exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 48 RSS Feed

Files Date: 2012-02-07

ManageEngine ADManager Plus 5.2 Cross Site Scripting
Posted Feb 7, 2012
Authored by LiquidWorm | Site zeroscience.mk

ManageEngine ADManager Plus version 5.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | b0a7776712965ad82934634aa82214e128b7fb5bd571425c4a5e24d1a8a04ad8
Batavi 1.1.2 SQL Injection
Posted Feb 7, 2012
Authored by Onur YILMAZ | Site netsparker.com

Batavi version 1.1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6fc8dda996f6e7a4e9f86390ea2fa22440cde5c58ca16e649410cff0a2c7a070
Cyberoam Central Console 2.00.2 Local File Inclusion
Posted Feb 7, 2012
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Cyberoam Central Console version 2.00.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 798532758c34efcb716d938503b9354d184cae1ce0f92afa168ccf808c277e1a
Facebook Profile Sticker SQL Injection
Posted Feb 7, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Facebook Profile Sticker suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c01092422153f916a3b4a6552e6cd4b22b1bb013498bd837b118f413eba4384e
HP Security Bulletin HPSBMU02736 SSRT100699 2
Posted Feb 7, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02736 SSRT100699 2 - Potential security vulnerabilities have been identified with HP Business Availability Center (BAC) and Business Service Management (BSM). The vulnerabilities could be remotely exploited to allow unauthorized access to sensitive information. Revision 2 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2008-3273, CVE-2010-1428, CVE-2010-1429
SHA-256 | bb415e5d34619cbb9448e6fc9bebdc5c819176f95792e0720ac41b2baf84cd64
Dinama SMS Service Cross Site Scripting
Posted Feb 7, 2012
Authored by Ivan Montilla Miralles, Vulnerability Laboratory | Site vulnerability-lab.com

Dinama SMS Service suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2a4f4c56013fee403231978baf32de582cbf2d74a8dc44d3a1c04a75c0cae667
eFronts Community++ 3.6.10 Cross Site Scripting
Posted Feb 7, 2012
Authored by Chokri Ben Achor, Vulnerability Laboratory | Site vulnerability-lab.com

eFronts Community++ version 3.6.10 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8ef660b9da8e37a6d668e71f29eb76cc7348fa44c0a3f15b9754e19642fd9ce1
VolksBank Online Banking Cross Site Scripting / Redirection
Posted Feb 7, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

VolksBank Online Banking suffers from cross site scripting, open redirection and input validation vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | a96b0a40c41ccb9f1f48d5cfcdc2a59332874abcab438eb3a287bcc9f43991fd
SimpleGroupware 0.742 Cross Site Scripting
Posted Feb 7, 2012
Authored by Stefan Schurtz

SimpleGroupware version 0.742 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | da8c237855bb436d3a75486eaa1d4091bc3709e59dffbf2f047bbdf437251048
Apache CXF UsernameToken Broken Validation
Posted Feb 7, 2012
Authored by Colm O hEigeartaigh | Site cxf.apache.org

Apache CXF versions 2.4.5 and 2.5.1 fail to validate a WS-Security UsernameToken received as part of the security header of a SOAP request against a WS-SP UsernameToken policy.

tags | advisory
advisories | CVE-2012-0803
SHA-256 | b292e2def6610f71ed845303fc918ae45534205d8f616f67a68c79fe20ca97ba
Fake POP3 Daemon
Posted Feb 7, 2012
Authored by James Stevenson | Site stev.org

This is a compact fake pop3 daemon that logs password attacks.

tags | tool
systems | unix
SHA-256 | 6606163274f3cfc9bf7e8b5a1201ab59ffdc8e9baedab41009ce14200a0d62a3
DEF CON 20 Capture The Flag Information
Posted Feb 7, 2012
Authored by The Dark Tangent | Site defcon.org

This is an newsletter that discusses information related to Capture The Flag that will be held at DEF CON 20 this year.

tags | paper, conference
SHA-256 | ae4ac34dbc347466ae0fed2bc2c7c50f2afe22240b5f39b8991a0c36dc37c044
Debian Security Advisory 2403-2
Posted Feb 7, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2403-2 - Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.

