Showing 1 - 15 of 15

Files Date: 2013-09-03

Fog Dragonfly 0.8.2 Command Injection: Posted Sep 3, 2013; Authored by Larry W. Cashdollar; Ruby Gem Fog Dragonfly version 0.8.2 suffers from a remote command injection vulnerability.; tags | advisory, remote, ruby; advisories | CVE-2013-5671; SHA-256 | ab3491f98a2bc70682b26926ea96e1f3e4c3c966ee732993fde62136ed2c27ca; Download | Favorite | View

Mikrotik RouterOS 5.x / 6.x SSHd Heap Corruption: Posted Sep 3, 2013; Authored by Kingcope; Mikrotik RouterOS versions 5.x and 6.x suffer from an sshd remote pre-authentication heap corruption vulnerability. Included is a 50 meg Mikrotik package that includes all research items.; tags | exploit, remote; systems | linux; SHA-256 | 74610d5d75efcfb4a984b83085a1bd9e64779bd5d156fb3a81b92d7bb3439349; Download | Favorite | View

Oracle Java lookUpByteBI Buffer Overflow: Posted Sep 3, 2013; Authored by GuHe; Oracle Java lookUpByteBI function heap buffer overflow proof of concept exploit.; tags | exploit, java, overflow, proof of concept; systems | linux; advisories | CVE-2013-2470, OSVDB-94356; SHA-256 | 4923185e9a0717f0746ed0226cc0e0b1346fbee72009a8f231027b831cc2ebd7; Download | Favorite | View

Cetelem Online Bank Cross Site Scripting / Clickjacking: Posted Sep 3, 2013; Authored by Juan Carlos Garcia; Cetelem Online bank suffers from cross site scripting and clickjacking vulnerabilities. The vendor had not responded to the researcher after multiple attempts to reach them. The CSIRT team for the bank notified Packet Storm on 10/14/2013 that the issues have been remediated.; tags | exploit, vulnerability, xss; SHA-256 | 725a5580019aaa28e98f7d7843da1fbb140cb6edd882ae4285924205b58a8f7d; Download | Favorite | View

PotPlayer 1.5.39036 Proof Of Concept: Posted Sep 3, 2013; Authored by ariarat; PotPlayer version 1.5.39036 crash proof of concept exploit that generates a malicious .wav file.; tags | exploit, denial of service, proof of concept; SHA-256 | 096862c5968b10e54c29d3d5546d41797202268377d846c4c3b694c8d005bf6d; Download | Favorite | View

WordPress NextGen Smooth Gallery Cross Site Scripting: Posted Sep 3, 2013; Authored by IeDb; WordPress NextGen Smooth Gallery plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.; tags | exploit, xss; SHA-256 | 5c86af5619cefd28f023609910e7561145819334568c587fa4a24f9ae5d0548b; Download | Favorite | View

PayPal Padding Oracle Flaw: Posted Sep 3, 2013; Authored by Timothy D. Morgan | Site vsecurity.com; The main PayPal web site sets a cookie named "aksession" which contains a blob of base64-encoded ciphertext. This ciphertext is encrypted using a 64-bit block cipher in CBC mode and does not have any other integrity protection. Naturally, this means the aksession cookie is vulnerable to a padding oracle attack allowing full decryption and forgery.; tags | advisory, web; SHA-256 | ba96e4f85c1954558a6465548df5a7c14c4b67362f6c526a4c2c191b176d6879; Download | Favorite | View

CNZZ CMS Cross Site Scripting / SQL Injection: Posted Sep 3, 2013; Authored by Hossein Hezami; CNZZ CMS suffers from multiple cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | 96a556480ad5bf893c3a382a233686d92f8776500cae27dcf790cef2512abb99; Download | Favorite | View

Green Browser 6.4.0515 Heap Overflow: Posted Sep 3, 2013; Authored by Asesino04; Green Browser version 6.4.0515 suffers from a heap overflow vulnerability.; tags | exploit, overflow; SHA-256 | ad610b2f17cd397e0c90df2056ebf91d152b2465636cf5dfb701762ae957c190; Download | Favorite | View

Rnet eShop Cross Site Scripting: Posted Sep 3, 2013; Authored by Ashiyane Digital Security Team; Sites powered by Rnet eShop suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.; tags | exploit, xss; SHA-256 | 26f57a3452779788ae6639c5c91d689769f4f144df2809d9eca422b06b214af3; Download | Favorite | View

dBlog CMS SQL Injection: Posted Sep 3, 2013; Authored by Ashiyane Digital Security Team; dBlog CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.; tags | exploit, remote, sql injection; SHA-256 | cdb07830744acaeac09426c4c60a99946e52ce5118dff9873876f15b0b06baf0; Download | Favorite | View

Flo CMS SQL Injection: Posted Sep 3, 2013; Authored by Ashiyane Digital Security Team; Flo CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.; tags | exploit, remote, sql injection; SHA-256 | 32868950fc0128288eeef74f12c3f6691e76fabac2cc45924689b6a3db49e268; Download | Favorite | View

Webtimizer SQL Injection: Posted Sep 3, 2013; Authored by Ashiyane Digital Security Team; Sites powered by Webtimizer suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.; tags | exploit, remote, sql injection; SHA-256 | 602eeae979d136de5207f086117102ea2c3246d1afee821f4fce57d238bca93e; Download | Favorite | View

Ox Design Cross Site Scripting / SQL Injection: Posted Sep 3, 2013; Authored by Hossein Hezami; Ox Design suffers from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | e9998a9589f707daaf60f89c51f97bedca1fdbffebd43e67918ad1b0e60542f6; Download | Favorite | View

PK-CMS SQL Injection: Posted Sep 3, 2013; Authored by Ashiyane Digital Security Team; PK-CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.; tags | exploit, remote, sql injection; SHA-256 | b035e19941e05d08caef3ea0aa4b46f7dfbbd6f5a8fd3924d823f22a3f213f29; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days