Exploit the possiblities
Showing 1 - 12 of 12 RSS Feed

Files Date: 2015-06-26

Polycom RealPresence Resource Manager (RPRM) Disclosure / Traversal
Posted Jun 26, 2015
Authored by Rene Freingruber | Site sec-consult.com

By combining all vulnerabilities documented in this advisory an unprivileged authenticated remote attacker can gain full system access (root) on the RPRM appliance. This has an impact on all conferences taking place via this RP Resource Manager. Attackers can steal all conference passcodes and join or record any conference. Versions prior to 8.4 are affected.

tags | exploit, remote, root, vulnerability
advisories | CVE-2015-4681, CVE-2015-4682, CVE-2015-4683, CVE-2015-4684, CVE-2015-4685
MD5 | 6000873fcc165414249c80fa248c6873
EMC Unisphere For VMAX 8.0.x Remote Code Execution
Posted Jun 26, 2015
Site emc.com

EMC Unisphere for VMAX version 8.0.3.4 contains a fix for a remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions 8.0.0, 8.0.1, and 8.0.2 are affected.

tags | advisory, remote, code execution
advisories | CVE-2015-0545
MD5 | 15b48221d87db3700c9b0bad1f913fc4
Koha ILS 3.20.x CSRF / XSS / Traversal / SQL Injection
Posted Jun 26, 2015
Authored by Raschin Tavakoli

Koha ILS suffers from cross site request forgery, cross site scripting, remote SQL injection, and path traversal vulnerabilities. Versions 3.20.x less than or equal to 3.20.1, 3.18.x less than or equal to 3.18.8, and 3.16.x less than or equal to 3.16.12 are affected.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
advisories | CVE-2015-4631, CVE-2015-4632, CVE-2015-4633
MD5 | a7487c24750ea3dc5d6254bc58df41bf
NETGEAR ProSafe Cross Site Scripting / SQL Injection / Header Injection
Posted Jun 26, 2015
Authored by Juan J. Guelfo

NETGEAR ProSafe suffers from cross site scripting, header injection, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | db5b65b3e1cd683650ed85d9db104466
Cisco Security Advisory 20150625-ironport
Posted Jun 26, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Web Security Virtual Appliance (WSAv), Cisco Email Security Virtual Appliance (ESAv), and Cisco Security Management Virtual Appliance (SMAv) suffer from a default authorized SSH key vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds for these vulnerabilities.

tags | advisory, web, vulnerability
systems | cisco
MD5 | 8287aa89db71d3b9c85edf73ae1d1eca
Download Zip Attachments 1.0 File Download
Posted Jun 26, 2015
Authored by Larry W. Cashdollar

Download Zip Attachments version 1.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
advisories | CVE-2015-4704
MD5 | 3abffc6441d8fe10c43f7cca6b866b42
WordPress WP-Instance-Rename 1.0 File Download
Posted Jun 26, 2015
Authored by Larry W. Cashdollar

WordPress WP-Instance-Rename plugin version 1.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
advisories | CVE-2015-4703
MD5 | c4886460dc83be92521a993d49a30413
ArcSight Log Poisoning
Posted Jun 26, 2015
Authored by Andrea Menin

ArcSight suffers from a log poisoning vulnerability.

tags | exploit
MD5 | 7804fa9d0f8f8ffcd47ad4c92f2ac2ca
Htcap Analysis Tool Alpha 0.1
Posted Jun 26, 2015
Authored by Filippo Cavallarin

Htcap is a web application analysis tool for detecting communications between javascript and the server. It crawls the target application and maps ajax calls, dynamically inserted scripts, websockets calls, dynamically loaded resources and some interesting elements. The generated report is meant to be a good starting point for a manual web application security audit. Htcap is written in python and uses phantomjs to load pages injecting a probe that analyzes javascript behaviour. Once injected, the probe, overrides native javascript methods in order to intercept communications and DOM changes. It also simulates user interaction by firing all attached events and by filling html inputs.

tags | tool, web, javascript, sniffer, python
MD5 | 16b53ba407c04e4843e48ce107b43931
Nucleus CMS 3.65 Cross Site Scripting
Posted Jun 26, 2015
Authored by Sharankumar Somana

Nucleus CMS version 3.65 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1514321918bca9ad1297f52a3a256af8
Havij OLE Automation Array Remote Code Execution
Posted Jun 26, 2015
Authored by Mohammad Reza Espargham

Havij OLE automation array remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2014-6332
MD5 | aa6c33b05c92e7f89dfbb44ff040e241
Linux/x86 Forced rmdir Shellcode
Posted Jun 26, 2015
Authored by B3mB4m

Linux/x86 forced rmdir shellcode.

tags | x86, shellcode
systems | linux
MD5 | 5ffe179a99ae67dbb99d08e1184eaf8c
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close