what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-12-13

KikChat Local File Inclusion / Remote Command Execution
Posted Dec 13, 2013
Authored by cr4wl3r

KikChat suffers from local file inclusion and remote command execution vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion
SHA-256 | 0fefc791df94702470f534eb7c319bdf9254a296e5a9505420e52df50b9d42a7
HP Security Bulletin HPSBMU02872 4
Posted Dec 13, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02872 4 - Potential security vulnerabilities have been identified with HP Service Manager and ServiceCenter Web Tier running on Windows. The vulnerabilities could be exploited resulting in remote disclosure of information and cross site scripting (XSS). Revision 4 of this advisory.

tags | advisory, remote, web, vulnerability, xss
systems | windows
advisories | CVE-2012-5222, CVE-2013-2321
SHA-256 | 066d6fe8695d2d8a4bbfa8a9f693830bf962a7cc1beb78daaaa2dfa3da42a94f
HP Security Bulletin HPSBMU02931 3
Posted Dec 13, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02931 3 - Potential security vulnerabilities have been identified with HP Service Manager and ServiceCenter. The vulnerabilities could be exploited to allow injection of arbitrary code, remote disclosure of privileged Information , improper privilege management and cross site scripting (XSS). Note: The Service Manager and ServiceCenter resolutions below include updated Apache Tomcat, OpenSSL, Oracle JRE that address security issues in those components. Revision 3 of this advisory.

tags | advisory, remote, arbitrary, vulnerability, xss
advisories | CVE-2013-4830, CVE-2013-4831, CVE-2013-4832, CVE-2013-4833
SHA-256 | 225979d5d04a764134bd865b1003b73366dc334faa7000e44fd0552806f6ba83
Ditto Forensic FieldStation 2013Oct15a XSS/ CSRF / Command Execution
Posted Dec 13, 2013
Authored by Martin Wundram

Ditto Forensic FieldStation versions 2013Oct15a and below suffer from remote command execution, cross site scripting, cross site request forgery, hard-coded credential, and various other vulnerabilities.

tags | exploit, remote, vulnerability, xss, csrf
SHA-256 | df3e62ea52b2c4c9f389b63ca271b8910f8d98956a4658742ef79cc7af486ddc
Phone Drive Eightythree 4.1.1 XSS / Command Injection / Shell Upload
Posted Dec 13, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Phone Drive Eightythree version 4.1.1 suffers from local file inclusion, command injection, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, file inclusion
SHA-256 | d8fd9d38629a05f4f2d3503fdca9cb59932802bc0b930220465cce85922df7fa
Microsoft PhotoStory CS Cross Site Scripting
Posted Dec 13, 2013
Authored by Muhammad A.S., Vulnerability Laboratory | Site vulnerability-lab.com

Microsoft PhotoStory suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a28bfc6192eee283fc89e1171132bf7f47271fa8391894f76eec1341deb61b3d
Evernote Android Multiple PIN Related Issues
Posted Dec 13, 2013
Authored by Chris John Riley

Evernote for Android suffers from insecure storage of PIN data and bypass of PIN protection vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2013-5112
SHA-256 | d4ec90670f420f077afc1f1d13f17cf6aed8381fff2d28c4df4a6c42bd1b8f2a
Evernote Android Insecure Password Change
Posted Dec 13, 2013
Authored by Chris John Riley

Evernote on Android can have its one-click setup functionality leveraged maliciously to change a user's password without their knowledge.

tags | advisory
advisories | CVE-2013-5116
SHA-256 | ba18b28f54ca2d88cea8523c0e775b385fed288a3a06b92f0fd87c5eef2e2283
Ruby Gem Webbynode 1.0.5.3 Command Injection
Posted Dec 13, 2013
Authored by Larry W. Cashdollar

Ruby Gem Webbynode version 1.0.5.3 suffers from a remote command injection vulnerability.

tags | exploit, remote, ruby
SHA-256 | bfaa7907aba801776aeefc69d46a1d02c5a36c3932a60c392cd07d6e4f7b0d43
Microsoft Yammer Cross Site Scripting
Posted Dec 13, 2013
Authored by Ateeq ur Rehman Khan, Vulnerability Laboratory | Site vulnerability-lab.com

Microsoft Yammer suffered from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | ffa493a522284668c4144c5b4d98ae3cb0b8e667db062ea350d352b646b98b01
FlashCanvas 1.5 Cross Site Scripting
Posted Dec 13, 2013

FlashCanvas version 1.5 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2013-6880
SHA-256 | 32b09c3e5bb416688451249b85a453995d5a71712d85eeaae5d2775bfe17393b
EMC Connectrix Manager 11 / 12 Remote Code Execution
Posted Dec 13, 2013
Site emc.com

EMC Connectrix Manager Converged Network Edition (CMCNE) contains vulnerabilities through the servlets which it uses to transfer different types of files for managing firmware on different types of devices. Using these servlets, remote unauthenticated attackers could read and place files from/on the CMCNE server and execute them. Versions 11.2.1, 12.0.1, and 12.0.3 are affected.

tags | advisory, remote, vulnerability
advisories | CVE-2013-6810
SHA-256 | 7cc357d0906e3c3f63880caee9ef0002c975d0bda594176d1b3fccfd27f4dff7
Ring Jordan SQL Injection
Posted Dec 13, 2013
Authored by Juan Carlos Garcia

Ring Jordan suffers from a remote SQL injection vulnerability in their administrative functionality. The author has tried to contact the vendor and has received no response. The SQL injection issue allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | b0303595796d9f5fd9fd11582864f2c0b8d4f8b08600a13e9711b7fbd093fa52
Telmanik CMS 1.01 Shell Upload
Posted Dec 13, 2013
Authored by JoKeR_StEx

Telmanik CMS version 1.01 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | c56f47cbdbd567480466a838ad2a346f2ad6aba77864ba331f9655d07cbfa208
WordPress WP Realty Cross Site Scripting
Posted Dec 13, 2013
Authored by Ashiyane Digital Security Team

WordPress WP-Realty third party plugin suffers from a cross site scripting vulnerability. Note that these findings house site-specific data.

tags | exploit, xss
SHA-256 | 68e5167100d03041530d425635011c823f93e89895b31c229d47d02523f7c7ee
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close