exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-09-16

.NET MVC Denial Of Service
Posted Sep 16, 2015
Authored by Roberto Suggi Liverani | Site blog.malerisch.net

Microsoft released a security bulletin (MS15-101) describing a .NET MVC denial of service vulnerability. This post analyzes the vulnerability in detail, starting from the theory and then providing a PoC exploit against a MVC web application developed with Visual Studio 2013.

tags | exploit, web, denial of service
advisories | CVE-2015-2526
SHA-256 | 55d8209e7983e84bd1e4c26a7391e903dbc491657d32f7b08b0c81b8bfb845bd
Zen Cart 1.5.4 Code Execution / Information Disclosure
Posted Sep 16, 2015
Authored by Tim Coen | Site curesec.com

Zen Cart version 1.5.4 suffers from code execution and information leakage vulnerabilities.

tags | exploit, vulnerability, code execution
SHA-256 | f8866420a805576431fdb7207fffbcffe85042c52e1e73441a6a07ace4451ca4
Kirby CMS 2.1.0 Authentication Bypass / Traversal
Posted Sep 16, 2015
Authored by Dawid Golunski

Kirby CMS versions 2.1.0 and below suffer from an authentication bypass vulnerability via path traversal.

tags | exploit, bypass, file inclusion
SHA-256 | 1bb3efe2cbba1438b53a1927c92e2b5311bd0d77bbfc50ad60673508d8670f21
ZeusCart 4.0 Code Execution
Posted Sep 16, 2015
Authored by Tim Coen | Site curesec.com

ZeusCart version 4.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | c35ab718390825f8b42f8a4a4483a7f60476a0d3121add71c4e3f568df585dda
Kirby CMS 2.1.0 CSRF / Shell Upload
Posted Sep 16, 2015
Authored by Dawid Golunski

Kirby CMS versions 2.1.0 and below suffer from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
SHA-256 | 80c763cf1e6a51e5e12403863882e4c9a30a3f2bb3fed73058ff2d71eab9e308
Anchor CMS 0.9.2 Cross Site Scripting / Open Redirect
Posted Sep 16, 2015
Authored by Tim Coen | Site curesec.com

Anchor CMS version 0.9.2 suffers from cross site scripting and open redirect vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | e345f208ad4f6300729da8e9a40758c596baa7f9ad94e75c290b7ba80e732fac
ZeusCart 4.0 Cross Site Request Forgery
Posted Sep 16, 2015
Authored by Tim Coen | Site curesec.com

ZeusCart version 4.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 771519055f7e723be693a425f66ab32548b118fc59d70388e3cd5e72b4f840e3
ManageEngine EventLog Analyzer 10.6 Build 10060 SQL Query Execution
Posted Sep 16, 2015
Authored by xistence

ManageEngine EventLog Analyzer version 10.6 build 10060 suffers from a SQL query execution vulnerability.

tags | exploit, sql injection
SHA-256 | e43184b3c2e6936208082a4f3f3c97ec7847e32991323e490bc64eafefc58612
ManageEngine OpManager 11.5 Hardcoded Credential / SQL Bypass
Posted Sep 16, 2015
Authored by xistence

ManageEngine OpManager versions 11.5 and below suffer from SQL query protection bypass and has hard-coded credentials.

tags | exploit
SHA-256 | 14e7eded55b53f71e7a0c1efbb36f40694306d92477d8cda6fe7cfc83868d93e
WordPress WP-Shop 3.4.3.18 Cross Site Scripting
Posted Sep 16, 2015
Authored by Amir.ght

WordPress WP-Shop plugin version 3.4.3.18 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8e467f8310d520fe065b659a6179c67ab26cf7b583939831ed7067137042878f
ZeusCart 4.0 SQL Injection
Posted Sep 16, 2015
Authored by Tim Coen | Site curesec.com

ZeusCart version 4.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 697b97adaa89ee192ed007e1190e65eff68e799ae2b4593d76df1864548cf546
ZeusCart 4.0 Cross Site Scripting
Posted Sep 16, 2015
Authored by Tim Coen | Site curesec.com

ZeusCart version 4.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a49dd4dc54a291a941b5050448afff0a8a1e9910a1cc60b6e4989cf537ec3d2f
WordPress xPinner Lite 2.2 Cross Site Request Forgery / Cross Site Scripting
Posted Sep 16, 2015
Authored by Amir.ght

WordPress xPinner plugin version 2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | ded312a6c8bb5a97b7c6f891d95948a49bec9979cbf517dfa78db5d3bbfb8ffd
WordPress ALO EasyMail Newsletter 2.6 CSRF / Cross Site Scripting
Posted Sep 16, 2015
Authored by Amir.ght

WordPress ALO EasyMail Newsletter plugin version 2.6 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 628f45f98d4906b0043d836c1f0551d2cdbdd07a8f25c25fa382bfc7a8c259fe
Weeman Phishing HTTP Server
Posted Sep 16, 2015
Authored by Hypsurus

Weeman is a simple HTTP server using python that creates a phishing pages, takes data from the user, and will try to login as the user to the original website.

tags | tool, web, python
systems | unix
SHA-256 | 15ddd1b5bf4aaccca6b413b7d81a75cc1c821415ce3fcd789d5e24a0d8e5c703
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    8 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close