what you don't know can hurt you
Showing 1 - 25 of 31 RSS Feed

Files Date: 2013-10-18

WordPress WooCommerce 2.0.17 Cross Site Scripting
Posted Oct 18, 2013
Authored by LiquidWorm | Site zeroscience.mk

WordPress WooCommerce plugin version 2.0.17 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ef69a02041ba8bc7a3d11e1ab65a78fe
VMware Security Advisory 2013-0012
Posted Oct 18, 2013
Authored by VMware | Site vmware.com

VMware Security Advisory 2013-0012 - VMware has updated vCenter Server, vCenter Server Appliance (vCSA), vSphere Update Manager (VUM), ESXi and ESX to address multiple security vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2013-5970, CVE-2013-5971
MD5 | 51c0ba1233c2abd35c5235d9c032e743
Web-Spa 0.5
Posted Oct 18, 2013
Authored by Subere

Web-Spa is a Java web knocking tool for sending a single HTTP/S request to your web server in order to authorize the execution of a premeditated operating system (O/S) command on it.

tags | tool, java, web, rootkit
systems | unix
MD5 | a2bf3ee08a955e3c578e218f5a1f5034
Debian Security Advisory 2780-1
Posted Oct 18, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2780-1 - This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component.

tags | advisory
systems | linux, debian
advisories | CVE-2012-2750, CVE-2013-3839
MD5 | 02daed3807333eabe033f3d33038b231
Mandriva Linux Security Advisory 2013-256
Posted Oct 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-256 - Apache mod_fcgid before version 2.3.9 fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2013-4365
MD5 | f3fcb34a28acf29468cfa0440ef186a6
Mandriva Linux Security Advisory 2013-255
Posted Oct 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-255 - A security flaw was found in the way Clutter, an open source software library for creating rich graphical user interfaces, used to manage translation of hierarchy events in certain circumstances. Physically proximate attackers could use this flaw for example to obtain unauthorized access to gnome-shell session right after system resume.

tags | advisory, shell
systems | linux, mandriva
advisories | CVE-2013-2190
MD5 | 59185307643f0f5885125255ba9eb797
Mandriva Linux Security Advisory 2013-254
Posted Oct 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-254 - Remotely exploitable buffer overflow in ospf_api.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2. Note: We have worked around this vulnerability by disabling the ospf_api and ospfclient features, which did not provide useful functionality.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2013-2236
MD5 | 0bc06d10d58d6d1628744d4afa4e55ef
Mandriva Linux Security Advisory 2013-252
Posted Oct 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-252 - A non-privileged user who was able to run jobs or login to a node which ran pbs_server or pbs_mom, could submit arbitrary jobs to a pbs_mom daemon to queue and run the job, which would run as root.

tags | advisory, arbitrary, root
systems | linux, mandriva
advisories | CVE-2013-4319
MD5 | a56556c7c90b725b4ea6c00b201225ee
Mandriva Linux Security Advisory 2013-251
Posted Oct 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-251 - A buffer overflow vulnerability has been discovered in Aircrack-ng. A remote attacker could entice a user to open a specially crafted dump file using Aircrack-ng, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-1159
MD5 | 6ecce3ef269061bb9d3e6e7fe8034a90
Mandriva Linux Security Advisory 2013-253
Posted Oct 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-253 - Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2013-4397
MD5 | aefeecd1461c353a5155c7f124777a67
Bugzilla Cross Site Request Forgery / Cross Site Scripting
Posted Oct 18, 2013
Authored by Frederic Buclin, Mateusz Goik, David Lawrence | Site bugzilla.org

Bugzilla Security Advisory - Multiple cross site scripting and cross site request forgery vulnerabilities have been discovered and addressed in various versions of Bugzilla.

tags | advisory, vulnerability, xss, csrf
advisories | CVE-2013-1733, CVE-2013-1734, CVE-2013-1742, CVE-2013-1743, CVE-2012-4189
MD5 | bb3dbfca22221f11ac76979755c3e0f9
Elite Graphix ElitCMS 1.01 / PRO Cross Site Scripting / SQL Injection
Posted Oct 18, 2013
Authored by Katharina S.L. | Site vulnerability-lab.com

Elite Graphix ElitCMS versions 1.01 and PRO suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 5e7e16f8a14624da000f3dc473762f9a
Bluetooth U 1.2.0 Directory Traversal
Posted Oct 18, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Bluetooth U version 1.2.0 suffers from a directory traversal vulnerability.

