what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2014-12-14

Mikiurl WordPress Eklentisi 2.0 CSRF / XSS
Posted Dec 14, 2014
Authored by Manideep K

Mikiurl WordPress Eklentisi WP plugin version 2.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2014-9337
SHA-256 | df9a035052db81f07e5b5e7bd5e70024c89200646829731c9674d76c196db1c4
WordPress yURL ReTwitt WP 1.4 CSRF / XSS
Posted Dec 14, 2014
Authored by Manideep K

WordPress yURL ReTwitt WP plugin version 1.4 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2014-9341
SHA-256 | 487248aa9bbe59d02909227ac36aff41fa4aa97417a9e6cf9a4774a5cee297c6
WordPress wpCommentTwit 0.5 CSRF / XSS
Posted Dec 14, 2014
Authored by Manideep K

WordPress wpCommentTwit plugin version 0.5 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2014-9340
SHA-256 | d5c3add6148f7372c1f4339a37688f036562662148a8c69ecb66659d35618014
WordPress Download Manager 2.7.4 Remote Command Execution
Posted Dec 14, 2014
Authored by Claudio Viviani

WordPress Download Manager versions 2.7.0 through 2.7.4 suffer from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 34ddb275d5055cb3a01743e4fca6a4ffb4537f87c1b95c998437a4e5e1c60732
Ekahau Real-Time Location System RC4 Cipher Stream Reuse / Weak Key Derivation
Posted Dec 14, 2014
Authored by Max Moser, David Gullasch

Ekahau Real-Time Location System suffers from RC4 cipher stream reuse and weak key derivation flaws. The message payload of the affected solution is always encrypted using the same RC4 cipher stream. When combining two encrypted messages with an XOR operation, the cipher stream will cancel out. With this, an attacker is able to recover the bitwise difference of two plain texts. The 128 bit RC4 key used in the Ekahau setup is trivially derived from the three least significant bytes of the MAC address. The key derivation scheme can be recovered from publicly available program code or any Ekahau tag's EEPROM.

tags | exploit
advisories | CVE-2014-2716
SHA-256 | a6ce7b1308744e978d9de9d7f014e08f9af93014056f5d15361dbdf486a9720c
WordPress SPNbabble 1.4.1 CSRF / XSS
Posted Dec 14, 2014
Authored by Manideep K

WordPress SPNbabble plugin version 1.4.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2014-9339
SHA-256 | 40e5d13856c461690cf62603b22a1499bcea09416e08cde4376649a16343fbdb
WordPress DandyID Services ID 1.5.9 CSRF / XSS
Posted Dec 14, 2014
Authored by Manideep K

WordPress DandyID Services plugin version 1.5.9 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2014-9335
SHA-256 | 326934b7db084938b38b59409fc1ca099f5e5a061add78a0bfbbff97351ab24e
Debian Security Advisory 3103-1
Posted Dec 14, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3103-1 - Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in LibYAML, a fast YAML 1.1 parser and emitter library. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.

tags | advisory
systems | linux, debian
advisories | CVE-2014-9130
SHA-256 | a1ddf6c50b16ffa24a96002cafff871f602e1595d5aafacc8d319fc27d8cbab0
Debian Security Advisory 3102-1
Posted Dec 14, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3102-1 - Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in LibYAML, a fast YAML 1.1 parser and emitter library. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.

tags | advisory
systems | linux, debian
advisories | CVE-2014-9130
SHA-256 | c1980d775778424421c5584e68774bb782a7e149bd23a685210320f6c9af1dde
WordPress twitterDash 2.1 CSRF / XSS
Posted Dec 14, 2014
Authored by Manideep K

WordPress twitterDash plugin version 2.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2014-9368
SHA-256 | 7d98ca7552b1ffc70153ec46af3888968059995a46f62a271ced40a606f65d7a
WordPress iTwitter WP 0.04 CSRF / XSS
Posted Dec 14, 2014
Authored by Manideep K

WordPress iTwitter WP plugin version 0.04 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2014-9336
SHA-256 | 2b6e55ff2e4c236215d4eb3846cedaafdc8bd7fdd55262d55222a611bb3b7fcc
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close