Exploit the possiblities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2014-03-19

Ocportal 9.0.11 Cross Site Scripting / Local File Inclusion
Posted Mar 19, 2014
Authored by Hossein Hezami

Ocportal version 9.0.11 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
MD5 | a254b1acb7b488dbfe75b9c5570d85fb
Red Hat Security Advisory 2014-0316-01
Posted Mar 19, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0316-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Several information disclosure flaws were found in the way Thunderbird processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Thunderbird to crash.

tags | advisory, web, arbitrary, info disclosure
systems | linux, redhat
advisories | CVE-2014-1493, CVE-2014-1497, CVE-2014-1505, CVE-2014-1508, CVE-2014-1509, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514
MD5 | edfa1aad3304598cd12c0b60d21752d0
Debian Security Advisory 2881-1
Posted Mar 19, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2881-1 - Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure, denial of service.

tags | advisory, web, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2014-1493, CVE-2014-1497, CVE-2014-1505, CVE-2014-1508, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514
MD5 | eea1a9a8d4de42f97cb4e988f8ec3fb0
MP3Info 0.8.5 SEH Buffer Overflow
Posted Mar 19, 2014
Authored by Ayman Sagy

MP3Info version 0.8.5 SEH buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2006-2465, OSVDB-30945
MD5 | 254430695a8035bce92ed9fcc84f8f3c
MeiuPic 2.1.2 Local File Inclusion
Posted Mar 19, 2014
Authored by Hossein Hezami

MeiuPic version 2.1.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 8b33c5b0692711390ccad2ef0877635f
Chat2 Cross Site Scripting / SQL Injection
Posted Mar 19, 2014
Authored by Hossein Hezami

Chat2 suffers from cross site scripting and remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 6e0bc373fb166196337cba1bfdf98647
Bigace 2.7.5 LFI / XSS / SQL Injection
Posted Mar 19, 2014
Authored by Hossein Hezami

Bigace version 2.7.5 suffers from cross site scripting, local file inclusion, and remote blind SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
MD5 | 34bd407d9dc9232d8a2f3d709eced1f8
GuppY 4.6.26 XSS / CRLF Injection
Posted Mar 19, 2014
Authored by Hossein Hezami

GuppY version 4.6.26 suffers from cross site scripting and CRLF injection vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 083248f11c7a5efe5883dd8c8781ff6f
SePortal 2.5 SQL Injection
Posted Mar 19, 2014
Authored by jsass

SePortal version 2.5 suffers from a remote SQL injection vulnerability in the sp_id variable of staticpages.php. This version has already had known SQL injection vulnerabilities noted in 2011.

tags | exploit, remote, php, vulnerability, sql injection
MD5 | f51d1357d4d3888c9747456feb1d399a
litepublisher 5.72 Cross Site Scripting
Posted Mar 19, 2014
Authored by Hossein Hezami

litepublisher version 5.72 suffers from a cross site scripting vulnerability due to embedding a vulnerable version of swfupload.swf.

tags | exploit, xss
MD5 | 8c351836eee959b9c827e1a1877fc72f
ChatNess 2.5 Session Fixation
Posted Mar 19, 2014
Authored by Hossein Hezami

ChatNess version 2.5 suffers from a session fixation vulnerability.

tags | exploit
MD5 | 788e2ce6602613ed5dac0b5320d8d01d
Loadbalancer.org Enterprise VA SSH Private Key Exposure
Posted Mar 19, 2014
Authored by xistence | Site metasploit.com

Loadbalancer.org ships a public/private key pair on Enterprise virtual appliances version 7.5.2 that allows passwordless authentication to any other LB Enterprise box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root.

tags | exploit, remote, root
MD5 | e01474e1689d8e393565267014bdc316
Secure rm 1.2.13
Posted Mar 19, 2014
Authored by Matthew Gauthier | Site srm.sourceforge.net

Secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.

Changes: OS X resource fork removal was fixed.
tags | tool
systems | unix
MD5 | 123f8fbf086a5c50aadb2a23991b9416
Quantum vmPRO Backdoor Command
Posted Mar 19, 2014
Authored by xistence | Site metasploit.com

This Metasploit module abuses a backdoor command in vmPRO 3.1.2. Any user, even without admin privileges, can get access to the restricted SSH shell. By using the hidden backdoor "shell-escape" command it's possible to drop to a real root bash shell.

tags | exploit, shell, root, bash
MD5 | 07b55130b9d63fa1f4c280bb1f90fde6
NTP Spoofed "monlist query" Denial Of Service Proof Of Concept
Posted Mar 19, 2014
Authored by Mark Osborne

NTP_SPQUERY.C is a spoofed "monlist query" program which can generate packets like those used in reflected amplification NTP attacks that were common in early 2014. Written entirely in C, it requires no special libs or header files. It has been designed to run on most LINUXs.

tags | exploit, denial of service, spoof, proof of concept
MD5 | b1b7e74fd45bd5a336855af010521b6e
LACSEC 2014 Call For Presentations
Posted Mar 19, 2014
Site lacnic.net

LACSEC 2014 Call For Presentations - The 9th Network Security Event for Latin America and the Caribbean will be held in Cancun, Mexico May 4th through the 9th, 2014.

tags | paper, conference
MD5 | 39bdcc3b45262ac90f068945fc9632ae
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    1 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close