tags | advisory, remote, php
systems | linux, debian
advisories | CVE-2012-0830
SHA-256 | 0a43317dba937253385b54d3b26aa2f4ebcd6897c1a37b0fba9b5f3f67463d3c
Ubuntu Security Notice USN-1356-1
Posted Feb 7, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1356-1 - A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Chen Haogang discovered an integer overflow that could result in memory corruption. A local unprivileged user could use this to crash the system. A flaw was found in the linux kernels IPv4 IGMP query processing. A remote attacker could exploit this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-0038, CVE-2012-0044, CVE-2012-0207, CVE-2012-0038, CVE-2012-0044, CVE-2012-0207
SHA-256 | 273765a9dc6a271d3102ed83aa47f5dcfd7f9c56f6f7a215a553292598ed7c31
Another File Integrity Checker 2.20
Posted Feb 7, 2012
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: SHA-256 and SHA-512 checksum algorithms were added to replace SHA-1 for better security. Output of SHA checksums are now compatible with the output of the sha1sum, sha256sum, and sha512sum commands.
tags | tool, integrity
systems | linux, windows, unix
SHA-256 | 067e9fd3a6de7bcf39a64c3ea4e28159c8a11605e0f19179116cbaf0b785167e
Whitewash 2.0
Posted Feb 7, 2012
Authored by Dmitry Borodaenko

The Whitewash module allows Ruby programs to clean up any HTML document or fragment coming from an untrusted source and to remove all dangerous constructs that could be used for cross-site scripting or request forgery. All HTML tags, attribute names and values, and CSS properties are filtered through a whitelist that defines which names and what kinds of values are allowed; everything that doesn't match the whitelist is removed. The whitelist is provided externally, and the default whitelist is loaded from the whitelist.yaml shipped with Whitewash. The default is the most strict (for example, it does not allow cross-site links to images in IMG tags) and can be considered safe for all uses.

tags | tool, xss, ruby
systems | unix
SHA-256 | 48b1ad0f0b8e17c97223e2272e12cd11873d14beb0aabe0425706a6b4379c4c5
Typsoft FTP Server 1.10 Denial Of Service
Posted Feb 7, 2012
Authored by Balazs Makany

Three proof of concept exploits that demonstrate denial of service vulnerabilities in Typsoft FTP server version 1.10.

tags | exploit, denial of service, vulnerability, proof of concept
SHA-256 | 39c99d47531eaa98f86c5e8df806c2b5a81af47e943510211088a1d4b5c0b518
Flyspray 0.9.9.6 Cross Site Request Forgery
Posted Feb 7, 2012
Authored by Vaibhav Gupta

Flyspray version 0.9.9.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 6bb9446d5ee83df46c0389cbc2edccf6f84e48744673788fb46e170bec39b3eb
Ananta Gazelle CMS SQL Injection
Posted Feb 7, 2012
Authored by hackme

Ananta Gazelle CMS suffers from an update statement remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 294e9941e6d46b62cc1e27e608f4bdb8c963b5dfb5043917c560640e4397840f
PS Design Web Site SQL Injection
Posted Feb 7, 2012
Authored by KatiLhacker

PS Design Web Site suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | f3f39c6f67410fd9b86345ae06beafbf6ddd171613974bd8c1042efa8ecca8a1
Axiatel.com Cross Site Scripting
Posted Feb 7, 2012
Authored by Atmon3r

Axiatel.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 04c8384ba86d52ccca8aaf46585b564cfc8a2659d80e5ee8ed3190cd41a703fb
Secunia Security Advisory 47900
Posted Feb 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges, by malicious, local users in a guest virtual machine to gain escalated privileges, and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, suse
SHA-256 | 21fbc905bd79a4e601a1ba2fa1b0e907a6b7dac71ac15b0f513fccc25cb76503
Secunia Security Advisory 47913
Posted Feb 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for tomcat6. This fixes multiple weaknesses and a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, suse
SHA-256 | 0101309c5bc1b5ba8e155ef2a716c557cbd996ac2bfdfde28a84f3d464693794
Secunia Security Advisory 47871
Posted Feb 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Snort Report, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 02d2265b061755acafdc404dc5df75626bc2ae70dc753e0529104e2fce916e19
Secunia Security Advisory 47874
Posted Feb 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Tube Ace, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | c8fda48a7353ea59a174c87b3fae62cf8dfb2794eca405bf88fbcdebf42da219
Page 1 of 2
Back12Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    18 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    12 Files
  • 29
    May 29th
    31 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close