exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2016-02-18

Red Hat Security Advisory 2016-0266-01
Posted Feb 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0266-01 - OpenStack Orchestration is a template-driven engine used to specify and deploy configurations for Compute, Storage, and OpenStack Networking. A vulnerability was discovered in the OpenStack Orchestration service, where a specially formatted template could be used to trick the heat-engine service into opening a local file. Although the file contents are never disclosed to the end user, an OpenStack- authenticated attacker could use this flaw to cause a denial of service or determine whether a given file name is present on the server.

tags | advisory, denial of service, local
systems | linux, redhat
advisories | CVE-2015-5295
SHA-256 | 87d87a4bc1fd2037806191a0d9f2852b2a6545a896f1abbb47097c6b0c813e72
Ubuntu Security Notice USN-2895-1
Posted Feb 18, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2895-1 - The DOM implementation in Chromium did not properly restrict frame-attach operations from occurring during or after frame-detach operations. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. An integer underflow was discovered in Brotli. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-1623, CVE-2016-1624
SHA-256 | 353bfd89ec9248ccfdc878973cc36795b4c10b043b13f8f970d0fa552e316355
Red Hat Security Advisory 2016-0258-01
Posted Feb 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0258-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-1930, CVE-2016-1935
SHA-256 | 6b8740ceed7206fff2a66f7e086933ae8f58ee4e912fe867d70c1bdc17a53b0a
CJExploiter 1.0.0
Posted Feb 18, 2016
Authored by Farzin

CJExploiter is a drag and drop ClickJacking exploit development assistance tool. First open the "index.html" with your browser locally and enter target URL and click on "View Site". You can dynamically create your own inputs. Finally by clicking the "Exploit It" button you can see the proof of concept.

tags | tool, proof of concept
systems | unix
SHA-256 | a70542049bbf7cc6445a732916771f7a6c606df15bab8c06cf7334e6804bee44
DirectAdmin 1.491 Cross Site Request Forgery
Posted Feb 18, 2016
Authored by Necmettin COSKUN

DirectAdmin version 1.491 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 46c874ed2505a5df8e83a213d020c5a1bde6cce21994c9b4f390cc5cf69c4532
WeBid 1.1.2P2 SQL Injection
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

WeBid version 1.1.2P2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4c445d18ff897468b32229c61b93169d17ee6ba88ec405da9f786b7a7906b6fd
webSPELL 4.2.4 Cross Site Request Forgery / SQL Injection
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

webSPELL version 4.2.4 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
SHA-256 | 2291468cde58eae41054890b9e25d4217654ae9d0f8b7b9e749e1192bdcd7e44
DOKEOS ce30 Authentication Bypass
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

DOKEOS version ce30 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | e0d80f4d11e0f37a08bd45c5adf3616f68bc949b8f350966e67ed9a9b99c6a86
TestLink 1.9.14 SQL Injection
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

TestLink version 1.9.14 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 91d1c80956419cb3834dcfcd444983fe9cb7d79deae450a0f99e91da4a1bf961
Osclass 3.5.9 SQL Injection
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

Osclass version 3.5.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1873a8e1196208b1b465380f46ad84e72520251b671aaa4c7dd577b9cff925a1
osCmax 2.5.4 Code Execution / CSRF / Local File Inclusion
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

osCmax version 2.5.4 suffers from code execution, cross site request forgery, and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, code execution, file inclusion, csrf
SHA-256 | 4ad8190811bf2819eca13b86515ec3b6f35acf38818dc02e5c40e799d449f463
osCommerce 2.3.4 Local File Inclusion / Cross Site Request Forgery
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

osCommerce version 2.3.4 suffers from cross site request forgery and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion, csrf
SHA-256 | 0590c4c85647c5c0a02e877aee9bff53f2ee293542d8d20f50cdb9048d52be0f
Comodo Internet Security VNC Server Exposure
Posted Feb 18, 2016
Authored by Tavis Ormandy, Google Security Research

Comodo Internet Security installs GeekBuddy which installs a weakly secure exposed VNC server.

tags | exploit
systems | linux
advisories | CVE-2014-7872
SHA-256 | 3d2e073c1d6d171f88727d9420abce1904c883acad79c0452fffab5ce7a41451
Umbraco SSRF / Cross Site Request Forgery / Cross Site Scripting
Posted Feb 18, 2016
Authored by Sandeep Kamble

Umbraco versions prior to 7.4.0 suffers from server-side request forgery, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 20bc965b21baa931f940d7ed6d8a9e9f44777aeb1ea263df14aa21c1cf9f5104
Debian Security Advisory 3482-1
Posted Feb 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3482-1 - An anonymous contributor working with VeriSign iDefense Labs discovered that libreoffice, a full-featured office productivity suite, did not correctly handle Lotus WordPro files. This would enable an attacker to crash the program, or execute arbitrary code, by supplying a specially crafted LWP file.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-0794, CVE-2016-0795
SHA-256 | ed430c3efb4a6f509b4b8da81487764d4cb3c9b7c432618398a2847e8da08603
HPE Security Bulletin HPSBUX03437 SSRT110025 1
Posted Feb 18, 2016
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03437 SSRT110025 1 - A potential security vulnerability has been identified with HP-UX running HP-UX IPFilter. The vulnerability could be remotely exploited to cause a denial of service (DoS). Note: The vulnerability only exists when HP-UX IPFilter rules are configured for UDP protocol packets and the keep state option is used in that IPFilter rule. Revision 1 of this advisory.

tags | advisory, denial of service, udp, protocol
systems | hpux
advisories | CVE-2016-1987
SHA-256 | 2745eb916db8a309777acd800fa647b1859849b68fee1ffb2d5313663544bfe5
Apache Hive Authorization Bypass
Posted Feb 18, 2016
Authored by Sushanth Sowmyan

Apache Hive fails to perform a particular authorization check. Versions affected include 0.13.x, 0.14.x, 1.0.0 through 1.0.1, 1.1.0 through 1.1.1, and 1.2.0 through 1.2.1.

tags | advisory
advisories | CVE-2015-7521
SHA-256 | c750bc1d41c1a1e9fe5413a40694d6128047b814f4d0961c94e6df37ee0341f9
Vesta Control Panel 0.9.8-15 Cross Site Scripting
Posted Feb 18, 2016
Authored by Necmettin COSKUN

Vesta Control Panel versions 0.9.8-15 and below suffer from a persistent cross site scripting vulnerability via the user agent.

tags | exploit, xss
SHA-256 | d430afd4621b5d62dad4b70ffff8d6258610f314f51abde198f22b3b9841fd8d
Ebay Cross Site Scripting
Posted Feb 18, 2016
Authored by Alexander Korznikov

ebay.com suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a29879e61b3488fdba8438c12dd745e034bbd5c2a76b31866e02d794bf818ecd
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close