what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 41 RSS Feed

Files Date: 2015-05-07

Adobe Flash Player domainMemory ByteArray Use After Free
Posted May 7, 2015
Authored by juan vazquez, temp66, hdarwin, bilou | Site metasploit.com

This Metasploit module exploits a use-after-free vulnerability in Adobe Flash Player. The vulnerability occurs when the ByteArray assigned to the current ApplicationDomain is freed from an ActionScript worker, when forcing a reallocation by copying more contents than the original capacity, but Flash forgets to update the domainMemory pointer, leading to a use-after-free situation when the main worker references the domainMemory again. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 and IE11 with Flash 17.0.0.134.

tags | exploit
systems | windows
advisories | CVE-2015-0359
SHA-256 | 35afddd5d3435bc9a7d573d702fbd4a8ffa05be42f3a36a7f8f99095dcaea8ed
WordPress RevSlider 3.0.95 File Upload / Execute
Posted May 7, 2015
Authored by Simo Ben Youssef | Site metasploit.com

This Metasploit module exploits an arbitrary PHP code upload vulnerability in the WordPress ThemePunch Revolution Slider ( revslider ) plugin, version 3.0.95 and prior. The vulnerability allows for arbitrary file upload and remote code execution.

tags | exploit, remote, arbitrary, php, code execution, file upload
SHA-256 | 0fbb334e5498746e566613a7bedd0b311865d5026d317222330026d031c9dd85
WordPress Ad Buttons 2.3.1 CSRF / Cross Site Scripting
Posted May 7, 2015
Authored by Kaustubh G. Padwad

WordPress Ad Buttons plugin version 2.3.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 38b043d0ddd6274052aa3b2235c087b0a5f86ffbd8a74ae736c9855251b13cd0
WordPress Freshmail 1.5.8 SQL Injection
Posted May 7, 2015
Authored by Felipe Molina

WordPress Freshmail plugin versions 1.5.8 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | ecaa20fa237cb0a8aa083981c48b64cc3785f441002a277f54d0ce324677ced0
Google App Engine Java Security Sandbox Bypasses
Posted May 7, 2015
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations released technical details, Google advisories, and new proof of concept code for the Google App Engine sandbox bypass vulnerabilities.

tags | exploit, vulnerability, proof of concept
systems | linux
SHA-256 | 5420aba52d2da4e16371bae00da42618bd4a585a57ebdcc3bb728104c84e8eab
Yahoo eMarketing Cross Site Scripting
Posted May 7, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Yahoo eMarketing suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3bacff349693e5ea813834e701aade59652625f85083bb51b8ad8288a57cc70f
Album Streamer 2.0 Directory Traversal
Posted May 7, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Album Streamer version 2.0 suffers from a directory traversal vulnerability.

tags | exploit
SHA-256 | 995d2525bb3241f1583292b68d3c8c8775795290d25f56847b605bfdbe66e42e
WordPress Ultimate Profile Builder 2.3.3 CSRF / Cross Site Scripting
Posted May 7, 2015
Authored by Kaustubh G. Padwad

WordPress Ultimate Profile Builder plugin version 2.3.3 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | e306dde4e30a050baaee377e244ad54d920791bdf5e7dd8e595b3a7eaca44b37
WordPress ClickBank Ads 1.7 CSRF / Cross Site Scripting
Posted May 7, 2015
Authored by Kaustubh G. Padwad

WordPress ClickBank Ads plugin version 1.7 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 47910384921948b511a328ff8006171ac9d2ec58cab3173c9f2b6b746ca631eb
Faraday 1.0.10
Posted May 7, 2015
Authored by Francisco Amato

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

tags | tool, rootkit
systems | unix
SHA-256 | 75029b8d4d531fbdfff18bd0e3ee54ea38df3769050cbdc44c4ce4d02f4960f1
WordPress Ultimate Product Catalogue 3.1.2 SQL Injection
Posted May 7, 2015
Authored by Felipe Molina

WordPress Ultimate Product Catalogue plugin versions 3.1.2 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | a02ef720dd359a3d52d92fb498b5e55a1386cf0896a4bf4b869dc635ad52f563
BullGuard Antivirus 15.0.297 Authentication Bypass
Posted May 7, 2015
Authored by Matthias Deeg | Site syss.de

