Exploit the possiblities
Showing 1 - 25 of 212 RSS Feed

Files from hyp3rlinx

Email addressprivate
Websitehyp3rlinx.altervista.org
First Active2015-04-28
Last Active2017-11-12
View User Profile
Symantec Endpoint Protection 12.1.6 Tamper Protection Bypass
Posted Nov 12, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Symantec Endpoint Protection version 12.1.6 suffers from a tamper protection bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2017-6331
MD5 | a388095559ccdfc375dc8c0bc9cc2a2c
Mako Server 2.5 Command Injection
Posted Nov 8, 2017
Authored by hyp3rlinx | Site metasploit.com

This Metasploit module exploits a vulnerability found in Mako Server version 2.5. It's possible to inject arbitrary OS commands in the Mako Server tutorial page through a PUT request to save.lsp. Attacker input will be saved on the victims machine and can be executed by sending a GET request to manage.lsp.

tags | exploit, arbitrary
MD5 | c03775a6cc371f5390945aeec52b7a16
Avaya IP Office (IPO) 10.1 Soft Console Remote Buffer Overflow
Posted Nov 5, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Avaya IP Office (IPO) versions 9.1.0 through 10.1 suffer from a soft console remote buffer overflow vulnerability.

tags | exploit, remote, overflow
advisories | CVE-2017-11309
MD5 | 862ebfc960f33b8449d9f1fc7496e388
Avaya IP Office (IPO) 10.1 Active-X Buffer Overflow
Posted Nov 5, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Avaya IP Office (IPO) versions 9.1.0 through 10.1 suffer from an active-x buffer overflow vulnerability.

tags | exploit, overflow, activex
advisories | CVE-2017-12969
MD5 | 2f1f9921cb68a6eaeba533573958d1b5
Microsoft Windows GDFMaker 6.3.9600.16384 XXE Injection
Posted Oct 18, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows Game Definition File Editor (GDFMaker) version 6.3.9600.16384 suffers from an XML external entity injection vulnerability.

tags | exploit
systems | windows
MD5 | c7d0ae4a7bf14a2d1e2cae2ae115040a
Webmin 1.850 SSRF / CSRF / Cross Site Scripting / Command Execution
Posted Oct 16, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Webmin version 1.850 suffers from server side request forgery, cross site request forgery, and cross site scripting vulnerabilities, the last of which can lead to remote command execution.

tags | exploit, vulnerability, xss, csrf
MD5 | e8275ecd6d49c4502a0718560697279c
TrendMicro OfficeScan 11.0 / XG (12.0) Memory Corruption
Posted Oct 1, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from a memory corruption vulnerability.

tags | exploit
advisories | CVE-2017-14089
MD5 | aeb2c439cc4b4cb758d9b172e6934d1f
TrendMicro OfficeScan 11.0 / XG (12.0) Host Header Injection
Posted Sep 29, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from a host header injection vulnerability.

tags | exploit
advisories | CVE-2017-14087
MD5 | 4de581b5dcdaa22b65e2ac9e746473e3
TrendMicro OfficeScan 11.0 / XG (12.0) Server-Side Request Forgery
Posted Sep 29, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from a server-side request forgery vulnerability.

tags | exploit
MD5 | 8901d1a59098b64db630f74a93bc18c2
TrendMicro OfficeScan 11.0 / XG (12.0) Information Disclosure
Posted Sep 29, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from NT domain and PHP information disclosure vulnerabilities.

tags | exploit, php, vulnerability, info disclosure
advisories | CVE-2017-14085
MD5 | 8849cad3ac8077aaabee386cf3a4f609
TrendMicro OfficeScan 11.0 / XG (12.0) Auth Start Code Execution
Posted Sep 29, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from Start Remote Process code execution and denial of service vulnerabilities.

tags | exploit, remote, denial of service, vulnerability, code execution
advisories | CVE-2017-14086
MD5 | f903866ff18f7719c69033889e096833
TrendMicro OfficeScan 11.0 / XG (12.0) Man-In-The-Middle
Posted Sep 29, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from a curl man-in-the-middle remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-14084
MD5 | d323797fbad158a3b20b9da080065d6d
TrendMicro OfficeScan 11.0 / XG (12.0) XG Image File Execution Bypass
Posted Sep 29, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from an XG image file execution bypass vulnerability.

