Showing 1 - 25 of 149

Files

Packet Storm New Exploits For March, 2018: Posted Apr 2, 2018; Authored by Todd J. | Site packetstormsecurity.com; This archive contains all of the 149 exploits added to Packet Storm in March, 2018.; tags | exploit; SHA-256 | 71771db4bbf6cafbfb21fb4a9ecf8f271a0382abab4130979bb2a238430a3c2c; Download | Favorite | View

VideoFlow Digital Video Protection DVP 10 Authenticated Root Remote Code Execution: Posted Mar 31, 2018; Authored by LiquidWorm | Site zeroscience.mk; VideoFlow Digital Video Protection DVP 10 version 2.10 suffers from authenticated remote code execution vulnerability. Including a cross site request forgery vulnerability, a remote attacker can exploit this issue and execute arbitrary system commands granting her system access with root privileges.; tags | exploit, remote, arbitrary, root, code execution, csrf; SHA-256 | f1cf92d74150abb39ece448b2e879132cdeec1dad40e941838baff6d6ac1147d; Download | Favorite | View

VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal: Posted Mar 31, 2018; Authored by LiquidWorm | Site zeroscience.mk; VideoFlow Digital Video Protection DVP 10 version 2.10 suffers from an authenticated arbitrary file disclosure vulnerability including no session expiration. Input passed via the 'ID' parameter in several Perl scripts is not properly verified before being used to download system files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks.; tags | exploit, arbitrary, perl; SHA-256 | 9fdb71614470b3895e28afe235e28c5784709277cd64d29608144c5fc0584e48; Download | Favorite | View

DotNetNuke DNNarticle Directory Traversal: Posted Mar 31, 2018; Authored by Esmaeil Rahimian; The DNNarticle module in DotNetNuke version 11 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; advisories | CVE-2018-9126; SHA-256 | a41413f4c748f4fcf065a3f2c5c4e0ab8f4515a8fb6dafd0bde8c679cd929bf0; Download | Favorite | View

Homematic CCU2 2.29.23 Arbitrary File Write: Posted Mar 31, 2018; Authored by Patrick Muench, Gregor Kopf; Homematic CCU2 version 2.29.23 suffers from an arbitrary file write vulnerability.; tags | exploit, arbitrary; advisories | CVE-2018-7300; SHA-256 | dd409c7f1b228ba72e9d1b5031af8e53c65f1eacf0f69e50abd6527af29fc5a5; Download | Favorite | View

Frog CMS 0.9.5 Cross Site Request Forgery: Posted Mar 31, 2018; Authored by Samrat Das; Frog CMS version 0.9.5 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; advisories | CVE-2018-8908; SHA-256 | de887657ffddfe13ff2711bcdfd0a752e08c6fc7fb4d7096eb0a29acc662fcc2; Download | Favorite | View

WordPress Contact Form 7 To Database Extension 2.10.32 CSV Injection: Posted Mar 31, 2018; Authored by Stefan Broeder; WordPress Contact Form 7 to Database Extension plugin version 2.10.32 suffers from a CSV injection vulnerability.; tags | exploit; advisories | CVE-2018-9035; SHA-256 | a1e2f6ff5db573c57f2014f08ae3e5c445da423f0442bc5bf91d63f4b6974da0; Download | Favorite | View

Joomla Acymailing Starter 5.9.5 CSV Macro Injection: Posted Mar 31, 2018; Authored by Sureshbabu Narvaneni; Joomla Acymailing Starter component version 5.9.5 suffers from a CSV macro injection vulnerability.; tags | exploit; advisories | CVE-2018-9107; SHA-256 | 79b6c5b7c330a02114e00055a2436ba7e3e992b66ce38f41a047b764a31482cc; Download | Favorite | View

osCommerce 2.3.4.1 Remote Code Execution: Posted Mar 31, 2018; Authored by Simon Scannell; osCommerce version 2.3.4.1 suffers from a code execution vulnerability.; tags | exploit, code execution; SHA-256 | 3a9c8b3b77bdf3e503378fb0902da7dfcb3e2c29c42deb289a62f986ab00800f; Download | Favorite | View

MiniCMS 1.10 Cross Site Request Forgery: Posted Mar 31, 2018; Authored by zixian; MiniCMS version 1.10 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; advisories | CVE-2018-9092; SHA-256 | 721a51e53d1998c15ee3fada2f7e9dc176be6d95e57db860592ccfbc8755bf96; Download | Favorite | View

Systematic SitAware NVG Denial Of Service: Posted Mar 31, 2018; Authored by 2u53; Systematic SitAware suffers from a denial of service vulnerability.; tags | exploit, denial of service; advisories | CVE-2018-9115; SHA-256 | 4bb760f13fc71196edd91cdf71a8c42c83fa772fbb0a0e2ad4ba3a813ee7e121; Download | Favorite | View

Homematic CCU2 2.29.23 Remote Command Execution: Posted Mar 31, 2018; Authored by Patrick Muench, Gregor Kopf; Homematic CCU2 version 2.29.23 suffers from a remote command execution vulnerability.; tags | exploit, remote; advisories | CVE-2018-7297; SHA-256 | 557b93e2321a67871d7ee634a72bf196e8730d6ff7724ac372a8b095eff95cbb; Download | Favorite | View

Joomla AcySMS 3.5.0 CSV Macro Injection: Posted Mar 31, 2018; Authored by Sureshbabu Narvaneni; Joomla AcySMS component version 3.5.0 suffers from a CSV macro injection vulnerability.; tags | exploit; advisories | CVE-2018-9106; SHA-256 | f34e0a09b18099dba0c7b06e0efc752e601eb227dd42dd32490f76f20726f914; Download | Favorite | View

