what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-11-13

Mouse Media Script 1.6 Cross Site Scripting
Posted Nov 13, 2014
Authored by Halil Dalabasmaz

Mouse Media Script version 1.6.0 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9bd45d892cefca1ccd97f12064adcdccdc46d6ba039a2cfc0cb41b78b22fe4e5
Esotalk CMS Cross Site Scripting
Posted Nov 13, 2014
Authored by Evi1m0

Esotalk CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 426b2a3130a36ea5b3de2f2855da80f068e88fd9e639135153ea7097754de135
Serenity Client Management Portal 1.0.1 Cross Site Scripting
Posted Nov 13, 2014
Authored by Halil Dalabasmaz

Serenity Client Management Portal version 1.0.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1782a2875c2b21cc946c66f6e5cb34da9592b5108bffec951aaa36b484595522
phpSound Music Sharing Platform 1.0.5 Cross Site Scripting
Posted Nov 13, 2014
Authored by Halil Dalabasmaz

phpSound Music Sharing Platform version 1.0.5 suffers from multiple cross site scripting vulnerabilities

tags | exploit, vulnerability, xss
SHA-256 | 1ae73d636017b49c679573513259adb0882c02129b5d8004898e8ae43f7829f1
WordPress SupportEzzy Ticket System 1.2.5 Cross Site Scripting
Posted Nov 13, 2014
Authored by Halil Dalabasmaz

WordPress SupportEzzy Ticket System plugin version 1.2.5 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2f89b65717afb33161b3fa89fe8224f3f1ba65b3f2e38c1b28f79f9277acbb1f
Who's Who Script Cross Site Request Forgery
Posted Nov 13, 2014
Authored by ZoRLu

Who's Who Script suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 47f9a3f742cf238fe2b35e17df618c2251aafa10b62f1517868c27f5feaa4662
MS14-064 Microsoft Windows OLE Package Manager Code Execution
Posted Nov 13, 2014
Authored by Haifei Li, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly exploited in the wild as MS14-060 patch bypass. The Microsoft update tried to fix the vulnerability publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our testing, the most reliable setup is on Windows platforms running Office 2013 and Office 2010 SP2. And please keep in mind that some other setups such as using Office 2010 SP1 might be less stable, and sometimes may end up with a crash due to a failure in the CPackage::CreateTempFileName function.

tags | exploit, arbitrary, code execution
systems | windows
advisories | CVE-2014-6352
SHA-256 | 22d50e4cf87dbb4ac9f6d51a9b1c21edb0ba7405f489b927842967eda685d577
Windows OLE Automation Array Remote Code Execution
Posted Nov 13, 2014
Authored by IBM, Wesley Neelen, Rik van Duijn, yuange75 | Site metasploit.com

This Metasploit module exploits the Windows OLE automation array remote code execution vulnerability. The vulnerability exists in Internet Explorer 3.0 until version 11 within Windows 95 up to Windows 10.

tags | exploit, remote, code execution
systems | windows
advisories | CVE-2014-6332
SHA-256 | 9f3d76c6deb7093d4abe28ad57a0baaa94e5d5aac7b91cda94946db86e90b217
Joomla HD FLV 2.1.0.1 SQL Injection
Posted Nov 13, 2014
Authored by Claudio Viviani

Joomla HD FLV component version 2.1.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 733162606ba1c6d3ad296a0f60b1de5ca10abf359fa141da227db38f94650974
Prey Anti-Theft SSL Certification Validation
Posted Nov 13, 2014
Authored by Joaquin Manuel Rinaudo

Prey Anti-Theft for Android is missing proper SSL certification validation that can allow for denial of service and security bypass.

tags | advisory, denial of service
SHA-256 | 375e740eb82da36272b867f9bfc8c337d55e13acb3c92f8a3fedba233524ef52
Ubuntu Security Notice USN-2409-1
Posted Nov 13, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2409-1 - Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. Xavier Mehrenberger and Stephane Duverger discovered that QEMU incorrectly handled certain udp packets when using guest networking. A malicious guest could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, udp
systems | linux, ubuntu
advisories | CVE-2014-3615, CVE-2014-3640, CVE-2014-3689, CVE-2014-5263, CVE-2014-5388, CVE-2014-7815
SHA-256 | 0560bed7a0207b09b9eee574c086a9c96540723b7c21d6b2f08c965ea0f7d038
HP Security Bulletin HPSBMU03182 1
Posted Nov 13, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03182 1 - A potential security vulnerability has been identified with HP Server Automation. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2104-6277, CVE-2104-6278
SHA-256 | 2c7547ad37486e13bbfb803f26b54786b2666a0d9a0dc7130cbe590247c0434c
Debian Security Advisory 3050-3
Posted Nov 13, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3050-3 - The previous update for iceweasel in DSA-3050-1 did not contain builds for the armhf architecture due to an error in the Debian packaging specific to the armhf build.

tags | advisory
systems | linux, debian
advisories | CVE-2014-1574, CVE-2014-1576, CVE-2014-1577, CVE-2014-1578, CVE-2014-1581, CVE-2014-1583, CVE-2014-1585, CVE-2014-1586
SHA-256 | 986330d8176213258f8f3743d8240fb7636c9b4790c5253b82d1a1459945ddda
Red Hat Security Advisory 2014-1852-01
Posted Nov 13, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1852-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2014-0573, CVE-2014-0574, CVE-2014-0576, CVE-2014-0577, CVE-2014-0581, CVE-2014-0582, CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, CVE-2014-0588, CVE-2014-0589, CVE-2014-0590, CVE-2014-8437, CVE-2014-8438, CVE-2014-8440, CVE-2014-8441
SHA-256 | 4a006d215c9cae80f1a876b8cc5b0bf08bb44cf658e02ad3743299595a33e101
Joomla Eventbooking Cross Site Scripting
Posted Nov 13, 2014
Authored by Jagriti Sahu

The Joomla Eventbooking component suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9b50f14aee44e44f20b0a4a6c605e2468e48bfe13ddce60537854cd9cb83ea26
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    11 Files
  • 30
    Jun 30th
    7 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close