exploit the possibilities
Showing 1 - 20 of 20 RSS Feed

Files Date: 2012-11-26

Seringa SQL Injection Framework
Posted Nov 26, 2012
Authored by Paraschiv Andrei | Site github.com

Seringa (Romanian for seringe) is an SQL injection framework featuring high customizability and a user-friendly interface. It is completely open source. Uses the .NET 4.0 framework and Windows Presentation Foundation (WPF) for the GUI. With regard to design it utilizes the Strategy Pattern to distinguish between various SQLi strategies whilst storing other relevant data such as exploits, payloads and patterns in xml files so that the framework can be easily customized from the outside (a manifestation of the Open-Closed Principle).

tags | tool, scanner, sql injection
systems | windows, unix
MD5 | 545e020fb9d276b26308266239c010c0
Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
Posted Nov 26, 2012
Authored by juan vazquez, Arezou Hosseinzad-Amirkhizi | Site metasploit.com

This Metasploit module exploits a vulnerability found in Apple QuickTime. When handling a TeXML file, it is possible to trigger a stack-based buffer overflow, and then gain arbitrary code execution under the context of the user. This is due to the QuickTime3GPP.gtx component not handling certain Style subfields properly, as the font-table field, which is used to trigger the overflow in this module. Because of QuickTime restrictions when handling font-table fields, only 0x31-0x39 bytes can be used to overflow, so at the moment DEP/ASLR bypass hasn't been provided. The module has been tested successfully on IE6 and IE7 browsers (Windows XP and Vista).

tags | exploit, overflow, arbitrary, code execution
systems | windows, apple, xp
advisories | CVE-2012-3752, OSVDB-87087
MD5 | 31e34bb93d9758dc9d8c0543503fe151
EMC Smarts Network Configuration Manager Bypass
Posted Nov 26, 2012
Site emc.com

EMC Smarts Network Configuration Manager versions prior to 9.1 suffer from hard-coded encryption key and unauthenticated database connection vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-4615
MD5 | af1580456117dc2868993ff8faf3eb0a
Mozilla Firefox "DocumentViewerImpl" Class Remote Use-After-Free
Posted Nov 26, 2012
Authored by VUPEN, Jordan Gruskovnjak | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error within the "DocumentViewerImpl::Show()" function, which could allow remote attackers to execute arbitrary code via a specially crafted web page.

tags | advisory, remote, web, arbitrary
MD5 | 2f17c9dabd5b77d3d92376f7ab61831b
mcrypt 2.5.8 Stack Based Overflow
Posted Nov 26, 2012
Authored by Tosh

mcrypt versions 2.5.8 and below stack based overflow exploit. Bypasses NX and ASLR protections.

tags | exploit, overflow
advisories | CVE-2012-4409
MD5 | c5923efd56756d5d1cd48e57007e6700
SmartCMS SQL Injection
Posted Nov 26, 2012
Authored by NoGe

SmartCMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3166182b2973659a248fc89fc9dd8fc3
PRADO PHP Framework 3.2.0 File Read
Posted Nov 26, 2012
Authored by LiquidWorm | Site zeroscience.mk

PRADO PHP Framework version 3.2.0 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary, php
MD5 | 5a1eedb2798fcc3247cdf0097f466eab
GNU Transport Layer Security Library 3.1.5
Posted Nov 26, 2012
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release adds support for UCS-2 encoded DNs, improvements to smart card key generation, and a few bugfixes.
tags | protocol, library
MD5 | cd4e5a5382b0e0c76c6cffe30d48bbb6
CVE Checker 3.2
Posted Nov 26, 2012
Authored by Sven Vermeulen | Site cvechecker.sourceforge.net

cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage.

Changes: Reports CVSS scoring when a CVE is potentially applicable to the system. Also fixes some buffer handling code and adds in checks for missing runtime dependencies in the scripts.
tags | tool, vulnerability
systems | unix
MD5 | 6365bfd08d588e7dd3e0e0aa968a16ee
Incomedia WebSite X5 Evolution 9.0.4.1748 XSS / Bypass
Posted Nov 26, 2012
Authored by Akastep

Incomedia WebSite X5 Evolution versions 9.0.4.1748 and below suffer from bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | d8dc0df822539dfc361158e407a42275
WordPress Oberliga SQL Injection
Posted Nov 26, 2012
Authored by Ashiyane Digital Security Team, sil3nt

WordPress Oberliga Theme suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a349c8393ee82075ee230c57dbbe096f
PHP-Nuke 8.2 SQL Injection
Posted Nov 26, 2012
Authored by Ashiyane Digital Security Team

PHP-Nuke version 8.2 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 0bb338200c03a534877b7225a3f6e353
Secunia Security Advisory 51374
Posted Nov 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for icedtea-web. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory, web
systems | linux, suse
MD5 | ca2fd2e26187e36cd432e53cc13ac384
Secunia Security Advisory 51329
Posted Nov 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Tor, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 42252c687f15a23db0f43611be00392f
Secunia Security Advisory 51290
Posted Nov 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Vulnerability lab has reported two vulnerabilities in ManageEngine ServiceDesk Plus, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | 238ae2bc29b5d14aa20245934bedc034
Secunia Security Advisory 51354
Posted Nov 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Julien Cayssol has reported a vulnerability in Synology Photo Station, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | b5d9da68548db03bdb4f1d9e7cbd0e41
Secunia Security Advisory 49987
Posted Nov 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in WibuKey Runtime for Windows, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | windows
MD5 | ba5c2970c9f3e7824f104dd9fab4fcc3
Secunia Security Advisory 51341
Posted Nov 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ingress Security has discovered a vulnerability in jBilling, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | e23c33ae4712abf2db35ce7a1cdba501
Secunia Security Advisory 51299
Posted Nov 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in OpenBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | openbsd
MD5 | 5006362bb7acb6d89cfc277f90b1ecf3
Exploitation Of MS-SQL Servers Explained
Posted Nov 26, 2012
Authored by Agd_Scorp

Whitepaper called Exploitation of MS-SQL Servers Explained. Written in Turkish.

tags | paper
MD5 | 81e182e2e0644d3bd89a704b28302936
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    16 Files
  • 23
    Jan 23rd
    1 Files
  • 24
    Jan 24th
    1 Files
  • 25
    Jan 25th
    36 Files
  • 26
    Jan 26th
    26 Files
  • 27
    Jan 27th
    28 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close