what you don't know can hurt you
Showing 1 - 25 of 126 RSS Feed

Files from Securify B.V.

Email addresslists at securify.nl
First Active2014-09-22
Last Active2017-08-14
Xamarin Studio For Mac 6.2.1 (Build 3) / 6.3 (Build 863) Privilege Escalation
Posted Aug 14, 2017
Authored by Yorick Koster, Securify B.V.

Xamarin Studio for Mac versions 6.2.1 (build 3) and 6.3 (build 863) suffer from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 0eb7c4204f9e48e3f70079bf8624f7da
Virtuozzo Power Panel (VZPP) 6.1.2 Buffer Over-Read
Posted Jul 5, 2017
Authored by Securify B.V., Sipke Mellema

Virtuozzo Power Panel (VZPP) and Automator version 6.1.2 suffers from a buffer over-read vulnerability.

tags | advisory
MD5 | 2af4bc88b18673fd24ac2f529c2fd96b
SyntaxHighlight 2.0 MediaWiki 1.28.0 Stored Cross Site Scripting
Posted Apr 29, 2017
Authored by Yorick Koster, Securify B.V.

A vulnerability was found in the SyntaxHighlight MediaWiki extension. Using this vulnerability it is possible for an anonymous attacker to pass arbitrary options to the Pygments library. By specifying specially crafted options, it is possible for an attacker to trigger a (stored) cross site scripting condition. In addition, it allows the creating of arbitrary files containing user-controllable data. Depending on the server configuration, this can be used by an anonymous attacker to execute arbitrary PHP code. This issue was tested on SyntaxHighlight version 2.0 as bundled with MediaWiki version 1.28.0.

tags | exploit, arbitrary, php, xss
advisories | CVE-2017-0372
MD5 | c2f465d0fafdbcf4b9a63fb413f084f5
Western Digital My Cloud 2.21.126 Authentication Bypass
Posted Apr 22, 2017
Authored by Securify B.V., Remco Vermeulen

Western Digital My Cloud with firmware version 2.21.126 suffers from an authentication bypass vulnerability that allows escalation to administrative privileges.

tags | exploit, bypass
MD5 | 03efc4e9cf55948800f65cb80dd0da13
WordPress Connection Information Cross Site Request Forgery
Posted Apr 20, 2017
Authored by Yorick Koster, Securify B.V.

The FTP/SSH form functionality of WordPress was found to be vulnerable to cross site request forgery. WordPress versions 4.5.3 through 4.7.4 are affected.

tags | exploit, csrf
MD5 | 25a2023423f7860059c0e4cb8e179437
Scriptler Jenkins 2.9 Cross Site Scripting
Posted Apr 15, 2017
Authored by Securify B.V., Burak Kelebek

Scriptler Jenkins version 2.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 51c7b60005aa4d94fc3a39b0ebc67e50
Microsoft Office OneNote 2007 DLL Hijacking
Posted Apr 11, 2017
Authored by Yorick Koster, Securify B.V.

Microsoft Office OneNote 2007 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | b33e14dcb95985bd6976931c23b1f515
Microsoft Edge Fetch API Arbitrary Header Setting
Posted Mar 14, 2017
Authored by Securify B.V.

It was found that the Fetch API in Microsoft Edge allows websites to set arbitrary HTTP request headers, including the Content-Length, and Host headers. Amongst others, a malicious website can use this issue to bypass the same origin policy, read HTTP response headers, or initiate arbitrary HTTP requests from the victim's browser (HTTP request smuggling).

tags | exploit, web, arbitrary
advisories | CVE-2017-0140
MD5 | c5887ca20f54ac55ae19e8611c88c6f7
Western Digital My Cloud Cross Site Request Forgery
Posted Mar 7, 2017
Authored by Securify B.V., Remco Vermeulen

Western Digital My Cloud suffers from a cross site request forgery vulnerability.

tags | advisory, csrf
MD5 | 1f1be9f28d76dd964efe11d9a8018d08
Western Digital My Cloud Buffer Overflow
Posted Mar 7, 2017
Authored by Securify B.V., Remco Vermeulen

Western Digital My Cloud suffers from a buffer overflow vulnerability that allows for remote code execution.

