what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2015-12-09

Geeklog 2.1.0 Command Injection
Posted Dec 9, 2015
Authored by Tim Coen | Site curesec.com

Geeklog version 2.1.0 suffers from a remote command injection vulnerability.

tags | exploit, remote
MD5 | dd75a19a45dac7527b505e0e2c726ab4
phpwcms 1.7.9 Code Execution
Posted Dec 9, 2015
Authored by Tim Coen | Site curesec.com

phpwcms version 1.7.9 suffers from a code execution vulnerability.

tags | exploit, code execution
MD5 | 16e3ec2f77b7077b3cc2a5896ccf765c
CodoForum 3.4 Cross Site Scripting
Posted Dec 9, 2015
Authored by Tim Coen | Site curesec.com

CodoForum version 3.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c343f7f42ac3486d45531eb4339528a1
Geeklog 2.1.0 Command Injection
Posted Dec 9, 2015
Authored by Tim Coen | Site curesec.com

Geeklog version 2.1.0 remote command injection exploit.

tags | exploit, remote
MD5 | aa3542990be0b9459d27525a7881aacb
4images 1.7.11 Code Execution
Posted Dec 9, 2015
Authored by Tim Coen | Site curesec.com

4images version 1.7.11 suffers from a code execution vulnerability.

tags | exploit, code execution
MD5 | 77b34a4b06a756e3a6e7dd945ec7ce24
4images 1.7.11 Code Execution
Posted Dec 9, 2015
Authored by Tim Coen | Site curesec.com

4images version 1.7.11 code execution proof of concept exploit.

tags | exploit, code execution
MD5 | 98fa895aa5ef0365e30cd5dfc2e356eb
phpwcms 1.7.9 Cross Site Request Forgery
Posted Dec 9, 2015
Authored by Tim Coen | Site curesec.com

phpwcms version 1.7.9 suffers from cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 348abcb796f5b5e0a0d1354c79b256bf
4images 1.7.11 Path Traversal
Posted Dec 9, 2015
Authored by Tim Coen | Site curesec.com

4images version 1.7.11 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
MD5 | 630af1593604a75aef660335ff8a5d56
Cacti 0.8.8f SQL Injection
Posted Dec 9, 2015
Authored by changzhao.mao

Cacti versions 0.8.8f and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2015-8369
MD5 | da58d64925e42ef8d1daf114845be6c4
Geeklog 2.1.0 Cross Site Scripting
Posted Dec 9, 2015
Authored by Tim Coen | Site curesec.com

Geeklog version 2.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d30c61682f26fcb171ae37a62e67da83
4images 1.7.11 SQL Injection
Posted Dec 9, 2015
Authored by Tim Coen | Site curesec.com

4images version 1.7.11 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 09074a1ffdb1db70a06e82f4cd73c6b6
4images 1.7.12 Cross Site Scripting
Posted Dec 9, 2015
Authored by Tim Coen | Site curesec.com

4images version 1.7.12 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7a720950e91c3779d59bc214a87fffdb
Microsoft Windows Media Center Incorrectly Resolved Reference
Posted Dec 9, 2015
Authored by Core Security Technologies, Francisco Falcon

Core Security Technologies Advisory - The 'application' tag in Microsoft Windows Media Center link files (.mcl extension) can include a 'run' parameter, which indicates the path of a file to be launched when opening the MCL file, or a 'url' parameter, which indicates the URL of a web page to be loaded within the Media Center's embedded web browser. A specially crafted MCL file having said 'url' parameter pointing to the MCL file itself can trick Windows Media Center into rendering the very same MCL file as a local HTML file within the Media Center's embedded web browser.

tags | exploit, web, local
systems | windows
advisories | CVE-2015-6127
MD5 | 74ea83d965e529488bfa6515c1580c14
Red Hat Security Advisory 2015-2589-01
Posted Dec 9, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2589-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap. A local attacker could potentially use this flaw to execute arbitrary code on the system. It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data.

tags | advisory, arbitrary, local, info disclosure
systems | linux, redhat, osx
advisories | CVE-2013-7423, CVE-2015-1472, CVE-2015-1473, CVE-2015-1781, CVE-2015-5277
MD5 | 19cba1476d7eb01430fcb1c63abd9f4d
Red Hat Security Advisory 2015-2587-01
Posted Dec 9, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2587-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their privileges on the system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC is handled. A privileged user inside a guest could use this flaw to create denial of service conditions on the host kernel.

tags | advisory, denial of service, x86, kernel
systems | linux, redhat
advisories | CVE-2015-2925, CVE-2015-5307, CVE-2015-7613
MD5 | 1cee6dd6b1125ce72c0f2594112b8390
LG Nortel Disclosure / Insecure Configuration / DoS
Posted Dec 9, 2015
Authored by Karn Ganeshen

LG Nortel ADSL modems with software version 3.04L.02V.sip._LE9500.dspApp3341A2pB022f.d19e suffer from authorization flaws, information disclosure, insecure configuration, and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, info disclosure
MD5 | 9d94b25d1899520ad9665450381beb67
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close