Twenty Year Anniversary
Showing 1 - 7 of 7 RSS Feed

Files from SlidingWindow

First Active2017-05-17
Last Active2018-04-10
Dell EMC Avamar And Integrated Data Protection Appliance Invalid Access Control
Posted Apr 10, 2018
Authored by SlidingWindow

DELL EMC Avamar fails to restrict access to Configuration section that let Administrators set up Installation Manager configurations, or check for new packages from the Online Support site. An unauthenticated, remote attacker could add an Online Support Account for DELL EMC without any user interaction.

tags | exploit, remote
advisories | CVE-2018-1217
MD5 | c803fcebaf7c03f7902e2f4dd59391bd
D-Link DCS-936L Cross Site Request Forgery
Posted Nov 17, 2017
Authored by SlidingWindow

D-Link DCS-936L suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-7851
MD5 | 16ebb26ff2ecf0815f3032dd2a3b7e7c
Dell Active Roles 7.x Unquoted Service Path Privilege Escalation
Posted Nov 17, 2017
Authored by SlidingWindow

Dell Active Roles versions 7.1, 7.0.4, 7.0.3, 7.0.2, and 7.0 suffer from an unquoted service path privilege escalation vulnerability.

tags | exploit
MD5 | 345625e8405d3b2ffe718dce42429c46
Oracle WebLogic Server Java Deserialization Remote Code Execution
Posted Sep 29, 2017
Authored by SlidingWindow, FoxGloveSecurity

This exploit tests the target Oracle WebLogic Server for Java Deserialization remote code execution vulnerability. The ysoserial payload causes the target to send Ping requests to the attacking machine. You can monitor ICMP ECHO requests on your attacking machine using TCPDump to know if the exploit was successful. Feel free to modify the payload (chunk2) with that of your choice. Do not worry about modifying the payload length each time you change the payload as this script will do it for you on the fly. Versions affected include 10.3.6.0, 12.1.2.0, 12.1.3.0 and 12.2.1.0.

tags | exploit, java, remote, code execution
advisories | CVE-2015-4852
MD5 | 59152f11360701a27fd17681ec1d86aa
D-Link DCS Series Cameras Insecure Crossdomain.xml
Posted May 27, 2017
Authored by SlidingWindow

D-Link DCS Series cameras implement a weak crossdomain.xml.

tags | exploit
advisories | CVE-2017-7852
MD5 | 4017e79180c280809e1c61d9b8cce62b
Trend Micro Interscan Web Security Virtual Appliance (IWSVA) 6.5 SP2 XSS / Disclosure
Posted May 17, 2017
Authored by SlidingWindow

Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5 SP2 suffers from faulty access controls, stored cross site scripting, and information disclosure vulnerabilities

tags | exploit, web, vulnerability, xss, info disclosure
advisories | CVE-2017-6338, CVE-2017-6339, CVE-2017-6340
MD5 | d4dbc13600c87476e40eeb35bbb2c927
Sophos Web Appliance 4.3.1.1 Session Fixation
Posted May 17, 2017
Authored by SlidingWindow

Sophos Web Appliance version 4.3.1.1 suffers from a session fixation vulnerability.

tags | exploit, web
advisories | CVE-2017-6412
MD5 | 54ffcfe60969b3b8b5f25ffdd8ec5057
Page 1 of 1
Back1Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close