what you don't know can hurt you
Showing 1 - 18 of 18 RSS Feed

Files Date: 2014-02-17

i-doit Pro 1.2.4 SQL Injection
Posted Feb 17, 2014
Authored by Stephan Rickauer | Site csnc.ch

i-doit Pro version 1.2.4 suffers from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
advisories | CVE-2014-1597
MD5 | cd86f2985111361778304bdb69725908
Office Assistant Pro 2.2.2 Local File Inclusion
Posted Feb 17, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Office Assistant Pro version 2.2.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | fcb6079757399d2addbf840ead768e76
Linksys Worm Remote Root
Posted Feb 17, 2014
Authored by infodox

Proof of concept exploit used by the recent Linksys worm (known as "Moon"). Exploits blind command injection in tmUnblock.cgi.

tags | exploit, worm, cgi, proof of concept
MD5 | 98029f878e6fe6748f2a3f31170306c5
RSA BSAFE SSL-J DoS / Disclosure
Posted Feb 17, 2014
Site emc.com

RSA BSAFE SSL-J versions 5.x and 6.0 suffer from multiple information disclosure and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, info disclosure
advisories | CVE-2011-1473, CVE-2014-0625, CVE-2014-0626, CVE-2014-0627
MD5 | 585d244fc5d4f95d8b2ac2a7d4b24d26
HP Data Protector EXEC_BAR Remote Command Execution
Posted Feb 17, 2014
Authored by Chris Graham

HP Data Protector EXEC_BAR remote command execution exploit that affects versions 6.10, 6.11, and 6.20.

tags | exploit, remote
advisories | CVE-2013-2347
MD5 | 4664adb906972194b524f406999b4e3b
Open Web Analytics Pre-Auth SQL Injection
Posted Feb 17, 2014
Authored by Dana James Traversie | Site secureworks.com

Open Web Analytics (OWA) is open source web analytics software that can track and analyze how visitors use websites and applications. OWA is vulnerable to SQL injection that allows an attacker to execute arbitrary SQL statements in the context of the configured OWA database user without authenticating to the web application. This vulnerability affects Open Web Analytics version 1.5.4.

tags | exploit, web, arbitrary, sql injection
advisories | CVE-2014-1206
MD5 | f3cdb946582c0caac4477f0b4de44584
mbDriveHD 1.0.7 Local File Inclusion / Command Injection
Posted Feb 17, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

mbDriveHD version 1.0.7 suffers from local file inclusion and command injection vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
MD5 | f1da121ecb207ef2869dc8e838c18a45
Pina CMS Cross Site Scripting / SQL Injection
Posted Feb 17, 2014
Authored by Shadman Tanjim

Pina CMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 791bf8e62fd1fff9ca8fac1d79b93766
DSMS Cross Site Scripting / Content Spoofing
Posted Feb 17, 2014
Authored by MustLive

DSMS suffers from cross site scripting and content spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, xss
MD5 | 78ca53dd2f7e2d22e1e719ac9043d492
PHP-CGI Remote Code Execution Scanner
Posted Feb 17, 2014
Authored by infodox

This small python script scans for a number of variations on the PHP-CGI remote code execution vulnerability, includes "apache magica" and plesk paths, along with other misconfigurations.

tags | tool, remote, cgi, scanner, php, code execution, python
systems | unix
MD5 | c043d2636d722f6c633d0653ab1ca8f5
Printer Job Language Abuse Tool
Posted Feb 17, 2014
Authored by infodox

This code abuses PJL functionality on HP network printers to print documents and also change the "ReadyMessage". Useful for avoiding printer payment systems in universities. Scan for port 9100 to find printers.

tags | exploit
MD5 | 9b47937b50909097a1c6c720756ccb6e
Joomla Wire Immogest SQL Injection
Posted Feb 17, 2014
Authored by Mr.XpR

Joomla Wire Immogest component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3264c7b802500b95ea3e1f62903c2e99
phpMyBackupPro 2.4 Cross Site Scripting
Posted Feb 17, 2014
Authored by IeDb

phpMyBackupPro version 2.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 55563b345a1fa5fa2cd3cf67285786e5
Azazel Userland Rootkit
Posted Feb 17, 2014
Authored by stderr | Site blackhatlibrary.net

Azazel is a userland rootkit written in C based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection. Features include log cleaning, pcap subversion, and more.

tags | tool, rootkit
systems | unix
MD5 | c7ce7a9fa69ba1a58b66f3dca0284df4
Linksys EA2700, EA3500, E4200, EA4500 Authentication Bypass
Posted Feb 17, 2014
Authored by Kyle Lovett, Matt Claunch

Linksys products EA2700, EA3500, E4200, and EA4500 suffer from having an unauthenticated interface on port 8083 periodically.

tags | advisory
advisories | CVE-2013-5122
MD5 | 14e65fc1b6fb02790688636e83743de0
NTP Denial Of Service
Posted Feb 17, 2014
Authored by ShadowHatesYou

This is a small perl script called NTP DRDoS which is a denial of service tool for use against NTP.

tags | denial of service, perl
MD5 | 2d962184caf83044296ccfae04065109
Clamwin Antivirus Bypass Methodology
Posted Feb 17, 2014
Authored by Freebyte

This is a whitepaper discussing the bypassing of Clamwin Antivirus. Written in Azerbaijan.

tags | paper, bypass
MD5 | bc2e8d077733bf8e8632f4cc642685a0
Linksys E-Series Remote Code Execution
Posted Feb 17, 2014
Authored by Rew

Linksys E-Series unauthenticated remote command execution exploit that leverages the same vulnerability as used in the "Moon" worm.

tags | exploit, worm, remote
MD5 | e5e8a82bab2ad32c6f6fbad03561fa32
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    5 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close