exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2014-07-02

Kanboard 1.0.5 Cross Site Request Forgery
Posted Jul 2, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

Kanboard version 1.0.5 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2014-3920
SHA-256 | 8c31e63144f9219b29c5bbd68e400479b44a647e0274d0bdb3dced07c755f215
Ntop-NG 1.1 Cross Site Scripting
Posted Jul 2, 2014
Authored by Madhu Akula

Ntop-NG version 1.1 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-4329
SHA-256 | c63a9f01cd4e6e39a33d31769307ba8f6ac0d9482ef45a69dbe6a335dc921fcd
IP.Board 3.4.x / 3.3.x Cross Site Scripting
Posted Jul 2, 2014
Authored by Christian Schneider | Site christian-schneider.net

Invision Power IP.Board versions prior to 3.4.6 suffer from a reflective cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2014-3149
SHA-256 | 8fcf37595878178616cd9bd4907703439ef3d34270217804ec67994facffd96b
Cisco Security Advisory 20140702-cucdm
Posted Jul 2, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified Communications Domain Manager (Cisco Unified CDM) is affected by privilege escalation, default ssh key, and data manipulation vulnerabilities.

tags | advisory, vulnerability
systems | cisco
SHA-256 | b63aea4cea9a57a97f59b74232580944f928061d1f71d05f24bac007e4c2e811
HP Security Bulletin HPSBMU03055
Posted Jul 2, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03055 - Potential security vulnerabilities have been identified with HP Smart Update Manager (HP SUM) running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2010-5298, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
SHA-256 | 02b0a1928a87117f1fa493f08a54b1d05eabf305e668a1cba7e4dd009b30814a
Red Hat Security Advisory 2014-0827-01
Posted Jul 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0827-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was discovered that Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources. It was found that Apache Tomcat did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a Tomcat server located behind a reverse proxy that processed the content length header correctly.

tags | advisory, java, remote, web, denial of service, overflow
systems | linux, redhat
advisories | CVE-2014-0075, CVE-2014-0096, CVE-2014-0099
SHA-256 | 6be219eacce9042e12fe2cef9b4b259d2fd41c107909a8587cbfd4ff0f5baea3
Ubuntu Security Notice USN-2265-1
Posted Jul 2, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2265-1 - Abhishek Arya discovered that NSPR incorrectly handled certain console functions. A remote attacker could use this issue to cause NSPR to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-1545
SHA-256 | e8ab311096e635e89cde8a1429ab04661e831c908dc394065ae930cd72aa18e1
Red Hat Security Advisory 2014-0830-01
Posted Jul 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0830-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.3 was retired on June 30, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.3 EUS after June 30, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date. We encourage customers to plan their migration from Red Hat Enterprise Linux 6.3 to a more recent version of Red Hat Enterprise Linux. As a benefit of the Red Hat subscription model, customers can use their active subscriptions to entitle any system on a currently supported Red Hat Enterprise Linux release.

tags | advisory
systems | linux, redhat
SHA-256 | 747f9a282bcb048674e0cbb5dde0634b466106ed04308f39daa3b9c708ab7f19
Red Hat Security Advisory 2014-0831-01
Posted Jul 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0831-01 - In accordance with the Red Hat Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 1 offering was retired on June 30, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Developer Toolset Version 1 after June 30, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided for Red Hat Developer Toolset Version 1 after this date. We encourage customers to plan their migration from Red Hat Developer Toolset Version 1 to a more recent release of Red Hat Developer Toolset. As a benefit of the Red Hat subscription model, customers can use their active Red Hat Developer Toolset subscriptions to entitle any system on a currently supported version of this product.

tags | advisory
systems | linux, redhat
SHA-256 | 63ca1e074462a7c1ac479a0bccd85da774c883d763ce5ab04e439ce66e5ee48b
Digital Whisper Electronic Magazine #52
Posted Jul 2, 2014
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 52. Written in Hebrew.

tags | magazine
SHA-256 | 875d6a96a0803a3bf23ed4392d89ce2f4eea989fcabade63845d0b6e7345b115
OpenDocMan 1.2.7.2 Cross Site Scripting
Posted Jul 2, 2014
Authored by Madhu Akula

OpenDocMan version 1.2.7.2 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9f332c895e8166ec8e2320d9eefc0078f0941cb2d7bf695a536c577547ad88ba
Zurmo CRM Cross Site Scripting
Posted Jul 2, 2014
Authored by Provensec

Zurmo CRM suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5bafb730d7c5a12c4e063d964b11386904a272a2960a0f02da3d188b2af16e88
CMS ContWEB SQL Injection
Posted Jul 2, 2014
Authored by Felipe Andrian Peixoto

CMS ContWEB suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | c9abd3e81a9b22621cdeba959f32fae9d24c436ccf9b1e7c0905401f15456aed
EMC Documentum eRoom Stored Cross Site Scripting
Posted Jul 2, 2014
Authored by M. Heinzl | Site sec-consult.com

EMC Documentum eRoom versions 7.4.3, 7.4.4, and 7.4.4 SP1 suffer from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-2512
SHA-256 | 2feb0e0ae1f3b4bf4901b9d29a9302b8d7ace1f7a348bdb8ed228d639d762b73
Kerio Control 8.3.1 Blind SQL Injection
Posted Jul 2, 2014
Authored by Khashayar Fereidani

Kerio Control versions 8.3.1 and below suffer from a boolean-based blind remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-3857
SHA-256 | d4d98173a943d8ee530289ee12b942c4886ee315e765bc6d6df98b1e65bcce1a
IDGuard 0.60
Posted Jul 2, 2014
Authored by Gregory Pickett | Site hellfiresecurity.com

IDGuard is a platform for preventing network-layer fingerprinting on the network.

tags | tool
systems | unix
SHA-256 | e74cff8ac02aee2f88120d537a2045f22432fb21ad7ce9105643543c75bcce95
HTML5 Modern Day Attack And Defence Vectors
Posted Jul 2, 2014
Authored by Rafay Baloch

Whitepaper called HTML5 Modern Day Attack and Defence Vectors. This paper analyzes most of the features introduced in HTML5 along with the vulnerabilities each feature introduces.

tags | paper, vulnerability
SHA-256 | 8513f4316667a90362b7aad6528db9107c77904abf213c45d1e612037dd3eaf3
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close