tags | exploit
MD5 | b9f478a15c2bec417bf76d2299464098
WebTester 5.x Command Execution
Posted Oct 18, 2013
Authored by Brendan Coles | Site metasploit.com

This Metasploit module exploits a command execution vulnerability in WebTester version 5.x. The 'install2.php' file allows unauthenticated users to execute arbitrary commands in the 'cpusername', 'cppassword' and 'cpdomain' parameters.

tags | exploit, arbitrary, php
MD5 | 5346027be18c609408f729a1a14f0e25
LinkedIn Join Group Cross Site Request Forgery
Posted Oct 18, 2013
Authored by Eduardo Garcia Melia | Site isecauditors.com

LinkedIn suffered from a cross site request forgery vulnerability in the Join Group functionality.

tags | exploit, csrf
MD5 | e0a75d4e00fbc57584483b2ed19c0887
Zikula CMS 1.3.5 Cross Site Scripting
Posted Oct 18, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Zikula CMS version 1.3.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 99b69ef2c64cc8a7cca5e67cc95ff609
HWK Wireless Auditing Tool 0.4
Posted Oct 18, 2013
Authored by atzeton | Site nullsecurity.net

hwk is an easy-to-use wireless authentication and de-authentication tool. Furthermore, it also supports probe response fuzzing, beacon injection flooding, antenna alignment and various injection testing modes. Information gathering is selected by default and shows the incoming traffic indicating the packet types.

Changes: Various binaries replaced. Introduced setcap capabilities.
tags | tool, wireless
systems | unix
MD5 | e6966ea245e44d2ba33e57da24e1c00c
Apache Struts 2.3.15.3 Released
Posted Oct 18, 2013
Site struts.apache.org

Apache has announced the release of the Struts 2.3.15.3 framework which addresses multiple security issues including a broken access control.

tags | advisory
MD5 | 149e0dc307b59f5d4555fb2a5efcd54e
Adaudit Plus Online Demo CSRF / Poor Password Passing
Posted Oct 18, 2013
Authored by Juan Carlos Garcia

Adaudit Plus Online Demo suffers from multiple vulnerabilities including cross site request forgery, directory listing, and passwords being passed via a GET method.

tags | exploit, vulnerability, csrf
MD5 | cc4e518fbabe9f32665fb04b3c60e57f
Admanager Plus Online Demo XSS / CSRF / Clickjacking
Posted Oct 18, 2013
Authored by Juan Carlos Garcia

Admanager Plus Online Demo suffers from cross site request forgery, directory listing, clickjacking, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 10a0e1da9187b18dd7f141c7e284365c
Quick Paypal Payments Cross Site Scripting
Posted Oct 18, 2013
Authored by Zy0d0x | Site nullsecurity.net

Quick Paypal Payments, the plugin from quick-plugins.com, suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 45a892c6ff55acd5d90d805df8701518
PHP Point Of Sale 10.x / 11.x / 12.x Remote Code Execution
Posted Oct 18, 2013
Authored by Gabby

PHP Point Of Sale versions 10.x, 11.x, and 12.x remote code execution exploit.

tags | exploit, remote, php, code execution
MD5 | 189b59c7369ae4ec1267ad45aac0319b
Drupal Simplenews 6.x / 7.x Cross Site Scripting
Posted Oct 18, 2013
Authored by Pat Redmond | Site drupal.org

Drupal Simplenews third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | af71e7cd7a0b0a6698d1ea8fda318417
AIEngine 0.1
Posted Oct 18, 2013
Authored by Luis Campo Giralte | Site bitbucket.org

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

tags | tool
systems | unix
MD5 | e1d4522e3f70b4cf9f842171fb455193
HP Security Bulletin HPSBPV02918 2
Posted Oct 18, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBPV02918 2 - Potential security vulnerabilities have been identified with HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM). These vulnerabilities could be exploited remotely to allow SQL injection, remote code execution and session reuse. Revision 2 of this advisory.

tags | advisory, remote, vulnerability, code execution, sql injection
advisories | CVE-2005-2572, CVE-2013-4809, CVE-2013-4810, CVE-2013-4811, CVE-2013-4812, CVE-2013-4813
MD5 | 69eea8c03b85cb71b78f204d9f8ca9b4
Page 1 of 2
Back12Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    3 Files
  • 18
    Nov 18th
    22 Files
  • 19
    Nov 19th
    17 Files
  • 20
    Nov 20th
    15 Files
  • 21
    Nov 21st
    16 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close