what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

Files Date: 2016-06-13

Apache Continuum 1.4.2 Arbitrary Command Execution
Posted Jun 13, 2016
Authored by wvu, David Shanahan | Site metasploit.com

This Metasploit module exploits a command injection in Apache Continuum versions 1.4.2 and below. By injecting a command into the installation.varValue POST parameter to /continuum/saveInstallation.action, a shell can be spawned.

tags | exploit, shell
SHA-256 | cf845d6fbc3b09514ed47ba1ed811ff6c6d343b0941a626f3ff4522492ad83c7
Zabbix 3.0.3 Remote Command Execution
Posted Jun 13, 2016
Authored by Alexander Gurin

Zabbix versions 2.2 through 3.0.3 suffer from a remote command execution vulnerability in the JSON-RPC API.

tags | exploit, remote
SHA-256 | 97a1eafdac1f66d26b0024943d2069cb5e55b0cc3215c9705548b97a7d77ddba
RSA Archer GRC Platform 5.5.x Information Disclosure
Posted Jun 13, 2016
Site emc.com

RSA Archer GRC Platform version 5.5.x suffers from a sensitive information disclosure vulnerability.

tags | advisory, info disclosure
advisories | CVE-2016-0899
SHA-256 | e9d9e9740fcc19e16903f5276534658fe27fa12046edd86511e33d352693f6e6
Red Hat Security Advisory 2016-1222-01
Posted Jun 13, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1222-01 - Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service cloud based on Red Hat OpenStack Platform. Security Fix: An issue was discovered in the image build process for the overcloud images, as used by director, resulting in all previous images to have a default root password of "rootpw". Remote root access via SSH is disabled by default.

tags | advisory, remote, root
systems | linux, redhat
advisories | CVE-2016-4474
SHA-256 | 57328f8210d5b295a596dfb0e1362d0f0ed92acbd9601df602b4091f2c01d259
Red Hat Security Advisory 2016-1224-01
Posted Jun 13, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1224-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2016-3710
SHA-256 | ad59149a8a4a31c1e49f2c7c04111870e3b67f13daa90a2517f45227802fe40b
Red Hat Security Advisory 2016-1223-01
Posted Jun 13, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1223-01 - Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service cloud based on Red Hat OpenStack Platform. Security Fix: An issue was discovered in the image build process for the overcloud images, as used by director, resulting in all previous images to have a default root password of "rootpw". Remote root access via SSH is disabled by default.

tags | advisory, remote, root
systems | linux, redhat
advisories | CVE-2016-4474
SHA-256 | 39baaf6211a66318f9c8905bb1b883a08b048793578a3794839e29e707c41851
Samsung SW Update 2.2.7.22 Insecure ACLs
Posted Jun 13, 2016
Authored by Benjamin Gnahm

Samsung's SW Update versions 2.2.7.22 and below suffer from having insecure ACLs on its directory allowing any authenticated user to escalate their privileges.

tags | exploit
SHA-256 | 4fd7871ec675d6f7a6b4d066d734cda6f750bb081f8734269b785590c3ec329e
FlashFXP 5.3.0 Memory Corruption
Posted Jun 13, 2016
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

FlashFXP version 5.3.0 suffers from a memory corruption vulnerability.

tags | exploit
SHA-256 | 0f230ac8dd2743f9697a7bbf4529866c74c7a0cfb46badab685854f7de08be6a
Joomla Affiliate Tracker 2.0.3 SQL Injection
Posted Jun 13, 2016
Authored by Mojtaba MobhaM

Joomla Affiliate Tracker version 2.0.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7852443ef79d0bf279d04e2ebe1363b6c79bfa5315e0864ab56224b91c2ee236
iSQL 1.0 Buffer Overflow
Posted Jun 13, 2016
Authored by HaHwul

iSQL version 1.0 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 9c4f4323c6e410f10df86e0bf99e7338c3fd903870baadce9dd7cc5634c565e8
iSQL 1.0 Shell Command Injection
Posted Jun 13, 2016
Authored by HaHwul

iSQL version 1.0 suffers from a shell command injection vulnerability.