tags | exploit, remote, overflow, code execution
MD5 | e64dc08f721927ea61266f162a334e42
Western Digital My Cloud Command Injection
Posted Mar 7, 2017
Authored by Securify B.V., Remco Vermeulen

Western Digital My Cloud suffers from multiple command injection vulnerabilities.

tags | exploit, vulnerability
MD5 | 769ded7ef3ae77dad8b7bc9a03ec8c4b
WordPress 4.5.3 Press This Function CSRF / Denial Of Service
Posted Mar 7, 2017
Authored by Securify B.V., Sipke Mellema

WordPress version 4.5.3 Press This Function suffers from a cross site request forgery vulnerability that can cause a denial of service condition.

tags | exploit, denial of service, csrf
MD5 | 83fd7fe78cebb4f12e22a40081367585
WordPress 4.5.3 Audio Playlist Cross Site Scripting
Posted Mar 7, 2017
Authored by Yorick Koster, Securify B.V.

WordPress version 4.5.3 Audio Playlist suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 03337762b5f9e7ec64dbec0de777fb10
WordPress Contact Form 4.0.0 Cross Site Scripting
Posted Mar 3, 2017
Authored by Securify B.V., Julien Rentrop

WordPress Contact Form plugin version 4.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9a02b786071ae7946b341084679559f2
WordPress Contact Form Manager CSRF / XSS
Posted Mar 3, 2017
Authored by Securify B.V., Edwin Molenaar

WordPress Contact Form Manager plugin suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 4987a2afdb93bc122ac36851c982c9ed
WordPress Popup By Supsystic 1.7.6 Cross Site Request Forgery
Posted Mar 3, 2017
Authored by Securify B.V., Radjnies Bhansingh

WordPress Popup by Supsystic plugin 1.7.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 0b5ccac0638dde090a40ca6b20b5ac07
WordPress Google Analytics Dashboard 2.1.1 Cross Site Scripting
Posted Mar 3, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Google Analytics Dashboard plugin version 2.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2e909e9b3784d3c4edbbc4b193525cfd
WordPress Magic Fields 1 1.7.1 Cross Site Scripting
Posted Mar 3, 2017
Authored by Securify B.V., Burak Kelebek

WordPress Magic Fields 1 plugin version 1.7.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5f73b17edab388c1e8270618cb22718f
WordPress Gwolle Guestbook 1.7.4 Cross Site Request Forgery
Posted Mar 3, 2017
Authored by Securify B.V., Radjnies Bhansingh

WordPress Gwolle Guestbook plugin version 1.7.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 3e9b81957474152b4b44813b24b6a155
WordPress Download Manager 2.8.99 Cross Site Request Forgery
Posted Mar 3, 2017
Authored by Securify B.V., Burak Kelebek

WordPress Download Manager plugin version 2.8.99 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 2cc3001139037abf9cba48bd74cae8e8
WordPress Simple Ads Manager 2.9.8.125 PHP Object Injection
Posted Mar 3, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Simple Ads Manager plugin version 2.9.8.125 suffers from a PHP object injection vulnerability.

tags | exploit, php
MD5 | d7391c18f04b169df0122e11b1c3dec8
WordPress Gwolle Guestbook 1.7.4 Cross Site Scripting
Posted Mar 3, 2017
Authored by Securify B.V., Radjnies Bhansingh

WordPress Gwolle Guestbook plugin version 1.7.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 36f247556fee0bff03704758a5a50f05
WordPress Global Content Blocks 2.1.5 Cross Site Request Forgery
Posted Mar 3, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Global Content Blocks plugin version 2.1.5 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 5b31f6714683c6a8b78dc4e25ca2f915
WordPress Trust Form 2.0 Cross Site Scripting
Posted Mar 1, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Trust Form plugin version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0b6b3c587ffe92e244f5f47cd441a34b
WordPress Analytics Stats Counter Statistics 1.2.2.5 PHP Object Injection
Posted Mar 1, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Analytics Stats Counter Statistics plugin version 1.2.2.5 suffers from a PHP object injection vulnerability.

tags | advisory, php
MD5 | 91725ba3f4733fa4edc420ef97e32a71
Page 1 of 6
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    2 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close