exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2013-10-18

WordPress WooCommerce 2.0.17 Cross Site Scripting
Posted Oct 18, 2013
Authored by LiquidWorm | Site zeroscience.mk

WordPress WooCommerce plugin version 2.0.17 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 628ac46d8f1244fad6d04ac0e5152e7eb4159026a41ee343f38ebfe0c886e422
VMware Security Advisory 2013-0012
Posted Oct 18, 2013
Authored by VMware | Site vmware.com

VMware Security Advisory 2013-0012 - VMware has updated vCenter Server, vCenter Server Appliance (vCSA), vSphere Update Manager (VUM), ESXi and ESX to address multiple security vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2013-5970, CVE-2013-5971
SHA-256 | f12f7718cd809d06b660ac50220f6d10a650005791eca8e30c22bada4c7bb911
Web-Spa 0.5
Posted Oct 18, 2013
Authored by Subere

Web-Spa is a Java web knocking tool for sending a single HTTP/S request to your web server in order to authorize the execution of a premeditated operating system (O/S) command on it.

tags | tool, java, web, rootkit
systems | unix
SHA-256 | a947eaea9219435522452e5998b2815a6bc802c2c9c0ccc0d1d38e524c6b022e
Debian Security Advisory 2780-1
Posted Oct 18, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2780-1 - This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component.

tags | advisory
systems | linux, debian
advisories | CVE-2012-2750, CVE-2013-3839
SHA-256 | 997866fcbe06e5a0d3d671cad421d631798c370aa8d68534717d905391eee5f0
Mandriva Linux Security Advisory 2013-256
Posted Oct 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-256 - Apache mod_fcgid before version 2.3.9 fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2013-4365
SHA-256 | d20d575cf387a12cb1f1fe8d514bb5a5a16afb37a8356c7288310330372f7c28
Mandriva Linux Security Advisory 2013-255
Posted Oct 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-255 - A security flaw was found in the way Clutter, an open source software library for creating rich graphical user interfaces, used to manage translation of hierarchy events in certain circumstances. Physically proximate attackers could use this flaw for example to obtain unauthorized access to gnome-shell session right after system resume.

tags | advisory, shell
systems | linux, mandriva
advisories | CVE-2013-2190
SHA-256 | 318c161bad22c9578dac995bb0cc50a71769a4b20ec80a826c602730c6f8d7cc
Mandriva Linux Security Advisory 2013-254
Posted Oct 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-254 - Remotely exploitable buffer overflow in ospf_api.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2. Note: We have worked around this vulnerability by disabling the ospf_api and ospfclient features, which did not provide useful functionality.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2013-2236
SHA-256 | 0eb2cd82b2ff838ef4aa7c6c1c69bfa24d50a5ce038cbd73a1f91cf1c12c3ccd
Mandriva Linux Security Advisory 2013-252
Posted Oct 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-252 - A non-privileged user who was able to run jobs or login to a node which ran pbs_server or pbs_mom, could submit arbitrary jobs to a pbs_mom daemon to queue and run the job, which would run as root.

tags | advisory, arbitrary, root
systems | linux, mandriva
advisories | CVE-2013-4319
SHA-256 | 87c892b0b1b0a63846d8440441847718da90b4e6dd6559a8e5add5f37afae24d
Mandriva Linux Security Advisory 2013-251
Posted Oct 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-251 - A buffer overflow vulnerability has been discovered in Aircrack-ng. A remote attacker could entice a user to open a specially crafted dump file using Aircrack-ng, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-1159
SHA-256 | 9f962c6db1691c45e7d78d3ba814af35373f15b3e5781028fde68b9a4696daab
Mandriva Linux Security Advisory 2013-253
Posted Oct 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-253 - Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2013-4397
SHA-256 | 0a2884cd915d053154e7234d410fd1981f2e9addf730ab07f929b35a77ceddd2
Bugzilla Cross Site Request Forgery / Cross Site Scripting
Posted Oct 18, 2013
Authored by Frederic Buclin, Mateusz Goik, David Lawrence | Site bugzilla.org

Bugzilla Security Advisory - Multiple cross site scripting and cross site request forgery vulnerabilities have been discovered and addressed in various versions of Bugzilla.

tags | advisory, vulnerability, xss, csrf
advisories | CVE-2013-1733, CVE-2013-1734, CVE-2013-1742, CVE-2013-1743, CVE-2012-4189
SHA-256 | 943bffbd4c59491956254e396c5dddc10c25b0b775de07d14bd90dac0cbf7118
Elite Graphix ElitCMS 1.01 / PRO Cross Site Scripting / SQL Injection
Posted Oct 18, 2013
Authored by Katharina S.L., Vulnerability Laboratory | Site vulnerability-lab.com

Elite Graphix ElitCMS versions 1.01 and PRO suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 29a67e3663b1e3c4862f2246b9ede7002b3897ace31e2a0b390b8b8838c2db15
Bluetooth U 1.2.0 Directory Traversal
Posted Oct 18, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Bluetooth U version 1.2.0 suffers from a directory traversal vulnerability.