tags | exploit, bypass
MD5 | e52654b923b6645ff687af649e8e477a
TrendMicro OfficeScan 11.0 / XG (12.0) Encryption Key Disclosure
Posted Sep 29, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from a pre-authentication encryption key disclosure vulnerability.

tags | exploit
advisories | CVE-2017-14083
MD5 | 95ff6603b3ff3e7232d56b11e6b8eff4
Mako Server SSRF / Disclosure / Code Execution
Posted Sep 15, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Mako Web Server suffers from file disclosure, remote command execution, and server-side request forgery vulnerabilities.

tags | exploit, remote, web, vulnerability
MD5 | a29a13795600789280e244d812b6f170
Mongoose Web Server 6.5 CSRF / Command Execution
Posted Sep 5, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Mongoose Web Server version 6.5 suffers from cross site request forgery and remote command execution vulnerabilities.

tags | exploit, remote, web, vulnerability, csrf
advisories | CVE-2017-11567
MD5 | 9658c121fe0c558892a465b201f7ca16
Apache2Triad 1.5.4 CSRF / XSS / Session Fixation
Posted Aug 21, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Apache2Triad version 1.5.4 suffers from session fixation, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2017-12965, CVE-2017-12970, CVE-2017-12971
MD5 | 5f84ac13f6c4c57a37441585b0a25c8b
Yaws 1.91 Unauthenticated Remote File Disclosure
Posted Jul 7, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Yaws version 1.91 suffers from an unauthenticated remote file disclosure vulnerability.

tags | exploit, remote
MD5 | d44a9473734ef6a0a26b8cb7543fa88e
Firefox 54.0.1 Denial Of Service
Posted Jul 7, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Firefox version 54.0.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 9e6dbc8b2122d425a1c5d8b9e352ef36
MySQL G0ld Brute Forcing Utility
Posted Jun 20, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

MySQL G0ld is a program that issues brute force attacks against a MySQL Server using a supplied wordlist.

tags | tool, cracker
systems | windows
MD5 | e0087db2fc7abccc98bd40d8d96cf170
BIND 9.10.5 Unquoted Service Path Privilege Escalation
Posted Jun 5, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

BIND version 9.10.5 for x86 and x64 on Windows suffers from an unquoted service path vulnerability that can allow for privilege escalation.

tags | exploit, x86
systems | windows
advisories | CVE-2017-3141
MD5 | b39267a55a45b5a08939bd042eb975f7
Subsonic 6.1.1 Persistent XSS
Posted Jun 3, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Remote attackers can abuse the "Subscribe to Podcast" feature of Subsonic 6.1.1 to store persistent XSS payloadsif an authenticated user clicks a malicious link or visits an attacker controlled webpage.

tags | exploit, remote, csrf
advisories | CVE-2017-9414
MD5 | 75781fa859d6d75c6a7786692df6ec8c
Subsonic 6.1.1 XML External Entity Attack
Posted Jun 3, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Subsonic 6.1.1 import playlist feature is susceptible to an XML External Entity attack via import of a malicious .XSPF playlist file.

tags | exploit, xxe
advisories | CVE-2017-9355
MD5 | 55908f5f3dbc9a08e404b4b34bfa1497
Subsonic 6.1.1 Server Side Request Forgery
Posted Jun 3, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Remote attackers can abuse the Podcast feature of subsonic to launch Server Side Request Forgery attacks from the subsonic server if an authenticated user clicks a malicious link or visits an attacker controlled webpage.

tags | exploit, remote, csrf
advisories | CVE-2017-9413
MD5 | a2b09d2527ad59b05aab04f9625f9618
Subsonic 6.1.1 Password Reset Cross Site Request Forgery
Posted Jun 3, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Subsonic media streaming server can allow a remote attacker to reset account passwords if usernames are known and victims click a malicious link.

tags | exploit, remote, csrf
MD5 | c0b7a9d078f87d27a0bd9759794033d1
Page 1 of 9
Back12345Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close