what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2015-07-06

AirLive Remote Command Injection
Posted Jul 6, 2015
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - AirLive MD-3025, BU-3026, BU-2015, WL-2000CAM, and POE-200CAM are IP cameras designed for professional surveillance and security applications. The built-in IR LEDs provide high quality nighttime monitoring. These AirLive devices are vulnerable to an OS Command Injection Vulnerability. In the case of the MD-3025, BU-3026 and BU-2015 cameras, the vulnerability lies in the cgi_test.cgi binary file. In the case of the WL-2000CAM and POE-200CAM cameras, the command injection can be performed using the vulnerable wireless_mft.cgi binary file.

tags | exploit, cgi
advisories | CVE-2014-8389, CVE-2015-2279
SHA-256 | 4f5dfe0ba3159b241b97dd31fdce3b6857722610dfebf00e92c39d6677ccf2b6
phpLiteAdmin 1.1 Cross Site Request Forgery / Cross Site Scripting
Posted Jul 6, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

phpLiteAdmin version 1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, add administrator, csrf
advisories | CVE-2015-6518
SHA-256 | 4283cc61827ee3aa0bb5b327467b0f012ea503321ee6a96b94ce7e7159313d17
ipTIME DHCP Remote Command Execution
Posted Jul 6, 2015
Authored by Pierre Kim

127 ipTIME routers are vulnerable to a DHCP-related remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 865d438b672a41ac61eb57eb48a11d1384ed8671a7926efec5bf3004fedfd4fe
Orchard CMS 1.9.0 / 1.8.2 / 1.7.3 Cross Site Scripting
Posted Jul 6, 2015
Authored by Paris Zoumpouloglou

Orchard CMS versions 1.7.3, 1.8.2, and 1.9.0 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7ff983c48832653c8a02fa6f3cfe44629029272031e2a5f1ac4aea0b203b015d
WordPress S3Bubble Cloud Video With Adverts / Analytics Arbitrary File Download
Posted Jul 6, 2015
Authored by CrashBandicot

WordPress S3Bubble Cloud Video with Adverts and Analytics plugin version 2.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
SHA-256 | d57b649542e4c5d4a0cb2c033844a4320b10785e1a9d189c8cb8e0ecae0b0c4a
WideImage 11.02.19 Cross Site Scripting
Posted Jul 6, 2015
Authored by Mohammad Sikkandar Sha

WideImage version 11.02.19 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 900c12794e1e9d1fb7199b00e2aab8bd40774c04b5c3ac5ffa6e745c499cbb00
WK UDID 1.0.1 Command Injection
Posted Jul 6, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

WK UDID version 1.0.1 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | 92265986e2f75ed3b342490966f7eeba2d2cde8d0548087e8f2e6eb2b30742b0
FreeBSD 10.x Backdoor Module
Posted Jul 6, 2015
Authored by dash | Site hack4.org

This module, once loaded, gives the thread/user calling it root instantly without spawning an extra shell.

tags | tool, shell, root, rootkit
systems | unix
SHA-256 | 18f30618ad3713cc726b74e9d186be2cf70a0e5d6a1cb305881c92ffc22f512b
WordPress ACF Frontend Display Shell Upload
Posted Jul 6, 2015
Authored by TUNISIAN CYBER

WordPress ACF Frontend Display plugin suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | b436367d1b2e6861679d45c236d703fc26b9355258a0a2ab8a23ca34f38c9343
WordPress Vulcan Theme XSS / Disclosure/ DoS
Posted Jul 6, 2015
Authored by MustLive

WordPress Vulcan theme suffers from WAF bypass, cross site scripting, path disclosure, denial of service, and remote file upload vulnerabilities.

tags | exploit, remote, denial of service, vulnerability, xss, file upload
SHA-256 | 8bd7ba052699616ab801ed1ba3417c1b390d988ab10d6e874a2053b9e4e5fc32
Gentoo Linux Security Advisory 201507-01
Posted Jul 6, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-1 - Multiple vulnerabilities have been found in chrony, the worst of which can cause arbitrary code execution. Versions less than 1.31.1 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2015-1821, CVE-2015-1822, CVE-2015-1853
SHA-256 | 2beceab188b5a326f8c1949abab1b3e4e637e4803c1a30abe30fe93b67a275bb
Ebay Magento Cross Site Request Forgery
Posted Jul 6, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Ebay's Magento suffered from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 897b5d8a3313b9d1c287cda6b135e03b5b677c8cd1d0e3cd4bff4881c07c459d
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close