Exploit the possiblities
Showing 1 - 25 of 396 RSS Feed

Files Date: 2013-12-01 to 2013-12-31

CMS Afroditi 1.0 Blind SQL Injection
Posted Dec 30, 2013
Authored by Project Zero Labs | Site projectzero.gr

CMS Afroditi version 1.0 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e0aa2f8287a21189dfdc7cb7d8373a50
ACal 2.2.6 LFI / XSS / Authentication Bypass
Posted Dec 30, 2013
Authored by TUNISIAN CYBER

ACal version 2.2.6 suffers from authentication bypass, cross site scripting, and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
MD5 | 9973d0f62ec6ffced615aff68ee1a4e6
Yersinia 0.7.3
Posted Dec 30, 2013
Authored by David Barroso, Alfredo Andres Omella | Site yersinia.net

Yersinia implements several attacks for the following protocols: Spanning Tree (STP), Cisco Discovery (CDP), Dynamic Host Configuration (DHCP), Hot Standby Router (HSRP), Dynamic Trunking (DTP), 802.1q and VLAN Trunking (VTP), helping a pen-tester with different tasks.

Changes: Various updates.
tags | tool, protocol
systems | cisco, unix
MD5 | 53ca82d6cb463810b6a205d0e2362784
Ophcrack 3.6 Local Buffer Overflow
Posted Dec 29, 2013
Authored by Osanda Malith

Ophcrack version 3.6 local stack based buffer overflow exploit. Works on Windows 8 64-bit.

tags | exploit, overflow, local
systems | windows
MD5 | ff9a6b400e376839f2c51664bb863489
Hackers 2 Hackers Conference 11th Edition Call For Papers
Posted Dec 29, 2013
Site h2hc.com.br

The call for papers for H2HC 11th edition is now open. H2HC is a hacker conference taking place in Sao Paulo, Brazil, from October 18th through the 19th, 2014.

tags | paper, conference
MD5 | 9b4cea2344d00eefdc9c37df42c99426
VM86 Syscall Kernel Panic
Posted Dec 29, 2013
Authored by halfdog

This program maps memory pages to the low range above 64k to avoid conflicts with /proc/sys/vm/mmap_min_addr and then triggers the virtual-86 mode. Due to unhandled FPU errors, task switch will fail afterwards, kernel will attempt to kill other tasks when switching.

tags | exploit, kernel
MD5 | 9075820ac0281d8a25b589a6ca7c9d0a
Debian Security Advisory 2829-1
Posted Dec 29, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2829-1 - Multiple vulnerabilities have been found in the HP Linux Printing and in PackageKit and the insecure hp-upgrade service has been disabled.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-0200, CVE-2013-4325, CVE-2013-6402, CVE-2013-6427
MD5 | 6caf6e5a66d89f4c313dbee4aa8cce43
NoticeBoardPro 1.x SQL Injection
Posted Dec 29, 2013
Authored by TUNISIAN CYBER

NoticeBoardPro version 1.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d6aeb3af4626ff02eac06b77e2c14b5d
THC-IPv6 Attack Tool 2.5
Posted Dec 28, 2013
Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: 30C3 release.
tags | tool, protocol
systems | unix
MD5 | 726cedf423c1058f9d7d02957965bceb
PhotoStore 4.0.7. Shell Upload
Posted Dec 28, 2013
Authored by Gabby | Site metasploit.com

This Metasploit module exploits a vulnerability found in PhotoStore version 4.0.7. By abusing the uploadify.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
MD5 | 3b9c8d3dfb4138471a6d69832b7ab3d0
Debian Security Advisory 2828-1
Posted Dec 28, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2828-1 - Multiple vulnerabilities have been discovered in Drupal, a fully-featured request forgery protection, insecure pseudo random number generation, code execution and incorrect security token validation.

tags | advisory, vulnerability, code execution
systems | linux, debian
advisories | CVE-2013-6385, CVE-2013-6386
MD5 | b9051b551387ee554a124f54c5772677
Gentoo Linux Security Advisory 201312-16
Posted Dec 28, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201312-16 - A vulnerability in Xfig could result in execution of arbitrary code or Denial of Service. Versions less than 3.2.5b-r1 are affected.

