what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2014-11-14

Gogs Markdown Renderer Cross Site Scripting
Posted Nov 14, 2014
Authored by Timo Schmid, Pascal Turbing, Jiahua Chen

Gogs markdown renderer suffers from a cross site scripting vulnerability. Versions 0.3.1-9-g49dc57e are affected.

tags | exploit, xss
advisories | CVE-2014-8683
SHA-256 | f4ed141215063e5aa1d383bf0253f2da4d53f16ac3236dd18eebfb6ef1c26dc4
Gogs Repository Search SQL Injection
Posted Nov 14, 2014
Authored by Pascal Turbing, Jiahua Chen

Gogs suffers from a remote unauthenticated SQL injection vulnerability via repository search. Versions 0.3.1-9-g49dc57e through 0.5.6.1104-g0c5ba45 are affected.

tags | exploit, remote, sql injection
advisories | CVE-2014-8682
SHA-256 | 75a30ce63d077066f565a7c16174dcf041cb8db82fd902166167eaf3fedc1808
Gogs Label Search Blind SQL Injection
Posted Nov 14, 2014
Authored by Timo Schmid

Gogs suffers from a remote blind SQL injection vulnerability via label search. Versions 0.3.1-9-g49dc57e through 0.5.6.1024-gf1d8746 are affected.

tags | exploit, remote, sql injection
advisories | CVE-2014-8681
SHA-256 | 2851ea458aa2e82aaa0a27096e36b5135119f31a01be29a5ad53a9467291bfa2
ICIA2015 Call For Papers
Posted Nov 14, 2014
Authored by icia2015 | Site sdiwc.net

ICIA2015 will be held in Takamatsu, Japan on July 20th through the 22nd, 2015. The conference aims to enable researchers build connections between different digital applications. The event will be held over three days, with presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures.

tags | paper, conference
SHA-256 | 0f53b37848df77c53d7603bf943188004b1cf9fc366fb34d450f2bf829b5d145
Atlas Systems Aeon 3.5 / 3.6 Cross Site Scripting
Posted Nov 14, 2014
Authored by Jing Wang

Atlas Systems Aeon versions 3.5 and 3.6 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-7290
SHA-256 | 9ba04841645a78bda5e98d5917531ade59b39c79cb2d4828e6134f5a2d31375a
Google DoubleClick Open Redirect
Posted Nov 14, 2014
Authored by Jing Wang

Google's DoubleClick suffers from open redirection vulnerabilities.

tags | exploit, vulnerability
SHA-256 | c23752baac6dd86cbf0176e6fdab70b9a1f185b1490d25b9a4eff4e7a5816ba2
Pandora FMS 5.1SP1 Cross Site Scripting
Posted Nov 14, 2014
Authored by William Costa

Pandora FMS version 5.1SP1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1d2359ceb00b99d37b461e40a33a97a4fe449239c6784b1386e31c6752f50d8a
OSSEC 2.8 Privilege Escalation
Posted Nov 14, 2014
Authored by skynet-13

OSSEC version 2.8 suffers from a privilege escalation vulnerability via insecure temporary file creation.

tags | exploit
advisories | CVE-2014-5284
SHA-256 | 332b68c81e70da70ebe0fdd5bb80f7cf99f639232aa5b944919b393533981fcb
MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python
Posted Nov 14, 2014
Authored by Haifei Li, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, bypassing the patch MS14-060, for the vulnerability publicly known as "Sandworm", on systems with Python for Windows installed. Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our testing, the most reliable setup is on Windows platforms running Office 2013 and Office 2010 SP2. Please keep in mind that some other setups such as those using Office 2010 SP1 may be less stable, and may end up with a crash due to a failure in the CPackage::CreateTempFileName function.

tags | exploit, arbitrary, code execution, python
systems | windows
advisories | CVE-2014-6352
SHA-256 | 98f844496d43dbf5a1ce7018422d72a76de82b8bafeead5008c67a30054879fd
MyBB 1.8.1 Cross Site Scripting / SQL Injection
Posted Nov 14, 2014
Authored by Smash_

MyBB versions 1.8.1 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | d2831c09fb98312458a15b01dea782086d5dbef7931a614feb632379185db28c
Digi Online Examination System 2.0 Shell Upload
Posted Nov 14, 2014
Authored by Halil Dalabasmaz

Digi Online Examination System version 2.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | f4913846e2a4ef9da4fd1637116121697e047ae77978d936fc3a3c8fa24a1825
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close