exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-01-08

Burden 1.8 Privilege Escalation
Posted Jan 8, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

Burden version 1.8 has an authentication flaw that can be exploited by a remote non-authenticated attacker to gain administrative access.

tags | exploit, remote, bypass
advisories | CVE-2013-7137
MD5 | 25908cbf7d53c4b9c800f6494eb970f7
WordPress WP-Members 2.8.9 Cross Site Scripting
Posted Jan 8, 2014
Authored by Stefan Schurtz

WordPress WP-Members plugin version 2.8.9 suffers from persistent and reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 12255caf742a0ad2314a107c7ad0f588
Debian Security Advisory 2839-1
Posted Jan 8, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2839-1 - Multiple vulnerabilities have been found in spice, a SPICE protocol client and server library.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2013-4130, CVE-2013-4282
MD5 | 110938c7bc7c7b0c6d2dc744b871907f
Horizon QCMS 4.0 SQL Injection / Directory Traversal
Posted Jan 8, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

Horizon QCMS version 4.0 suffers from remote SQL injection and directory traversal vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, file inclusion
advisories | CVE-2013-7138, CVE-2013-7139
MD5 | f8932cd64c1502b12a450d38503a096a
Eyou Mail System Remote Code Execution
Posted Jan 8, 2014
Authored by conqu3r.zeng

Eyou Mail System suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 4ccd083b23b5d155d9b47fbec66ed1c4
EZGenerator Cross Site Request Forgery / File Disclosure
Posted Jan 8, 2014
Authored by AtT4CKxT3rR0r1ST

EZGenerator suffers from cross site request forgery and file disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure, csrf
MD5 | 44e1c9125f4ac53d054c480fb484c86d
CSP MySQL User Manager 2.3 SQL Injection
Posted Jan 8, 2014
Authored by Youssef mami

CSP MySQL User Manager version 2.3 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | a70ae5a6180880ee9f8bf6619ddb7256
Built2Go PHP Shopping 1.x Cross Site Request Forgery
Posted Jan 8, 2014
Authored by AtT4CKxT3rR0r1ST

Built2Go PHP Shopping version 1.x suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf
MD5 | 9eeb22f751224a9d6e99c93c0b62f3ff
UAEPD Shopping Script SQL Injection
Posted Jan 8, 2014
Authored by AtT4CKxT3rR0r1ST

UAEPD Shopping Script suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 6b7448ee9a39c237f697b2987dc3d399
Hacking XPath 2.0
Posted Jan 8, 2014
Authored by Sumit Siddharth, Thomas Forbes

This whitepaper details some novel methods of exploiting blind XPath 2.0 injection flaws that can be used to retrieve the whole document being queried (and others on the filesystem) without needing a large number of requests. It also covers exploiting some common XML databases.

tags | paper
MD5 | 0d921a492a387bade60f73947327b34c
DNS Enumerate 1.2.3
Posted Jan 8, 2014
Authored by Filip Waeytens

dnsenum is a perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results. It has been completely revamped.

Changes: Google scraping fixed. Output fixed with latest version of Perl Net::DNS. Wildcard DNS issues fixed. Bind Version detection removed.
tags | tool, scanner, perl
systems | unix
MD5 | 55bbe85fa07d304498a91206efa8f993
Ubuntu Security Notice USN-2078-1
Posted Jan 8, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2078-1 - It was discovered that libXfont incorrectly handled certain malformed BDF fonts. An attacker could use a specially crafted font file to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-6462
MD5 | 2d6e52355471978b80fcf316917c6ef3
Red Hat Security Advisory 2014-0011-01
Posted Jan 8, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0011-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. A buffer overflow flaw was found in the way Ruby parsed floating point numbers from their text representation. If an application using Ruby accepted untrusted input strings and converted them to floating point numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with the privileges of the application.

tags | advisory, overflow, arbitrary, ruby
systems | linux, redhat
advisories | CVE-2013-4164
MD5 | 8b58b32ce7dcc253bf460f6aba37fe0f
Debian Security Advisory 2838-1
Posted Jan 8, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2838-1 - It was discovered that a buffer overflow in the processing of Glyph Bitmap Distribution fonts (BDF) could result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-6462
MD5 | ca4bedc3fcecb220c6defb047df56e05
Debian Security Advisory 2837-1
Posted Jan 8, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2837-1 - Anton Johannson discovered that an invalid TLS handshake package could crash OpenSSL with a NULL pointer dereference.

tags | advisory
systems | linux, debian
advisories | CVE-2013-4353
MD5 | c2b04a69d037697e4d2afaef8e32b3cd
Page 1 of 1
Back1Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close