Twenty Year Anniversary
Showing 1 - 25 of 259 RSS Feed

Files from hyp3rlinx

Email addressprivate
Websitehyp3rlinx.altervista.org
First Active2015-04-28
Last Active2018-10-12
View User Profile
NoMachine 5.3.26 Remote Code Execution
Posted Oct 12, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

NoMachine versions 5.3.26 and below suffer from a remote code execution vulnerability when opening a malicious .nxs file.

tags | exploit, remote, code execution
advisories | CVE-2018-17980
MD5 | 98f0f6fe4dc505a95f06d738805d3c7a
Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 XML Injection
Posted Oct 11, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft SQL Server Management Studio versions 17.9 and 18.0 Preview 4 suffer from an xmla filetype XML external entity injection vulnerability.

tags | exploit, sql injection
advisories | CVE-2018-8532
MD5 | f8fb22312550cc368dc913351a5406a8
Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 XML Injection
Posted Oct 11, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft SQL Server Management Studio versions 17.9 and 18.0 Preview 4 suffer from a xel filetype XML external entity injection vulnerability.

tags | exploit, sql injection
advisories | CVE-2018-8527
MD5 | 0fb594060e86354cefaa3a12ba2181d5
Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 XML Injection
Posted Oct 11, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft SQL Server Management Studio versions 17.9 and 18.0 Preview 4 suffer from a REGSRVR filehandling XML external entity injection vulnerability.

tags | exploit, sql injection
advisories | CVE-2018-8533
MD5 | bc7e26312d98457aeac3779548aee6d7
Microsoft Baseline Security Analyzer 2.3 XML Injection
Posted Sep 10, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Baseline Security Analyzer version 2.3 suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | 7224f7e70a591fdfca03428610d0453c
Microsoft .NET Framework CVE-2015-6099 Analysis
Posted Sep 3, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

This whitepaper analyzes a privilege escalation vulnerability in the Microsoft .NET framework as noted in MS15-118.

tags | exploit, paper
advisories | CVE-2015-6099
MD5 | 4a014224fc35bfb528ae5d4ebe710d2d
FsPro Labs Event Log Explorer 4.6.1.2115 XML Injection
Posted Sep 1, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

FsPro Labs Event Log Explorer version 4.6.1.2115 suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2018-16252
MD5 | fad943a0c32935b55f0eee3696caaca4
Argus Surveillance DVR 4.0.0.0 SYSTEM Privilege Escalation
Posted Aug 29, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Argus Surveillance DVR version 4.0.0.0 suffers from a SYSTEM privilege escalation vulnerability.

tags | exploit
MD5 | 568a5ca14ccf6b72d34900efe6809bce
Argus Surveillance DVR 4.0.0.0 Directory Traversal
Posted Aug 29, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Argus Surveillance DVR version 4.0.0.0 suffers from file disclosure and traversal vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2018-15745
MD5 | 236a5ef23b5453a2a50a23ab72a165af
Microsoft DirectX SDK (June 2010) Xact3.exe DLL Hijacking
Posted Aug 11, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The Microsoft DirectX SDK "Xact3.exe" cross-platform tool allows for arbitrary code execution via a trojan horse file "xbdm.dll" in the current working directory, upon opening a ".xap" project file from the same location.

tags | exploit, arbitrary, trojan, code execution
MD5 | d7f1056ce3aa140ad0e115c7bf50b3c0
Microsoft dnslint.exe DNS Tool Forced Drive-By Download
Posted Jul 20, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft's dnslint.exe tool does not verify domain names when parsing DNS text-files using the "/ql" switch making it prone to forced drive-by downloads, providing an end user is tricked into using a server text-file containing a script/binary reference instead of a normally expected domain name.

tags | exploit
MD5 | eb14060a0091ba68f6b96c6e9ef2fb25
Microsoft Windows Enterprise Mode Site List 1/2 XML Injection
Posted Jul 16, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows Enterprise Mode Site List Manager versions 1 and 2 suffer from an XML external entity injection vulnerability.

