Exploit the possiblities
Showing 1 - 25 of 194 RSS Feed

Files

Packet Storm New Exploits For May, 2017
Posted May 31, 2017
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 193 exploits added to Packet Storm in May, 2017.

tags | exploit
MD5 | 77068dced32a31098f24dfb6539c1ead
Piwigo Facetag 0.0.3 SQL Injection
Posted May 31, 2017
Authored by Touhid M.Shaikh

Piwigo Facetag plugin version 0.0.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 265f571ac1465bf00b85cfdccc57cffc
OV3 Online Administration 3.0 SQL Injection
Posted May 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

OV3 Online Administration version 3.0 suffers from multiple unauthenticated remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | b45182a216390d5400da665f979cc9ad
OV3 Online Administration 3.0 Authenticated Code Execution
Posted May 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

OV3 Online Administration version 3.0 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 4836439cfaece2fea647cf5c5b5bc314
OV3 Online Administration 3.0 Parameter Traversal Arbitrary File Access
Posted May 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

OV3 Online Administration version 3.0 suffers from a traversal vulnerability that allows for arbitrary file access.

tags | exploit, arbitrary
MD5 | d59ba0c9c85323843417e3b44d2fa62b
WordPress Simple Slideshow Manager 2.2 Cross Site Scripting
Posted May 31, 2017
Authored by DefenseCode, Neven Biruski

WordPress Simple Slideshow Manager plugin versions 2.2 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 6cafb010fb20043a5898706c8f032a6d
ModX CMS Proof Of Concept Shell Upload
Posted May 31, 2017
Authored by Cody Sixteen

This proof of concept code shows how manager functionality can be abused in ModX CMS to upload a shell.

tags | exploit, shell, proof of concept
MD5 | 4a9e82ae99c6a9dbf9554d110145a1a4
KEMP LoadMaster 7.135.0.13245 XSS / Code Execution
Posted May 31, 2017
Site securiteam.com

KEMP LoadMaster version 7.135.0.13245 suffers from persistent cross site scripting and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss
MD5 | 05f5ea97f61f9b6d72385ba9076f9126
IBM Informix Dynamic Server DLL Injection / Code Execution
Posted May 31, 2017
Site securiteam.com

IBM Informix Dynamic Server suffers from dll injection, PHP code injection, and heap buffer overflow vulnerabilities.

tags | exploit, overflow, php, vulnerability
advisories | CVE-2016-2183, CVE-2017-1092
MD5 | acf1047cf6ec465e6ff49df652940fd6
Trend Micro Deep Security 6.5 XXE / Code Execution
Posted May 31, 2017
Site securiteam.com

Trend Micro Deep Security version 6.5 suffers from XML external entity injection, local privilege escalation, and remote code execution vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution
MD5 | 14d6ad8c29d1b68a5710f229a32f0da6
Microsoft MsMpEng Saved Callers Use-After-Free
Posted May 31, 2017
Authored by Google Security Research, lokihardt

Microsoft Windows MsMpEng suffers from a saved caller use-after-free vulnerability.

tags | exploit
systems | windows
advisories | CVE-2017-8541
MD5 | 05faef0a20f3572f0904838b08cace5c
TerraMaster F2-420 NAS TOS 3.0.30 Code Execution
Posted May 31, 2017
Authored by Simone Margaritelli

TerraMaster F2-420 NAS TOS version 3.0.30 suffers from an unauthenticated remote root code execution vulnerability.

tags | exploit, remote, root, code execution
MD5 | 2719a3913cd96f69928a95ca4f994342
Microsoft MsMpEng GC Engine Use-After-Free
Posted May 31, 2017
Authored by Google Security Research, ianbeer

Microsoft Windows MsMpEng suffers from a remotely exploitable use-after-free vulnerability due to a design issue in the GC engine.

tags | exploit
systems | windows
advisories | CVE-2017-8540
MD5 | b3d45bc0bcfc72ee99f5a1e8c697ddc5
uc-httpd Local File Inclusion / Traversal
Posted May 31, 2017
Authored by keksec

uc-httpd suffers from local file inclusion and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
MD5 | 1ea3e2779de86530c91d5d4ec0c8c541
Intel SSD Toolbox 3.4.3 DLL Hijacking
Posted May 31, 2017
Authored by Stefan Kanthak

Intel SSD Toolbox version 3.4.3 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | cfd10a2e92d00e760fa07674700e0a87
TiEmu 2.08 Buffer Overflow
Posted May 30, 2017
Authored by Juan Sacco

TiEmu versions 2.08 and below suffer from a stack-based buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 9908056248904c47270eb4b99180cdc0
Ampache 3.8.2 Cross Site Scripting
Posted May 29, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Ampache version 3.8.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b6b93c3f9643a0cf897ff98afca7bb99
CERIO 11nbg 2.4Ghz High Power Wireless Router (pekcmd) Rootshell Backdoors
Posted May 29, 2017
Authored by LiquidWorm | Site zeroscience.mk

CERIO 11nbg 2.4Ghz high power wireless router (pekcmd) has multiple backdoor accounts that yield rootshells.

tags | exploit
MD5 | 624f0bc5afb62a9c9c86abe9e5434ea1
RealPlayer 18.1.7.344 Memory Corruption
Posted May 29, 2017
Authored by Cody Sixteen

RealPlayer version 18.1.7.344 suffers from memory corruption vulnerabilities.

tags | exploit, vulnerability
MD5 | 016abfd3fbb9683bb3cb4c4d5b774f1e
Joomla 3.x Proof Of Concept Shell Upload
Posted May 28, 2017
Authored by Cody Sixteen

This proof of concept code shows how administrator functionality can be abused in Joomla to upload a shell.

tags | exploit, shell, proof of concept, file upload
MD5 | 5342f1f41088abee2af959b87cbce235
Microsoft Azure Recovery Services Agent DLL Hijacking
Posted May 28, 2017
Authored by Stefan Kanthak

MARSAgentInstaller.exe, the Microsoft Azure Recovery Services Agent, suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 37834c3390d4392e132c3984f6c15039
DokuWiki Proof Of Concept Shell Upload
Posted May 28, 2017
Authored by Cody Sixteen

This proof of concept code shows how administrative functionality can be abused in DokuWiki to upload a shell.

tags | exploit, shell, proof of concept
MD5 | 729d40f68a98bc4c5c3dc2afec215396
Concrete5 Proof Of Concept Shell Upload
Posted May 28, 2017
Authored by Cody Sixteen

This proof of concept code shows how functionality can be abused in Concrete5 to upload a shell.

tags | exploit, shell, proof of concept
MD5 | 9745e0705ed0168941e97981a8f2ab5b
Home FTP Server 1.14.0 Build 176 Directory Traversal
Posted May 28, 2017
Authored by sultan albalawi

Home FTP Server version 1.14.0 build 176 suffers from a directory traversal vulnerability.

tags | exploit
MD5 | 0dc7e3298398ef1f1d29f6f3a881a371
Octopus Deploy Authenticated Code Execution
Posted May 27, 2017
Authored by James Otten | Site metasploit.com

This Metasploit module can be used to execute a payload on an Octopus Deploy server given valid credentials or an API key. The payload is executed as a powershell script step on the Octopus Deploy server during a deployment.

tags | exploit
MD5 | 2a4e59caa159274fd0b883d7f9d36f67
Page 1 of 8
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close