exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2014-11-14

Gogs Markdown Renderer Cross Site Scripting
Posted Nov 14, 2014
Authored by Timo Schmid, Pascal Turbing, Jiahua Chen

Gogs markdown renderer suffers from a cross site scripting vulnerability. Versions 0.3.1-9-g49dc57e are affected.

tags | exploit, xss
advisories | CVE-2014-8683
SHA-256 | f4ed141215063e5aa1d383bf0253f2da4d53f16ac3236dd18eebfb6ef1c26dc4
Gogs Repository Search SQL Injection
Posted Nov 14, 2014
Authored by Pascal Turbing, Jiahua Chen

Gogs suffers from a remote unauthenticated SQL injection vulnerability via repository search. Versions 0.3.1-9-g49dc57e through 0.5.6.1104-g0c5ba45 are affected.

tags | exploit, remote, sql injection
advisories | CVE-2014-8682
SHA-256 | 75a30ce63d077066f565a7c16174dcf041cb8db82fd902166167eaf3fedc1808
Gogs Label Search Blind SQL Injection
Posted Nov 14, 2014
Authored by Timo Schmid

Gogs suffers from a remote blind SQL injection vulnerability via label search. Versions 0.3.1-9-g49dc57e through 0.5.6.1024-gf1d8746 are affected.

tags | exploit, remote, sql injection
advisories | CVE-2014-8681
SHA-256 | 2851ea458aa2e82aaa0a27096e36b5135119f31a01be29a5ad53a9467291bfa2
ICIA2015 Call For Papers
Posted Nov 14, 2014
Authored by icia2015 | Site sdiwc.net

ICIA2015 will be held in Takamatsu, Japan on July 20th through the 22nd, 2015. The conference aims to enable researchers build connections between different digital applications. The event will be held over three days, with presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures.

tags | paper, conference
SHA-256 | 0f53b37848df77c53d7603bf943188004b1cf9fc366fb34d450f2bf829b5d145
Atlas Systems Aeon 3.5 / 3.6 Cross Site Scripting
Posted Nov 14, 2014
Authored by Jing Wang

Atlas Systems Aeon versions 3.5 and 3.6 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-7290
SHA-256 | 9ba04841645a78bda5e98d5917531ade59b39c79cb2d4828e6134f5a2d31375a
Google DoubleClick Open Redirect
Posted Nov 14, 2014
Authored by Jing Wang

Google's DoubleClick suffers from open redirection vulnerabilities.

tags | exploit, vulnerability
SHA-256 | c23752baac6dd86cbf0176e6fdab70b9a1f185b1490d25b9a4eff4e7a5816ba2
Pandora FMS 5.1SP1 Cross Site Scripting
Posted Nov 14, 2014
Authored by William Costa

Pandora FMS version 5.1SP1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1d2359ceb00b99d37b461e40a33a97a4fe449239c6784b1386e31c6752f50d8a
OSSEC 2.8 Privilege Escalation
Posted Nov 14, 2014
Authored by skynet-13

OSSEC version 2.8 suffers from a privilege escalation vulnerability via insecure temporary file creation.

tags | exploit
advisories | CVE-2014-5284
SHA-256 | 332b68c81e70da70ebe0fdd5bb80f7cf99f639232aa5b944919b393533981fcb
MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python
Posted Nov 14, 2014
Authored by Haifei Li, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, bypassing the patch MS14-060, for the vulnerability publicly known as "Sandworm", on systems with Python for Windows installed. Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our testing, the most reliable setup is on Windows platforms running Office 2013 and Office 2010 SP2. Please keep in mind that some other setups such as those using Office 2010 SP1 may be less stable, and may end up with a crash due to a failure in the CPackage::CreateTempFileName function.

tags | exploit, arbitrary, code execution, python
systems | windows
advisories | CVE-2014-6352
SHA-256 | 98f844496d43dbf5a1ce7018422d72a76de82b8bafeead5008c67a30054879fd
MyBB 1.8.1 Cross Site Scripting / SQL Injection
Posted Nov 14, 2014
Authored by Smash_

MyBB versions 1.8.1 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | d2831c09fb98312458a15b01dea782086d5dbef7931a614feb632379185db28c
Digi Online Examination System 2.0 Shell Upload
Posted Nov 14, 2014
Authored by Halil Dalabasmaz

Digi Online Examination System version 2.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | f4913846e2a4ef9da4fd1637116121697e047ae77978d936fc3a3c8fa24a1825
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close