Exploit the possiblities
Showing 1 - 25 of 898 RSS Feed

Files Date: 2012-04-01 to 2012-04-30

Debian Security Advisory 2462-1
Posted Apr 29, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2462-1 - Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2012-0259, CVE-2012-0260, CVE-2012-1185, CVE-2012-1186, CVE-2012-1610, CVE-2012-1798
MD5 | 28f7277a0b451d6eaba7090bbb5fa229
Opial CMS 2.0 XSS / SQL Injection / Shell Upload
Posted Apr 29, 2012
Authored by the_storm | Site vulnerability-lab.com

Opial CMS version 2.0 suffers from cross site scripting, shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
MD5 | acccb552e07ec87ea83457bb160d54e8
Croogo CMS 1.3.4 Cross Site Scripting
Posted Apr 29, 2012
Authored by Chokri Ben Achor | Site vulnerability-lab.com

Croogo CMS version 1.3.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a877ff771f56456dd636a7d89550b659
Soco CMS Local File Inclusion
Posted Apr 29, 2012
Authored by BHG Security Center

Soco CMS suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | c72a0ba13dc3a4dd000ea519c0204506
China Pujiang Government SQL Injection
Posted Apr 29, 2012
Authored by Chokri Ben Achor | Site vulnerability-lab.com

The Chinese Pujiang government suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4aeb1073fd69f453d9ae641e2741a9e3
WordPress Bruteforce Script
Posted Apr 29, 2012
Authored by CorryL

This is a simple bash script for bruteforcing WordPress.

tags | cracker, bash
MD5 | c060acccf6eed5bc7015ba29a2c47f66
Secunia Security Advisory 48991
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the Zingiri Web Shop plugin for WordPress, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, vulnerability, xss
MD5 | b5a73ac632c5575d265c6a38ffc9d854
Secunia Security Advisory 49004
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the nBill component for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 8ed01b67be01a2994397b130bd0faada
Secunia Security Advisory 48663
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a security issue in Quest Toad for Data Analysts, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | bc01ce7a001bf957ed33fe295a4e6cc3
Secunia Security Advisory 48988
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - G13 has discovered two vulnerabilities in PHP Volunteer Management, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, php, vulnerability, xss, sql injection
MD5 | 7d219928faad92df5c9dc02d27ace282
Secunia Security Advisory 48981
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for jetty. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
MD5 | 0c2e4deb319d42af97975663eafb8991
Varzesh3.com Cross Site Scripting
Posted Apr 29, 2012
Authored by l20ot

Varzesh3.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 14d328332a64a80e6ce64fca95817ab5
Phrack Magazine Issue 68
Posted Apr 28, 2012
Authored by phrack | Site phrack.org

Phrack Magazine Issue 68 - Articles include Phrack Prophile on FX, Android Linux Kernel Rootkit, Practical cracking of white-box implementations, and much more.

tags | kernel, magazine
systems | linux, unix
MD5 | 2ef96800298d83ac3b914dc59e2a93e5
CMS GratingPeru S.A.C Cross Site Scripting / SQL Injection
Posted Apr 28, 2012
Authored by the_cyber_nuxbie

CMS GratingPeru S.A.C suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 8d7e011193836bbf70eb6fa57f91cb7b
Actuality Of SMBRelay In Modern Windows Networks
Posted Apr 28, 2012
Authored by Ares

Whitepaper called Actuality of SMBRelay in Modern Windows Networks.

tags | paper
systems | windows
MD5 | 81653f8d5eb1f2a90fee0f43369d9388
MySQLDumper 1.24.4 LFI / XSS / CSRF / Code Execution / Traversal
Posted Apr 27, 2012
Authored by Akastep

MySQLDumper version 1.24.4 suffers from code execution, cross site request forgery, cross site scripting, local file inclusion, and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, code execution, xss, file inclusion, csrf
MD5 | 568b012ba56a46dd489f0b6d555183ff
IPA-IAC.org Cross Site Scripting
Posted Apr 27, 2012
Authored by Atmon3r

IPA-IAC.org suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 399258e614d8d9680fc04cd21c88d067
ClamSAP Libraries 0.9.7.4
Posted Apr 27, 2012
Authored by Markus Strehle | Site clamsap.sourceforge.net

ClamSAP consists of two C shared libraries that link between ClamAV and the Virus Scan Interface (VSI) of SAP (official name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads, for example.

Changes: This release includes an adaption for ClamAV 0.97.4 and support for remote clamd scans.
tags | web, virus
systems | unix
MD5 | 5ce2549f0df4657a60f5a38d17254cab
Mandriva Linux Security Advisory 2012-066
Posted Apr 27, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-066 - Security issues were identified and fixed in Mozilla Firefox and Thunderbird. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found a heap corruption in gfxImageSurface which allows for invalid frees and possible remote code execution. Anne van Kesteren of Opera Software found a multi-octet encoding issue where certain octets will destroy the following octets in the processing of some multibyte character sets. Various other issues were also addressed.

tags | advisory, remote, code execution
systems | linux, mandriva
advisories | CVE-2012-0468, CVE-2012-0467, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0472, CVE-2012-0473, CVE-2012-0474, CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2012-0479
MD5 | 2ded3927a0b08285a7c5a07703752ec9
VMware Security Advisory 2012-0008
Posted Apr 27, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0008 - VMware ESX updates have been created for the ESX Service Console. The ESX Service Console Operating System (COS) kernel is updated which addresses several security issues in the COS kernel. The ESX Console Operating System (COS) libxml2 rpms are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2 and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several security issues. Various other issues have also been addressed.

tags | advisory, kernel, python
advisories | CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3191, CVE-2011-3905, CVE-2011-3919, CVE-2011-4348, CVE-2012-0028
MD5 | 2c100e23d23700d3afbb62cee7820b04
HP Security Bulletin HPSBPV02754 SSRT100803 2
Posted Apr 27, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPV02754 SSRT100803 2 - A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches using a compact flash card which may contain malware content that is a PC trojan executable. The ProCurve switch operating system is not infected with the malware and the content on the compact flash card has no impact on the operation of the switch. Reuse of the compact flash card in a personal computer and manual execution of the malware content could result in a compromise of that system's integrity. Revision 2 of this advisory.

tags | advisory, trojan
advisories | CVE-2012-0133
MD5 | 4d95f4cfc66c0fa4f9c45feaf62536b8
eRealty Shop SQL Injection
Posted Apr 27, 2012
Authored by BHG Security Center

eRealty Shop suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 124cbc28812b9cfb5f098236f63908fe
Mandriva Linux Security Advisory 2012-065
Posted Apr 27, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-065 - The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server. The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c. Insufficient validating of upload name leading to corrupted $_FILES indices. Various other issues have also been addressed.

tags | advisory, remote, web, denial of service, arbitrary, cgi, php, sql injection
systems | linux, mandriva
advisories | CVE-2012-0788, CVE-2012-0807, CVE-2012-0830, CVE-2012-0831, CVE-2012-1172
MD5 | d970a7f09cf0264c29f9c880d7bb0874
Maxxweb CMS Cross Site Scripting
Posted Apr 27, 2012
Authored by Farbod Mahini

Maxxweb CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 761dccbf9cfa507935b359e89aababee
Uiga Personal Portal SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

Uiga Personal Portal suffers from a remote SQL injection vulnerability in index2.php.

tags | exploit, remote, php, sql injection
MD5 | e59c9c4630ed5fbfefbc54cc2684ef83
Page 1 of 36
Back12345Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close