tags | advisory, denial of service, arbitrary
systems | linux, gentoo
advisories | CVE-2010-4262
MD5 | aa2d76566e3c3a6916d0cd7e15527b2c
Twenty Reasons Why Mass Surveillance Is Dangerous
Posted Dec 28, 2013
Authored by cwade12c

This is a brief write-up called Twenty Reasons Why Mass Surveillance Is Dangerous.

tags | paper
MD5 | 8474614a14d84a935f76902e7e30bc11
FireHOL 1.297
Posted Dec 27, 2013
Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Removed adsense from offline manual pages. Fixed permissions on a couple of examples.
tags | tool, spoof, firewall
systems | linux, unix
MD5 | 1a04fe45e6f8bfae8eb6fc0b2effa79b
Snapchat Crypto Flaws
Posted Dec 27, 2013
Authored by GibsonSec | Site gibsonsec.org

As prior disclosure to Snapchat has not resulted in fixes, the researchers at Gibson Security have released exploits and documentation on the previously undocumented API.

tags | exploit
MD5 | be4e0243b4929fcb42b3d1f55b4bb4bb
ipset_list 2.9.1
Posted Dec 27, 2013
Authored by AllKind | Site sourceforge.net

ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.

Changes: This release fixes a small bug in the help synopsis. The -Oi option was not shown for the -i option.
tags | tool, firewall
systems | linux, unix
MD5 | 7525e8d4a1f39b586743e8e4b925fc88
IBM Web Content Manager XPath Injection
Posted Dec 27, 2013
Authored by Alexander Antukh, S. Temnikov | Site sec-consult.com

IBM Web Content Manager versions 6.x, 7.x, and 8.x suffer from blind XPath injection attacks. This allows an attacker to get current application configuration, enumerate nodes, and extract other valuable information from vulnerable installations of Web Content Manager.

tags | exploit, web
advisories | CVE-2013-6735
MD5 | 69f57516ca8afbdbf5d510389ecf27e0
Red Hat CloudForms Management Engine 5.1 miq_policy/explorer SQL Injection
Posted Dec 27, 2013
Authored by Ramon de C Valle | Site metasploit.com

This Metasploit module exploits a SQL injection vulnerability in the "explorer" action of "miq_policy" controller of the Red Hat CloudForms Management Engine 5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier) by changing the password of the target account to the specified password.

tags | exploit, sql injection
systems | linux, redhat
advisories | CVE-2013-2050
MD5 | 44e41933fe930ba06179d9c0f24a5cbb
Safari Phishing Alert Bypass
Posted Dec 27, 2013
Authored by WooYun

The PhishingAlert of Safari stops functioning in Windows systems if an abnormal URL is being used.

tags | exploit
systems | windows
MD5 | 5a7d4bcf357ebda5a988595a3a99f082
AWS Elastic Beanstalk Code Execution
Posted Dec 27, 2013
Authored by WooYun

Amazon Web Services Elastic Beanstalk suffers from a code execution vulnerability.

tags | exploit, web, code execution
MD5 | a2bb4856b5be18ad991cfdf0ff6428b7
PHPSurveyor Shell Upload
Posted Dec 27, 2013
Authored by G4eL

PHPSurveyor suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | bb761d4b53cde626a0af2f5ee2e1c7e4
Ofilter Player 1.1 Integer Division By Zero
Posted Dec 27, 2013
Authored by Osanda Malith

Ofilter Player version 1.1 integer division by zero exploit that creates a malicious .wav file.

tags | exploit
MD5 | 50383efac54fdf46a60645be15560592
RealNetworks RealPlayer Version Attribute Buffer Overflow
Posted Dec 26, 2013
Authored by Gabor Seljan | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a remote attacker could execute arbitrary code on the system or cause the application to crash.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2013-6877
MD5 | fff49d065cfe7b602585586a45146ba4
WordPress Ad-minister 0.6 Cross Site Scripting
Posted Dec 26, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Ad-minister plugin version 0.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-6993
MD5 | dfde7cc849d3cf994252a41a9ac7f0e4
AskApache 3.0 Cross Site Request Forgery
Posted Dec 26, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

AskApache Firefox Adsense WordPress plugin version 3.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2013-6992
MD5 | f7e786267dda0364e763c5df446f887e
Page 1 of 16
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close