exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2014-02-06

Publish-It 3.6d Buffer Overflow
Posted Feb 6, 2014
Authored by Core Security Technologies, Daniel Kazimirow | Site coresecurity.com

Publish-It is prone to a (client side) security vulnerability when processing .PUI files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine, by enticing the user of Publish-It to open a specially crafted .PUI file. Version 3.6d is affected.

tags | exploit, remote, arbitrary
advisories | CVE-2014-0980
SHA-256 | 4f00b02a79e23f09d447c39b8a1b5c407205e7628691b494b32c0036916b057d
Drupal Services 7.x Access Bypass
Posted Feb 6, 2014
Authored by Fredrik Lassen, wedge | Site drupal.org

Drupal Services third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | 4fb10e61a2d487a3573e3b6b42b5848a9bd8f799a3e443482e02b6ec522f95e4
Gentoo Linux Security Advisory 201402-07
Posted Feb 6, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-7 - A vulnerability in Freeciv may allow a remote attacker to execute arbitrary code. Versions less than 2.2.1 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2010-2445
SHA-256 | deb446e7df508f0088a1b6546d796ef9ec44ab24fa5ac603705d4d7e43ac9102
Gentoo Linux Security Advisory 201402-06
Posted Feb 6, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-6 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which could result in execution of arbitrary code. Versions less than 11.2.202.336 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-5329, CVE-2013-5330, CVE-2013-5331, CVE-2013-5332, CVE-2014-0491, CVE-2014-0492, CVE-2014-0497
SHA-256 | 1857ba9319d23c219f2f844dd8bd46236f81d1d7172b1abc562681cf00028b10
Debian Security Advisory 2853-1
Posted Feb 6, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2853-1 - Pedro Ribeiro from Agile Information Security found a possible remote code execution on Horde3, a web application framework. Unsanitized variables are passed to the unserialize() PHP function. A remote attacker could specially-crafted one of those variables allowing her to load and execute code.

tags | advisory, remote, web, php, code execution
systems | linux, debian
advisories | CVE-2014-1691
SHA-256 | 0d04b90771e0f3ac7ebe670486cf9a41d92e4aee95c54d516f3e78cb2a963e1d
PHP Webcam Video Conference Local File Inclusion / XSS
Posted Feb 6, 2014
Authored by vinicius777

PHP Webcam Video Conference suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, php, vulnerability, xss, file inclusion
SHA-256 | 6dbb4690a7866582b4dbf14d142b8f50d616645e0ddc295e1cf9e240e573cee1
ownCloud 6.0.0a File Deletion / XSS / CSRF
Posted Feb 6, 2014
Authored by absane

ownCloud version 6.0.0a suffers from file deletion, cross site request forgery, and cross site scripting vulnerabilities. It has also been reported that the same cross site scripting issue also affects Pydio version 5.20.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2014-1665
SHA-256 | 0fb9c931db1a45e7410c265273eefb3fe38de107452c5df50cfa8b1d1f8f8615
AuraCMS 2.3 SQL Injection
Posted Feb 6, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

AuraCMS version 2.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-1401
SHA-256 | 4e166ce3a14e946f7ee3b42af71bab9d187e588ff420f5131e6f16df03747258
Discovery Of RPC Vulnerabilities
Posted Feb 6, 2014
Authored by Celil Unuver

This is a whitepaper discussing the discovery of RPC vulnerabilities. Written in Turkish.

tags | paper, vulnerability
SHA-256 | 513fdf6e6be7dba449a50a572bb38d5581417c51cdf7bbfefd1d2f33568e1df0
File Explorer (FX) For Android Path Traversal
Posted Feb 6, 2014
Authored by Keith Makan

File Explorer (FX) for Android suffers from a path traversal vulnerability. version 2.3.0.10 is affected.

tags | exploit, file inclusion
SHA-256 | 75beb06492c1bfac918f41afcd575cbf682aab74a42496ff864096601db8e3da
Digital Whisper Electronic Magazine #49
Posted Feb 6, 2014
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 49. Written in Hebrew.

tags | magazine
SHA-256 | 1b26f6305d35a5e2ae7952c3fac5767a5c40bfdfdeeacc3fcc076f47d04c0c64
doorGets CMS 5.2 SQL Injection
Posted Feb 6, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

doorGets CMS version 5.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-1459
SHA-256 | 579d78f78ded641a6672902cced917a242ce59baf8bd26abab4b04fe053a7173
WAF-FLE ModSecurity Console 0.6.3
Posted Feb 6, 2014
Authored by Klaubert Herr | Site waf-fle.org

WAF-FLE is a console for ModSecurity. It allows modsec administrators to view and search events logged by mlogc or mlog2waffle. The dashboard shows a graphical view of events, and when combined with the powerful drill-down filter allows quick searching for relevant events. Events can be viewed in detail, whether sent by one or many sensors.

Changes: This release fixes many bugs reports by users, for waf-fle e mlog2waffle.
tags | tool
systems | unix
SHA-256 | 53f72777b31a175c81581ddf757c270a2c63f76854484c5076d1ade7558718f0
Singapore 0.9.9b / 0.9.10 Cross Site Scripting
Posted Feb 6, 2014
Authored by TUNISIAN CYBER

Singapore versions 0.9.9b and 0.9.10 suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 14c1ea7dea2d02e9bfe1aa3f308f17e0e46fd359601b48cca7289d3d9bc0c1a2
Singapore 0.9.9b / 0.9.10 Remote File Inclusion
Posted Feb 6, 2014
Authored by TUNISIAN CYBER

Singapore versions 0.9.9b and 0.9.10 suffer from a remote file inclusion vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 1228b3b3edf0aee95ae5fb8d451f137c41f0c673288037f2f34ca4fdb4304914
VLC Media Player 2.1.2 Denial Of Service
Posted Feb 6, 2014
Authored by Saif El-Sherei

VLC Media Player version 2.1.2 denial of service proof of concept integer division by zero exploit.

tags | exploit, denial of service, proof of concept
advisories | CVE-2014-1684
SHA-256 | e8080f60a26416fb2e3fb8b700578598d70d8d39ad0a3beed77c793a95aaa73c
Plogger 1.0 RC1 Cross Site Request Forgery / Cross Site Scripting
Posted Feb 6, 2014
Authored by killall-9

Plogger version 1.0 RC1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | a49eead59fd5705116cc4d80c09aee540f3a2f568159cf534b30887330db8dfa
Reversing Encrypted Callbacks And COM Interfaces
Posted Feb 6, 2014
Authored by Sudeep Singh

Whitepaper that discusses viruses that make use of COM interfaces to implement their functionality and how to reverse the binaries.

tags | paper
SHA-256 | 6bd84f361d4b7a3a4d92217238917f08e6f6a2c74e8d9597f60630d686bbaf8c
iNET Business Hub SQL Injection
Posted Feb 6, 2014
Authored by th3rockst3r

iNET Business Hub suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 25209707f9ad4f0be972a7364bb0b33452e8dc208447254b5f94bb048379e372
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close