tags | exploit
systems | windows
MD5 | adb95485a2175dc841aa24d2a530ed72
Microsoft Windows .library-ms Information Disclosure
Posted Jul 16, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Library description files are XML files that define libraries. Libraries aggregate items from local and remote storage locations into a single view in Windows Explorer. Library description files follow the Library Description schema and are saved as *.library-ms files. The .library-ms filetype triggers forced authentication when a user/client accesses a remote share that houses an attacker supplied ".library-ms" file, disclosing credential hashes and other identifiable computer informations.

tags | exploit, remote, local
systems | windows
MD5 | 3efbbbe3394fffedf1bbcf55f304effb
Enhanced Mitigation Experience Toolkit (EMET) XML Injection
Posted Jun 30, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Enhanced Mitigation Experience Toolkit (EMET) suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | da2c5fe7a5b5d3b441f02c18e2d7ca7a
Polaris Office 2017 8.1 Remote Code Execution
Posted Jun 26, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Polaris Office 2017 version 8.1 allows attackers to execute arbitrary code via a trojan horse "puiframeworkproresenu.dll" file in the current working directory, due to a search order flaw vulnerability.

tags | exploit, arbitrary, trojan
advisories | CVE-2018-12589
MD5 | cb627d3986c07f094a3e4282ca8924de
OfficeScan XG 11.0 Unauthorized Change Prevention Bypass
Posted Jun 8, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

OfficeScan XG version 11.0 suffers from an unauthorized change prevention bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2018-10507
MD5 | e3ce9faee8d067f82b6d929d3dff7cda
Microsoft Windows FxCop 12 XXE Injection
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft FxCop versions 10 through 12 are vulnerable to XML injection attacks allowing local file ex-filtration and or NTLM hash theft. Tested in Windows 7 and Windows 10 download SDK it works in both.

tags | exploit, local
systems | windows, 7, 10
MD5 | e4970e9fdb7dbc2ea52471b6d0a8c531
Easy Hosting Control Panel 0.37.12.b Unverified Password Change
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Easy Hosting Control Panel version 0.37.12.b suffers from an unverified password change vulnerability.

tags | exploit
advisories | CVE-2018-6617
MD5 | 791e45e8fcd14b89a834a308b18cccde
Easy Hosting Control Panel 0.37.12.b Clear-Text Password Storage
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Easy Hosting Control Panel version 0.37.12.b suffers from a clear-text password storage vulnerability.

tags | exploit
advisories | CVE-2018-6618
MD5 | 6e7d491189d0efa9d471a5da0de2a069
Easy Hosting Control Panel 0.37.12.b Insecure Cryptography
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Easy Hosting Control Panel version 0.37.12.b suffers from an insecure cryptography vulnerability.

tags | exploit
advisories | CVE-2018-6619
MD5 | 2956ee490bcd7d4912aa51b2ecb60372
Easy Hosting Control Panel 0.37.12.b Cross Site Request Forgery
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Easy Hosting Control Panel version 0.37.12.b suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2018-6458
MD5 | 0a8f15401bb9cce8379d7f12c69069b1
Easy Hosting Control Panel 0.37.12.b Cross Site Scripting Cookie Theft
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Easy Hosting Control Panel version 0.37.12.b suffers from a cross site scripting vulnerability that allows you to steal the cookie.

tags | exploit, xss
advisories | CVE-2018-6362
MD5 | f74bbe3371ad692d1039c540fe5a5060
Easy Hosting Control Panel 0.37.12.b Cross Site Scripting Add FTP Account
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Easy Hosting Control Panel version 0.37.12.b suffers from a cross site scripting vulnerability that allows you to add a backdoor FTP account.

tags | exploit, xss
advisories | CVE-2018-6361
MD5 | 966a2022afa674527a1084c1d9a1eedf
DeviceLock Plug And Play Auditor 5.72 Buffer Overflow
Posted May 7, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

DeviceLock Plug and Play Auditor version 5.72 suffers from a unicode buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2018-10655
MD5 | e1efa280720a5cbabeff9a9ab68b5ae1
Microsoft Internet Explorer 11.371.16299.0 Denial Of Service
Posted Apr 20, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Internet Explorer version 11.371.16299.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | b95fe4c66578b78c338a2d385f6635b6
Page 1 of 11
Back12345Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close