accept no compromises
Showing 1 - 19 of 19 RSS Feed

Files Date: 2014-02-06

Publish-It 3.6d Buffer Overflow
Posted Feb 6, 2014
Authored by Core Security Technologies, Daniel Kazimirow | Site coresecurity.com

Publish-It is prone to a (client side) security vulnerability when processing .PUI files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine, by enticing the user of Publish-It to open a specially crafted .PUI file. Version 3.6d is affected.

tags | exploit, remote, arbitrary
advisories | CVE-2014-0980
MD5 | c5208f4b94dc737f29f280ef96101c49
Drupal Services 7.x Access Bypass
Posted Feb 6, 2014
Authored by Fredrik Lassen, wedge | Site drupal.org

Drupal Services third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
MD5 | 3a2df3287c7cb5825dba05c7586cbc3e
Gentoo Linux Security Advisory 201402-07
Posted Feb 6, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-7 - A vulnerability in Freeciv may allow a remote attacker to execute arbitrary code. Versions less than 2.2.1 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2010-2445
MD5 | 4b4bc35bda6bbbc84d1b441b24114177
Gentoo Linux Security Advisory 201402-06
Posted Feb 6, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-6 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which could result in execution of arbitrary code. Versions less than 11.2.202.336 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-5329, CVE-2013-5330, CVE-2013-5331, CVE-2013-5332, CVE-2014-0491, CVE-2014-0492, CVE-2014-0497
MD5 | f464e026816642cb64cebcb746783aa8
Debian Security Advisory 2853-1
Posted Feb 6, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2853-1 - Pedro Ribeiro from Agile Information Security found a possible remote code execution on Horde3, a web application framework. Unsanitized variables are passed to the unserialize() PHP function. A remote attacker could specially-crafted one of those variables allowing her to load and execute code.

tags | advisory, remote, web, php, code execution
systems | linux, debian
advisories | CVE-2014-1691
MD5 | 3bf1d654116edd8c32f2537be68208c7
PHP Webcam Video Conference Local File Inclusion / XSS
Posted Feb 6, 2014
Authored by vinicius777

PHP Webcam Video Conference suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, php, vulnerability, xss, file inclusion
MD5 | 9b3a1a69def9259156177cd6f67b6d48
ownCloud 6.0.0a File Deletion / XSS / CSRF
Posted Feb 6, 2014
Authored by absane

ownCloud version 6.0.0a suffers from file deletion, cross site request forgery, and cross site scripting vulnerabilities. It has also been reported that the same cross site scripting issue also affects Pydio version 5.20.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2014-1665
MD5 | 4846c6bb074144377eca34bcb6e104ca
AuraCMS 2.3 SQL Injection
Posted Feb 6, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

AuraCMS version 2.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-1401
MD5 | c4071bd4895e54def2fc8c125e33e89d
Discovery Of RPC Vulnerabilities
Posted Feb 6, 2014
Authored by Celil Unuver

This is a whitepaper discussing the discovery of RPC vulnerabilities. Written in Turkish.

tags | paper, vulnerability
MD5 | a083cba8ae639b6832e908717375965a
File Explorer (FX) For Android Path Traversal
Posted Feb 6, 2014
Authored by Keith Makan

File Explorer (FX) for Android suffers from a path traversal vulnerability. version 2.3.0.10 is affected.

tags | exploit, file inclusion
MD5 | 880dcee5a08c192a5e71249446ebf447
Digital Whisper Electronic Magazine #49
Posted Feb 6, 2014
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 49. Written in Hebrew.

tags | magazine
MD5 | e7044df49cde40f9a2b9cf4080ad47ec
doorGets CMS 5.2 SQL Injection
Posted Feb 6, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

doorGets CMS version 5.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-1459
MD5 | 282785c8386f96ee340bfae924a6db2a
WAF-FLE ModSecurity Console 0.6.3
Posted Feb 6, 2014
Authored by Klaubert Herr | Site waf-fle.org

WAF-FLE is a console for ModSecurity. It allows modsec administrators to view and search events logged by mlogc or mlog2waffle. The dashboard shows a graphical view of events, and when combined with the powerful drill-down filter allows quick searching for relevant events. Events can be viewed in detail, whether sent by one or many sensors.

Changes: This release fixes many bugs reports by users, for waf-fle e mlog2waffle.
tags | tool
systems | unix
MD5 | 6e5cbb4f23bb844bd8afd88e4b8fac69
Singapore 0.9.9b / 0.9.10 Cross Site Scripting
Posted Feb 6, 2014
Authored by TUNISIAN CYBER

Singapore versions 0.9.9b and 0.9.10 suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | 9305689934a01c49925fff3156113331
Singapore 0.9.9b / 0.9.10 Remote File Inclusion
Posted Feb 6, 2014
Authored by TUNISIAN CYBER

Singapore versions 0.9.9b and 0.9.10 suffer from a remote file inclusion vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, code execution, file inclusion
MD5 | aa5380d565df6e1a3f260bb302881cc3
VLC Media Player 2.1.2 Denial Of Service
Posted Feb 6, 2014
Authored by Saif El-Sherei

VLC Media Player version 2.1.2 denial of service proof of concept integer division by zero exploit.

tags | exploit, denial of service, proof of concept
advisories | CVE-2014-1684
MD5 | a490bc0a906f98ebd4b3d0390c4d4492
Plogger 1.0 RC1 Cross Site Request Forgery / Cross Site Scripting
Posted Feb 6, 2014
Authored by killall-9

Plogger version 1.0 RC1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | ed9c61977bddbdfbe2ec1085d4e4f67c
Reversing Encrypted Callbacks And COM Interfaces
Posted Feb 6, 2014
Authored by Sudeep Singh

Whitepaper that discusses viruses that make use of COM interfaces to implement their functionality and how to reverse the binaries.

tags | paper
MD5 | 983f03ef7241929e554ca3df8283dbd4
iNET Business Hub SQL Injection
Posted Feb 6, 2014
Authored by th3rockst3r

iNET Business Hub suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | b4613abdb7738e55e97e84cf5303105d
Page 1 of 1
Back1Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close