what you don't know can hurt you
Showing 1 - 14 of 14 RSS Feed

Files Date: 2015-02-13

UNIT4 Prosoft HRMS 8.14.230.47 Cross Site Scripting
Posted Feb 13, 2015
Authored by Jerold Hoong, Edric Teo

UNIT4 Prosoft HRMS version 8.14.230.47 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e172705e7509e1f6ab6323ee7d46233a
Landsknecht Adminsystems CMS 4.0.1 CSRF / XSS / File Upload
Posted Feb 13, 2015
Authored by Steffen Roesemann

Landsknecht Adminsystems CMS version 4.0.1 (dev and beta versions) suffer from cross site request forgery, cross site scripting, and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, xss, file upload, csrf
MD5 | e2b45b870d42d4a34eecd9301c961f0c
HP Security Bulletin HPSBGN03258 1
Posted Feb 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03258 1 - A potential security vulnerability has been identified with HP Insight Control server deployment Windows Pre-boot Execution Environment that could be exploited remotely resulting in arbitrary execution of code. This is the vulnerability known as Winshock. HP Insight Control server deployment uses the Windows Automated Installation Kit 2.0 to generate the Windows Pre-boot Execution Environment service operating system. WAIK 2.0 is vulnerable to CVE-2014-6321 (Microsoft Schannel Remote Code Execution vulnerability). This bulletin provides instructions to update the Windows Pre-boot Execution Environment with updates from Microsoft. Revision 1 of this advisory.

tags | advisory, remote, arbitrary, code execution
systems | windows
advisories | CVE-2014-6321
MD5 | 792452b3df344ded02e0eaeaa543386a
NetGear WNDR Authentication Bypass / Information Disclosure
Posted Feb 13, 2015
Authored by Peter Adkins

A number of NetGear WNDR devices contain an embedded SOAP service that is seemingly for use with the NetGear Genie application. As this SOAP service is implemented by the built-in HTTP / CGI daemon, unauthenticated queries will also be answered over the internet if remote management has been enabled on the device. As a result, affected devices can be interrogated and hijacked with as little as a well placed HTTP query. Proof of concept included.

tags | exploit, remote, web, cgi, proof of concept, bypass, info disclosure
MD5 | acdcd8c02eb08d5615892f7f65d8742e
Google Email 4.4.2.0200 Denial Of Service
Posted Feb 13, 2015
Authored by Hector Marco

A bug in the stock Google email application version 4.4.2.0200 has been found. An attacker can remotely perform an denial of service attack by sending a specially crafted email. No interaction from the user is needed to produce the crash just receive the malicious email.

tags | exploit, denial of service
advisories | CVE-2015-1574
MD5 | 321dfb9fa477501961eace501c91ed8e
Netatmo Weather Station Cleartext Password Leak
Posted Feb 13, 2015
Authored by jullrich

During initial setup, the weather station will submit its complete configuration unencrypted to the manufacturer cloud service. This configuration includes confidential information like the user's Wifi password.

tags | advisory
advisories | CVE-2015-1600
MD5 | 2a7d18c54c2db791436a3128649b8948
Router Hunter 1.0
Posted Feb 13, 2015
Authored by Cleiton Pinheiro, Johnathan Davi

Router Hunter is a php script that scans for and exploits DNS change vulnerabilities in Shuttle Tech ADSL Modem-Router 915 WM and D-Link DSL-2740R routers and also exploits the credential disclosure vulnerability in LG DVR LE6016D devices.

tags | tool, scanner, php, vulnerability
systems | unix
MD5 | 2b6e077514de6b5f3c1c75c8a0c7eb78
eTouch Samepage 4.4.0.0.239 SQL Injection / File Read
Posted Feb 13, 2015
Authored by Brandon Perry

eTouch Samepage version 4.4.0.0.239 suffers from remote SQL injection and arbitrary file read vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection, file inclusion
MD5 | fd120265a06f4916b6e09391535be8b2
Cit-e-Net 6 Cross Site Scripting
Posted Feb 13, 2015
Authored by Jing Wang

Cit-e-Net version 6 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2014-8753
MD5 | 177a88a40d8e5da84a73d5ffb0ab89e1
Realtek 11n Wireless LAN Utility Privilege Escalation
Posted Feb 13, 2015
Authored by Humberto Cabrera

An unquoted service path vulnerability in Realtek 11n wireless LAN utility allow for privilege escalation.

tags | exploit
MD5 | f9f48504dfc1a1b55b5beebfb11664f6
vBulletin 5.1.3 Cross Site Scripting
Posted Feb 13, 2015
Authored by Jing Wang

vBulletin versions 3.5.4, 3.6.0, 3.6.7, 3.8.7, 4.2.2, 5.0.5, and 5.1.3 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-9469
MD5 | b906d8cce76417069dca0ccbac684490
Vanilla Forums 2.1.1 Cross Site Scripting
Posted Feb 13, 2015
Authored by W S

Vanilla Forums versions 2.0 through 2.1.1 suffer from a cross site scripting filter bypass.

tags | exploit, xss
MD5 | b68e1e9bf47cfcf6e078ace164bee004
WordPress Fusion 3.1 Arbitrary File Upload
Posted Feb 13, 2015
Authored by Evex

WordPress Fusion theme version 3.1 suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | a102bea6c53a81b928c710f5399b08b8
Ubuntu Security Notice USN-2488-2
Posted Feb 13, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2488-2 - USN-2488-1 fixed a vulnerability in ClamAV for Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. This update provides the corresponding update for Ubuntu 10.04 LTS. Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-6497, CVE-2014-9328
MD5 | 0280ab5016cbc2de9bda26ae54896f03
Page 1 of 1
Back1Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    4 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close