaluation
Posted Apr 19, 2017
Authored by Andrey B. Panfilov

OpenText Documentum Content Server suffers from a privilege evaluation issue using crafted RPC save commands. Two proof of concepts included.

tags | exploit, proof of concept
advisories | CVE-2017-7220
SHA-256 | 580ee53cae3ceeb71bd5061ead172f398e5ed685fc4484fea0430f1ba5208097
Squirrelmail 1.4.22 Remote Code Execution
Posted Apr 19, 2017
Authored by Filippo Cavallarin

Squirrelmail versions 1.4.22 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-7692
SHA-256 | 4b0dc2d246cc3a9756582983ff8531774c490e3ea2b7ddb569f8e43f1a06c2dc
Dmitry 1.3a Local Stack Buffer Overflow
Posted Apr 19, 2017
Authored by Hosein Askari

Dmitry (Deepmagic Information Gathering Tool) version 1.3a suffers from a local stack buffer overflow vulnerability.

tags | exploit, overflow, local
advisories | CVE-2017-7938
SHA-256 | 014a2fe2f2202855bfad57c085ec71bcb8a2fd0c4311035acad667319a851c16
Page 3 of 11
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close