exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 129 RSS Feed

Files

Packet Storm New Exploits For 2019
Posted Jan 1, 2020
Authored by Todd J. | Site packetstormsecurity.com

Complete comprehensive archive of all 2,313 exploits added to Packet Storm in 2019.

tags | exploit
SHA-256 | 72f3a275b53d1f299df1580a639bef1a0f561d805669e7009d01cd069e6b0e56
Packet Storm New Exploits For December, 2019
Posted Jan 1, 2020
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 128 exploits added to Packet Storm in December, 2019.

tags | exploit
SHA-256 | 2ec7afc00c6435acc51dcb135ec279876e2cc7c811b0356905a746c9ca942fc9
nostromo 1.9.6 Remote Code Execution
Posted Dec 31, 2019
Authored by Kr0ff

nostromo version 1.9.6 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-16278
SHA-256 | 71091ee1ce8b929485719940130d68fc23025355ec1a5988d19c8221e0aa77f8
WordPress Ultimate Addons For Beaver Builder 1.2.4.1 Authentication Bypass
Posted Dec 31, 2019
Authored by Nathan Hrncirik, Raphael Karger

WordPress Ultimate Addons for Beaver Builder version 1.2.4.1 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 25d945db3c348efacc06bd68cdb206aa49043dd9497a393a508d7db6cb6334a9
NextVPN 4.10 Insecure File Permissions
Posted Dec 31, 2019
Authored by sajjadbnd

NextVPN version 4.10 suffers from an insecure file permissions vulnerability.

tags | exploit
SHA-256 | 7cd3edbca050a8fe0ff125109699e481526a03b5a6e861dbbd843e1d8effa4bc
Thrive Smart Home 1.1 SQL Injection
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

Thrive Smart Home version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | e4aeb323f7e63fc22396a520fa3afe3efdd3c385f4c7d50055f96ddd5dd0ea03
Thrive Smart Home 1.1 Cross Site Scripting
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

Thrive Smart Home version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 46cea7a8c0bef7c0a74a6327c76ab35c819eb35ee2af2b41e2ed9ae4714f203f
HomeAutomation 3.3.2 Open Redirect
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 6c400fc7be48ccc34237bf098de7c74f775e8fb6b620c32b76e8751964726b9f
HomeAutomation 3.3.2 CSRF / Code Execution
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 suffers from a cross site request forgery vulnerability that allows for remote command execution.

tags | exploit, remote, csrf
SHA-256 | cca8b334de34777125e8f2a0950a8442c54a2c5b0d8651006ecec4b614ce177e
HomeAutomation 3.3.2 Cross Site Request Forgery
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | f23c1aa99af5634149ccf36f6901f15700735c2a52845ce2a65186b287a4ac7b
FreeBSD fd Privilege Escalation
Posted Dec 30, 2019
Authored by Karsten Konig

Local root exploit for the FreeBSD fd vulnerability as disclosed in FreeBSD-SA-19:02.fd.

tags | exploit, local, root
systems | freebsd, bsd
advisories | CVE-2019-5596
SHA-256 | 05adfc97defa9b66032601dddbc7174d89d7c42893b3449bce122d3043b86df0
HomeAutomation 3.3.2 Authentication Bypass
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 authentication bypass exploit.

tags | exploit
SHA-256 | 32faefa048892c60f350fd14fb7b3dfb9d5189bfa825f6509603127552d92716
FreeBSD mqueuefs Privilege Escalation
Posted Dec 30, 2019
Authored by Karsten Konig

Local root exploit for the FreeBSD mqueuefs vulnerability as disclosed in FreeBSD-SA-19:15.mqueuefs.

tags | exploit, local, root
systems | freebsd, bsd
SHA-256 | 90adbf6571ee419b5720c2c77c09ae73c0b991d5356d6bf9cdef1949b5a67b6d
MyDomoAtHome (MDAH) REST API Domoticz ISS Gateway 0.2.40 Information Disclosure
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

MyDomoAtHome REST API is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this, via a specially crafted request to gain access to sensitive information.

tags | exploit, remote, info disclosure
SHA-256 | 357776a2d5aa47ac656833d53b8602fbc35b3aa0ce805316d286d7e1b1dfd90d
HomeAutomation 3.3.2 Cross Site Scripting
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 suffers from persistent and reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 5bea197f9f58eb7871adf024f5cfc3eba64f2d6e110ef8855ccd8cf44af9dd25
WEMS BEMS 21.3.1 Undocumented Backdoor Account
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

WEMS BEMS version 21.3.1 has an undocumented backdoor account that is Base64 encoded. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the controller thru the RMI.

tags | exploit
SHA-256 | a5fa2ebe403b9dae6b9fd7464ecc1dbb0eb48cace1ac5d8e6e0170f2583f4c0f
WEMS Enterprise Manager 2.58 Cross Site Scripting
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

WEMS Enterprise Manager version 2.58 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 808838c8fe62218d13ec462ebceceec14d3c27579ab0faedf0c2ab8a91a904a1
Heatmiser Netmonitor 3.03 Hardcoded Credentials
Posted Dec 30, 2019
Authored by Ismail Tasdelen

Heatmiser Netmonitor version 3.03 suffers from a hardcoded credential vulnerability.

tags | exploit
SHA-256 | 4660a59d519385d8cbe9b5ff59c605844c85e61e300d5e806ea6da2939b58d03
Wing FTP Server 6.0.7 Unquoted Service Path
Posted Dec 30, 2019
Authored by Nawaf Alkeraithe

Wing FTP Server version 6.0.7 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 559fc39363ebeac4e49dba17e94eff68b828a2fdd812f22ec437c92d997c5bf7
RICOH SP 4510SF Printer HTML Injection
Posted Dec 29, 2019
Authored by Ismail Tasdelen

RICOH SP 4510SF Printer suffers from an html injection vulnerability.

tags | exploit
SHA-256 | 8d5023bd4340e358eab608dba8456b5fa91f10420afc43489e80c8293597f950
Wave 2.0 SQL Injection
Posted Dec 29, 2019
Authored by Mehmet Emiroglu

Wave version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3a71e4a67e29fbed15f29f6d3130845ff2bd3fe64d23ccb6fcb04deb2474aae3
elearning-script 1.0 SQL Injection
Posted Dec 29, 2019
Authored by riamloo

elearning-script version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 8f87b2298bc94811437a2e451bb69727fcccabb9017173d181e459c133f73998
Cera Intranet Community Theme 1.0.1 SQL Injection
Posted Dec 29, 2019
Authored by Mehmet Emiroglu

Cera Intranet Community Theme version 1.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 104390c5f4b1560c784aeb20395128588c46864e3d99bc8955f5f8f4d6b8a001
FTP Navigator 8.03 Stack Overflow
Posted Dec 28, 2019
Authored by Bobby Cooke

FTP Navigator version 8.03 stack overflow SEH proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | e1f7f7256cf33ce90c5add9067bf1de5588b464624189f4760bd7a07cbc2712a
AVS Audio Converter 9.1.2.600 Stack Overflow
Posted Dec 28, 2019
Authored by Bobby Cooke

AVS Audio Converter version 9.1.2.600 stack overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | 2079ca5260db181a32d0e96d5a9a243149271528d1e2246bfe814727cf278c7c
Page 1 of 6
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close