Twenty Year Anniversary
Showing 1 - 7 of 7 RSS Feed

Files from SlidingWindow

First Active2017-05-17
Last Active2018-04-10
Dell EMC Avamar And Integrated Data Protection Appliance Invalid Access Control
Posted Apr 10, 2018
Authored by SlidingWindow

DELL EMC Avamar fails to restrict access to Configuration section that let Administrators set up Installation Manager configurations, or check for new packages from the Online Support site. An unauthenticated, remote attacker could add an Online Support Account for DELL EMC without any user interaction.

tags | exploit, remote
advisories | CVE-2018-1217
MD5 | c803fcebaf7c03f7902e2f4dd59391bd
D-Link DCS-936L Cross Site Request Forgery
Posted Nov 17, 2017
Authored by SlidingWindow

D-Link DCS-936L suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-7851
MD5 | 16ebb26ff2ecf0815f3032dd2a3b7e7c
Dell Active Roles 7.x Unquoted Service Path Privilege Escalation
Posted Nov 17, 2017
Authored by SlidingWindow

Dell Active Roles versions 7.1, 7.0.4, 7.0.3, 7.0.2, and 7.0 suffer from an unquoted service path privilege escalation vulnerability.

tags | exploit
MD5 | 345625e8405d3b2ffe718dce42429c46
Oracle WebLogic Server Java Deserialization Remote Code Execution
Posted Sep 29, 2017
Authored by SlidingWindow, FoxGloveSecurity

This exploit tests the target Oracle WebLogic Server for Java Deserialization remote code execution vulnerability. The ysoserial payload causes the target to send Ping requests to the attacking machine. You can monitor ICMP ECHO requests on your attacking machine using TCPDump to know if the exploit was successful. Feel free to modify the payload (chunk2) with that of your choice. Do not worry about modifying the payload length each time you change the payload as this script will do it for you on the fly. Versions affected include 10.3.6.0, 12.1.2.0, 12.1.3.0 and 12.2.1.0.

tags | exploit, java, remote, code execution
advisories | CVE-2015-4852
MD5 | 59152f11360701a27fd17681ec1d86aa
D-Link DCS Series Cameras Insecure Crossdomain.xml
Posted May 27, 2017
Authored by SlidingWindow

D-Link DCS Series cameras implement a weak crossdomain.xml.

tags | exploit
advisories | CVE-2017-7852
MD5 | 4017e79180c280809e1c61d9b8cce62b
Trend Micro Interscan Web Security Virtual Appliance (IWSVA) 6.5 SP2 XSS / Disclosure
Posted May 17, 2017
Authored by SlidingWindow

Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5 SP2 suffers from faulty access controls, stored cross site scripting, and information disclosure vulnerabilities

tags | exploit, web, vulnerability, xss, info disclosure
advisories | CVE-2017-6338, CVE-2017-6339, CVE-2017-6340
MD5 | d4dbc13600c87476e40eeb35bbb2c927
Sophos Web Appliance 4.3.1.1 Session Fixation
Posted May 17, 2017
Authored by SlidingWindow

Sophos Web Appliance version 4.3.1.1 suffers from a session fixation vulnerability.

tags | exploit, web
advisories | CVE-2017-6412
MD5 | 54ffcfe60969b3b8b5f25ffdd8ec5057
Page 1 of 1
Back1Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close