tags | exploit
SHA-256 | ca14296374929c9f6c88571a95a5740d0e443d519a9a0c903df41f3c2bcc8c26
WebTester 5.x Command Execution
Posted Oct 18, 2013
Authored by Brendan Coles | Site metasploit.com

This Metasploit module exploits a command execution vulnerability in WebTester version 5.x. The 'install2.php' file allows unauthenticated users to execute arbitrary commands in the 'cpusername', 'cppassword' and 'cpdomain' parameters.

tags | exploit, arbitrary, php
SHA-256 | dfea5435bcc036d47d5c594f95500152ab31c0d3ee607b8a70a2b6f399effb39
LinkedIn Join Group Cross Site Request Forgery
Posted Oct 18, 2013
Authored by Eduardo Garcia Melia | Site isecauditors.com

LinkedIn suffered from a cross site request forgery vulnerability in the Join Group functionality.

tags | exploit, csrf
SHA-256 | 442cba9a0c6a978e69874ca3310a79b3dd238196b467f3e2045742bf6b7bdf18
Zikula CMS 1.3.5 Cross Site Scripting
Posted Oct 18, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Zikula CMS version 1.3.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 69f709f535989b330975f9e777157ccbbe4a049d89e1926d05079fa41e57d717
HWK Wireless Auditing Tool 0.4
Posted Oct 18, 2013
Authored by atzeton | Site nullsecurity.net

hwk is an easy-to-use wireless authentication and de-authentication tool. Furthermore, it also supports probe response fuzzing, beacon injection flooding, antenna alignment and various injection testing modes. Information gathering is selected by default and shows the incoming traffic indicating the packet types.

Changes: Various binaries replaced. Introduced setcap capabilities.
tags | tool, wireless
systems | unix
SHA-256 | 599d4f7ecaaefe8226beca944bc48e8459be941747089d6a88a9ff0beee0cb68
Apache Struts 2.3.15.3 Released
Posted Oct 18, 2013
Site struts.apache.org

Apache has announced the release of the Struts 2.3.15.3 framework which addresses multiple security issues including a broken access control.

tags | advisory
SHA-256 | 298a85c71d878d7cffa115e7f986c8ab93495c936ad88dded1f9d2a6aa07d358
Adaudit Plus Online Demo CSRF / Poor Password Passing
Posted Oct 18, 2013
Authored by Juan Carlos Garcia

Adaudit Plus Online Demo suffers from multiple vulnerabilities including cross site request forgery, directory listing, and passwords being passed via a GET method.

tags | exploit, vulnerability, csrf
SHA-256 | 65032b7037f6db49f90a134d34c24c4a670cbee2a380df40c787cac1f3f32132
Admanager Plus Online Demo XSS / CSRF / Clickjacking
Posted Oct 18, 2013
Authored by Juan Carlos Garcia

Admanager Plus Online Demo suffers from cross site request forgery, directory listing, clickjacking, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | ef8980f8307fd85e258505ff90f13dbeb382094a1fe35e49f7d82febddc5223e
Quick Paypal Payments Cross Site Scripting
Posted Oct 18, 2013
Authored by Zy0d0x | Site nullsecurity.net

Quick Paypal Payments, the plugin from quick-plugins.com, suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 37a5f2452b362ab7282d84c4e598396e18994f0a1811c1715518b59a076d9641
PHP Point Of Sale 10.x / 11.x / 12.x Remote Code Execution
Posted Oct 18, 2013
Authored by Gabby

PHP Point Of Sale versions 10.x, 11.x, and 12.x remote code execution exploit.

tags | exploit, remote, php, code execution
SHA-256 | 2688acc1f96e93d7799ccb3540cbe12f48da9bc32d767bb22ca9db0d45a74255
Drupal Simplenews 6.x / 7.x Cross Site Scripting
Posted Oct 18, 2013
Authored by Pat Redmond | Site drupal.org

Drupal Simplenews third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 9e085ec5d3fff92fc140e15a8768710405e8c5e098decc2b36b9fa716fb4ecf2
AIEngine 0.1
Posted Oct 18, 2013
Authored by Luis Campo Giralte | Site bitbucket.org

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

tags | tool
systems | unix
SHA-256 | 86c4d7e1eaf85ab6c6574e5dcda97a1858f09db50694774a7b9bbda97f925c82
HP Security Bulletin HPSBPV02918 2
Posted Oct 18, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBPV02918 2 - Potential security vulnerabilities have been identified with HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM). These vulnerabilities could be exploited remotely to allow SQL injection, remote code execution and session reuse. Revision 2 of this advisory.

tags | advisory, remote, vulnerability, code execution, sql injection
advisories | CVE-2005-2572, CVE-2013-4809, CVE-2013-4810, CVE-2013-4811, CVE-2013-4812, CVE-2013-4813
SHA-256 | 81d8b715891741e72a757263197f7d75c3d384c5a407cffd96c491d57658486f
Page 1 of 2
Back12Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    11 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close