WampServer 3.1.1 Cross Site Request Forgery / Cross Site Scripting: Posted Mar 31, 2018; Authored by Vipin Chaudhary; WampServer version 3.1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; SHA-256 | 905c4d7fd4fc2cf1c89222a0cb7e2346073185b02ec25bb49977dd24875f524c; Download | Favorite | View

WordPress Relevanssi 4.0.4 Cross Site Scripting: Posted Mar 31, 2018; Authored by Stefan Broeder; WordPress Relevanssi plugin version 4.0.4 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2018-9034; SHA-256 | de2e9805aecef79b31fdcc4da3b54e9c98e5470b3d3467d95ff56e951dec4a73; Download | Favorite | View

WordPress WP Security Audit Log 3.1.1 Information Disclosure: Posted Mar 30, 2018; Authored by Colette Chamberland; WordPress WP Security Audit Log plugin version 3.1.1 suffers from a sensitive information disclosure vulnerability.; tags | exploit, info disclosure; advisories | CVE-2018-8719; SHA-256 | a47629c5bd8c626fce9819e8ba2183b5c2383a496409dedde4f1ffcad89ae3ec; Download | Favorite | View

Crea8Social Social Network Script Pro / Business Cross Site Scripting: Posted Mar 30, 2018; Authored by Mohamed Abdelbasset Elnouby; Crea8Social Social Network Script versions Pro and Business suffer from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2018-9120, CVE-2018-9121, CVE-2018-9122, CVE-2018-9123; SHA-256 | 1c511dc6984605cbfe67498189817b0bf03de1884d46c7de560e7dfbbd580f69; Download | Favorite | View

glibc LD_AUDIT libmemusage.so RHEL-Based Arbitrary DSO Load Privilege Escalation: Posted Mar 30, 2018; Authored by Marco Ivaldi, Tavis Ormandy, Todor Donev, zx2c4, Brendan Coles | Site metasploit.com; This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library (glibc) dynamic linker with libmemusage.so library.; tags | exploit, root; systems | linux; advisories | CVE-2010-3847, CVE-2010-3856; SHA-256 | 866ac744c655ede9c376e4a47945a3a0e64a8cdb089b30ec2822adfef9bb9512; Download | Favorite | View

Tenda FH303/A300 5.07.68_EN Remote DNS Changer: Posted Mar 30, 2018; Authored by Todor Donev; Tenda FH303/A300 with firmware version 5.07.68_EN cookie session weakness remote DNS changer proof of concept exploit.; tags | exploit, remote, proof of concept; SHA-256 | f22ca3309579c6470ec144c91bb08b31ee848ae464b29a86c336af34a0a05882; Download | Favorite | View

Tenda W3002R/A302/w309r Wireless Router 5.07.64_en DNS Changer: Posted Mar 30, 2018; Authored by Todor Donev; Tenda W3002R/A302/w309r wireless router version 5.07.64_en cookie session weakness remote DNS changer proof of concept exploit.; tags | exploit, remote, proof of concept; SHA-256 | 8cc38578d0ff95d3332823d20ae52be3189b1e08724702def4de3110ca79e255; Download | Favorite | View

Tenda W316R Wireless Router 5.07.50 Remote DNS Changer: Posted Mar 30, 2018; Authored by Todor Donev; Tenda W316R wireless router version 5.07.50 cookie session weakness remote DNS changer proof of concept exploit.; tags | exploit, remote, proof of concept; SHA-256 | 659258d6cf96aff07ffb8be69a9afda153ab863ca8f7cf9c41aec604c9a882d0; Download | Favorite | View

Allok Video Joiner 4.6.1217 Buffer Overflow: Posted Mar 30, 2018; Authored by Velayutham Selvaraj, Mohan Ravichandran; Allok Video Joiner version 4.6.1217 suffers from a stack-based buffer overflow vulnerability.; tags | exploit, overflow; SHA-256 | 085a2394267df8e20d42091a554c405acd982ea390791df5252d485e8af96c81; Download | Favorite | View

Advantech WebAccess webvrpcs Buffer Overflow: Posted Mar 30, 2018; Authored by Chris Lyne; Advantech WebAccess versions prior to 8.1 webvrpcs DrawSrv.dll path BwBuildPath stack-based buffer overflow remote code execution exploit.; tags | exploit, remote, overflow, code execution; advisories | CVE-2016-0856; SHA-256 | 3917887b7385488d5ab094dd0cfa0c73128701eb66ed70da342531a89b649458; Download | Favorite | View

ManageEngine Application Manager Remote Code Execution: Posted Mar 29, 2018; Authored by Mehmet Ince | Site metasploit.com; This Metasploit module exploits a command injection vulnerability in the ManageEngine Application Manager product. An unauthenticated user can execute an operating system command under the context of privileged user. The publicly accessible testCredential.do endpoint takes multiple user inputs and validates supplied credentials by accessing the given system. This endpoint calls several internal classes and then executes powershell script without validating user supplied parameter when the given system is OfficeSharePointServer.; tags | exploit; advisories | CVE-2018-7890; SHA-256 | a9eac798117fa04eab31bed74f5ad242fd765118d1e7c673979dc44d64574e70; Download | Favorite | View

Tenda W308R V2 Wireless Router 5.07.48 DNS Changer: Posted Mar 29, 2018; Authored by Todor Donev; Tenda W308R V2 wireless router version 5.07.48 remote DNS changer proof of concept exploit.; tags | exploit, remote, proof of concept; SHA-256 | da812361ffff26f846e7670639231461ac7239dc66c4e6b4587ef077c32f42cd; Download | Favorite | View

Page 1 of 6 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

Files

Top Authors In Last 30 Days

Recent News