BullGuard Antivirus version 15.0.297 suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | 5112dee77c43095b3a49dcb2330e479154fb9f8936b7496f27a233d75f4262a3
BullGuard Premium Protection 15.0.297 Authentication Bypass
Posted May 7, 2015
Authored by Matthias Deeg | Site syss.de

BullGuard Premium Protection version 15.0.297 suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | e518b0247ad14e6664301878be74b7d5aa34d98c7e9b836f279738abe34a4d3b
BullGuard Internet Security 15.0.297 Authentication Bypass
Posted May 7, 2015
Authored by Matthias Deeg | Site syss.de

BullGuard Internet Security version 15.0.297 suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | 624206bd9c6a51e8ad271d67e4899a42171ca6df98a67470b32466dea534dd22
Koala Framework 3.7 Cross Site Scripting
Posted May 7, 2015
Authored by Provensec

Koala Framework version 3.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fea3eace4bbda92634460b64d395d7f0f99c59a8245fd90338fc6d34bc6ee31a
BigAce CMS 3.0 Cross Site Scripting
Posted May 7, 2015
Authored by Provensec

BigAce CMS version 3.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8f572ab6f103e93d3874e315dc938ee02140a8b6aa7dd8cae48a26bed59ca897
Manage Engine Asset Explorer 6.1.0 Build 6110 CSRF / XSS
Posted May 7, 2015
Authored by Kaustubh G. Padwad

Manage Engine Asset Explorer version 6.10 build 6110 suffers from cross site request forgery and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 195e2f680ce1f1256efa4ca7d96a6455fb8bb335560c4ad2d9e348c0cd79ddb7
IBM WebSphere Portal 7.0 / 6.1.5 / 6.1.0 Cross Site Scripting
Posted May 7, 2015
Authored by Filippo Roncari

IBM WebSphere Portal versions 7.0, 6.1.5, and 6.1.0 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-0910
SHA-256 | c25c7d382ffcb40fc33d6e489077245c3549a3c7e04bdeda6e122b3e02b6e336
Apple Security Advisory 2015-05-06-1
Posted May 7, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-05-06-1 - Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6 are now available and address memory corruption, information compromise, and unauthorized access vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2015-1152, CVE-2015-1153, CVE-2015-1154, CVE-2015-1155, CVE-2015-1156
SHA-256 | e609569d25d389b25e5239f45be52c05969d8953e40e3f411986f8d182370607
WordPress Twenty Fifteen 4.2.1 Cross Site Scripting
Posted May 7, 2015
Authored by Onur YILMAZ, Omar Kurt | Site netsparker.com

WordPress Twenty Fifteen theme version 4.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-3429
SHA-256 | 93a37a3f6c8cd7835727b35ff9f366aa8d7618f1100f189372ad0bcabda4d158
WordPress WP Symposium 15.1 SQL Injection
Posted May 7, 2015
Authored by Hannes Trunde

WordPress WP Symposium plugin version 15.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2015-3325
SHA-256 | 12d35576d9a9ec9f31a2b35395b82f006d16733e9bc13724d99127eae3ebc9ee
gpEasy CMS 4.4 Cross Site Scripting
Posted May 7, 2015
Authored by Provensec

gpEasy CMS version 4.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8f52cba5c22c60add1d64b7fc341bfb581007b33aaf8e37c00b2e1950dbf2196
WordPress Ad Inserter 1.5.2 CSRF / XSS
Posted May 7, 2015
Authored by Kaustubh G. Padwad

WordPress Ad Inserter plugin version 1.5.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | fc4d07d0daf390ca0c72e3db173c0a59ad0af1b9efa29d6fd45e91a1f202d286
WordPress Embed-Articles 7.0.3 CSRF / XSS
Posted May 7, 2015
Authored by Kaustubh G. Padwad

WordPress Embed-Articles plugin version 7.0.3 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | a8cef952b6cc90193465ca3ccb8b29e293b5fed101d0cdff61fab9964921ee33
TORNADO Computer Trading CMS SQL Injection
Posted May 7, 2015
Authored by Vulnerability Laboratory, kjfido | Site vulnerability-lab.com

TORNADO Computer Trading CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ec27ed266ac42abd26a4054c7c53d05ffd693066274b40035240811e03f82795
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close