exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-11-13

Mouse Media Script 1.6 Cross Site Scripting
Posted Nov 13, 2014
Authored by Halil Dalabasmaz

Mouse Media Script version 1.6.0 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | e436420f5d4f1def6014e3f0cf349ac6
Esotalk CMS Cross Site Scripting
Posted Nov 13, 2014
Authored by Evi1m0

Esotalk CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f675e28da67f5681daf2bc2ea182422d
Serenity Client Management Portal 1.0.1 Cross Site Scripting
Posted Nov 13, 2014
Authored by Halil Dalabasmaz

Serenity Client Management Portal version 1.0.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 46bcf36352dc835d55ef4f72be3d90a8
phpSound Music Sharing Platform 1.0.5 Cross Site Scripting
Posted Nov 13, 2014
Authored by Halil Dalabasmaz

phpSound Music Sharing Platform version 1.0.5 suffers from multiple cross site scripting vulnerabilities

tags | exploit, vulnerability, xss
MD5 | b6da75fbdaa4ed5404a1aab327ca9b0a
WordPress SupportEzzy Ticket System 1.2.5 Cross Site Scripting
Posted Nov 13, 2014
Authored by Halil Dalabasmaz

WordPress SupportEzzy Ticket System plugin version 1.2.5 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | e3eca09ccd1dc0c458bce97dbd96689e
Who's Who Script Cross Site Request Forgery
Posted Nov 13, 2014
Authored by ZoRLu

Who's Who Script suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 3b2910ad5ea7cae3affb66b06bf86fac
MS14-064 Microsoft Windows OLE Package Manager Code Execution
Posted Nov 13, 2014
Authored by Haifei Li, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly exploited in the wild as MS14-060 patch bypass. The Microsoft update tried to fix the vulnerability publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our testing, the most reliable setup is on Windows platforms running Office 2013 and Office 2010 SP2. And please keep in mind that some other setups such as using Office 2010 SP1 might be less stable, and sometimes may end up with a crash due to a failure in the CPackage::CreateTempFileName function.

tags | exploit, arbitrary, code execution
systems | windows, vista
advisories | CVE-2014-6352
MD5 | 287aac6ebe839f0d40b82e5df2f514da
Windows OLE Automation Array Remote Code Execution
Posted Nov 13, 2014
Authored by IBM, Wesley Neelen, Rik van Duijn, yuange75 | Site metasploit.com

This Metasploit module exploits the Windows OLE automation array remote code execution vulnerability. The vulnerability exists in Internet Explorer 3.0 until version 11 within Windows 95 up to Windows 10.

tags | exploit, remote, code execution
systems | windows, 9x
advisories | CVE-2014-6332
MD5 | 6731d333e76262dff6e5a1389b7ad6d4
Joomla HD FLV 2.1.0.1 SQL Injection
Posted Nov 13, 2014
Authored by Claudio Viviani

Joomla HD FLV component version 2.1.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 36af03c493b73397c8ae9bca193459f2
Prey Anti-Theft SSL Certification Validation
Posted Nov 13, 2014
Authored by Joaquin Manuel Rinaudo

Prey Anti-Theft for Android is missing proper SSL certification validation that can allow for denial of service and security bypass.

tags | advisory, denial of service
MD5 | 1328b27e9d79bea4278c0cf15e63113d
Ubuntu Security Notice USN-2409-1
Posted Nov 13, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2409-1 - Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. Xavier Mehrenberger and Stephane Duverger discovered that QEMU incorrectly handled certain udp packets when using guest networking. A malicious guest could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, udp
systems | linux, ubuntu
advisories | CVE-2014-3615, CVE-2014-3640, CVE-2014-3689, CVE-2014-5263, CVE-2014-5388, CVE-2014-7815
MD5 | 35467713d4d4e6b7d7aaff94e81cf5ff
HP Security Bulletin HPSBMU03182 1
Posted Nov 13, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03182 1 - A potential security vulnerability has been identified with HP Server Automation. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2104-6277, CVE-2104-6278
MD5 | b47a36f683bf491830911d855c6f1a38
Debian Security Advisory 3050-3
Posted Nov 13, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3050-3 - The previous update for iceweasel in DSA-3050-1 did not contain builds for the armhf architecture due to an error in the Debian packaging specific to the armhf build.

tags | advisory
systems | linux, debian
advisories | CVE-2014-1574, CVE-2014-1576, CVE-2014-1577, CVE-2014-1578, CVE-2014-1581, CVE-2014-1583, CVE-2014-1585, CVE-2014-1586
MD5 | b9c5b5732396e0c2d759c347e99985b3
Red Hat Security Advisory 2014-1852-01
Posted Nov 13, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1852-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2014-0573, CVE-2014-0574, CVE-2014-0576, CVE-2014-0577, CVE-2014-0581, CVE-2014-0582, CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, CVE-2014-0588, CVE-2014-0589, CVE-2014-0590, CVE-2014-8437, CVE-2014-8438, CVE-2014-8440, CVE-2014-8441
MD5 | 9b23f9074d55cf000a31eff3f5b64808
Joomla Eventbooking Cross Site Scripting
Posted Nov 13, 2014
Authored by Jagriti Sahu

The Joomla Eventbooking component suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c96cda837db4cbc7e9c0580717ecc972
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close