exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files from Project Insecurity

First Active2017-04-12
Last Active2017-07-03
Xenforo Forum CMS 1.5.13 Cross Site Scripting
Posted Jul 3, 2017
Authored by Project Insecurity, MLT | Site insecurity.zone

Xenforo Forum CMS version 1.5.13 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 04a95493c65f2b52a034c87996556426ca17319df8588bae58b311116569aafc
Download | Favorite | View
Camstudio 2.0 XSS / XSF / Content Forgery
Posted Jun 14, 2017
Authored by Project Insecurity, MLT | Site insecurity.zone

Camstudio version 2.0 suffers from cross site scripting and cross site flashing vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 3e5d7f60ff82000a0a8db9caace4dd48e2b13569296c8180aa9336a8f892ee04
Download | Favorite | View
Invision Power Board 4.1.19.2 XSS / CSRF / File Upload / Disclosure
Posted Jun 14, 2017
Authored by Project Insecurity, CDL, dkb | Site insecurity.zone

Invision Power Board version 4.1.19.2 suffers from reflective and stored cross site scripting, cross site request forgery, information disclosure, file upload, and shell access vulnerabilities.

tags | exploit, shell, vulnerability, xss, info disclosure, file upload, csrf
SHA-256 | 23e0d8d7d466beb225cd9e55fad020db59b5c91951a82f61a3d7dad8f57de46c
Download | Favorite | View
Alio Applicant Portal 6.0 SQL Injection
Posted Jun 14, 2017
Authored by Project Insecurity, MLT | Site insecurity.zone

Alio Applicant Portal versions 6.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 81c26cac494ad59d3316c7f00ec4c2e1cc58148122e0631a240d169faf74c458
Download | Favorite | View
MyBB 1.8.12 Stored XSS / File Enumeration
Posted Jun 13, 2017
Authored by Project Insecurity, MLT | Site insecurity.zone

MyBB versions 1.8.12 and prior is vulnerable to a cross site scripting bug which can allow a moderator to take over an administrator's account and upload a webshell, or perform file enumeration in the instances where it is not possible to spawn a shell.

tags | exploit, shell, xss
SHA-256 | 2eada83ea6a14a8c674c26d4d10c26e8ddd172236c1efa264305899384620164
Download | Favorite | View
osCommerce Error-based SQL Injection
Posted May 3, 2017
Authored by Project Insecurity, MLT | Site insecurity.zone

TemplateMonster osCommerce prior to version 2.3x suffers from an error-based SQL injection vulnerability.

tags | exploit, web, vulnerability, sql injection
SHA-256 | 38a0fda4c724cdbc0647c49a836ea0b337317dd4887ab047e366bf56eaec7836
Download | Favorite | View
CMS Made Simple Babel Module 0.3.3 Open Redirect / Content Forgery
Posted May 2, 2017
Authored by Project Insecurity, MLT | Site insecurity.zone

CMS Made Simple Babel Module versions prior to 0.3.3 suffer from multiple open redirection and content forgery vulnerabilities.

tags | exploit, web, vulnerability
SHA-256 | 31304957e6029c5e6540d4df7fcf0ddcc3115227c272996651d65f4797762e08
Download | Favorite | View
WordPress FancyProductDesigner 3.4.2 Stored XSS
Posted May 2, 2017
Authored by Project Insecurity, MLT | Site insecurity.zone

WordPress FancyProductDesigner plugin versions prior to 3.4.2 suffer from a persistent cross site scripting vulnerability due to improper sanitization, allowing malicious .svg file uploads.

tags | exploit, xss, file upload
SHA-256 | e06356cf348ec440bf9bde069022db59898d3360eefbd1156c6c4aaf4c07d21c
Download | Favorite | View
concrete5 8.1.0 Thumbnail Editor CSRF / DoS
Posted May 2, 2017
Authored by Project Insecurity, sxcurity | Site insecurity.zone

concrete5 8.1.0 Thumbnail Editor suffers from cross site request forgery and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, csrf
advisories | CVE-2017-8082
SHA-256 | 860518c65e9b09599ffacfde229d0d06cf821ef031e1a993e40d77833cf07319
Download | Favorite | View
XiongMai uc-http 1.0.0 Local File Inclusion / Directory Traversal
Posted Apr 12, 2017
Authored by Project Insecurity, sxcurity | Site insecurity.zone

uc-httpd is an HTTP daemon used by a wide array of IoT devices and is vulnerable to local file inclusion and directory traversal bugs.

tags | exploit, web, local, file inclusion
SHA-256 | d583ce6e0faa99e3ff30f47b816c36a63c1e1af19c12d7218a3f30aaf3d64676
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close