tags | exploit, shell
SHA-256 | 71795379b2520b5e3f9b370cf6d946805734bb8f4fd05bd4a6911d86266e7405
couponPHP 2.1 Cross Site Scripting
Posted Jun 13, 2016
Authored by Bikramaditya Guha

couponPHP version 2.1 suffers from persistent and reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 613a71e62224a9167b08b5ffb76111090d789619fb9da87b49f160d644c9b11e
Joomla Pay Plans 3.3.6 SQL Injection
Posted Jun 13, 2016
Authored by Mojtaba MobhaM

Joomla Pay Plans component version 3.3.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | cec64fe7129690d498d6ba759794ef261c28659ae6897e75b0e02fb82cd61479
Dream Gallery 2.0 Authentication Bypass
Posted Jun 13, 2016
Authored by Ali BawazeEer

Dream Gallery version 2.0 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 5f4ff3015ebafef18c78d04d6b9fc9a80f4de68d572f1e5b5e2e1d696451a178
Foxit PDF Reader kdu_core::kdu_codestream::get_subsampling Memory Corruption
Posted Jun 13, 2016
Authored by Google Security Research, mjurczyk

Foxit PDF Reader suffers from a memory corruption vulnerability in kdu_core::kdu_codestream::get_subsampling.

tags | exploit
systems | linux
SHA-256 | 871b6d43404b215a9cc5a73169fe8e1e614a260904e3652ec205c927e6f78abf
Foxit PDF Reader CFX_BaseSegmentedArray Memory Corruption
Posted Jun 13, 2016
Authored by Google Security Research, mjurczyk

Foxit PDF Reader suffers from a memory corruption vulnerability in CFX_BaseSegmentedArray::IterateIndex.

tags | exploit
systems | linux
SHA-256 | 66c6ed2a8c6927663518e475aad6258db533f83db364d57ecd5dbd32a552f81b
Viart Shopping Cart 5.0 CSRF / Shell Upload
Posted Jun 13, 2016
Authored by Ali Ghanbari

Viart Shopping Cart version 5.0 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
SHA-256 | 190b74984e59c33687faceb9535fdc11b6432874afdba6e2fa666db12ad7fb15
Foxit PDF Reader CPDF_DIBSource Out-Of-Bounds Read
Posted Jun 13, 2016
Authored by Google Security Research, mjurczyk

Foxit PDF Reader suffers from an out-of-bounds read vulnerability in CPDF_DIBSource::TranslateScanline24bpp.

tags | exploit
systems | linux
SHA-256 | a1c3aea8ea0711cd6aeb01cb05e999be9b8ba1b415ac39be9fe636e848788638
Foxit PDF Reader CFX_WideString Invalid Read
Posted Jun 13, 2016
Authored by Google Security Research, mjurczyk

Foxit PDF Reader suffers from an invalid read vulnerability in CFX_WideString::operator=.

tags | exploit
systems | linux
SHA-256 | 435e2c8b057bc166a25a39d29a836eed49740832becb8b232e72eb4c4a4b7b1b
Foxit PDF Reader CPDF_StreamContentParser Memory Corruption
Posted Jun 13, 2016
Authored by Google Security Research, mjurczyk

Foxit PDF Reader suffers from a heap-based memory corruption vulnerability in CPDF_StreamContentParser::~CPDF_StreamContentParser.

tags | exploit
systems | linux
SHA-256 | 38e03b4deb928a6b9eb0f1d0876e9e4bee2d79fada610ab59cdceb5abe0e3d9f
Grid Gallery 1.0 Authentication Bypass
Posted Jun 13, 2016
Authored by Ali BawazeEer

Grid Gallery version 1.0 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | f05b051aa43b923a12566692500238e1b282bbc86ea14ddef75d64bff5abdaaf
FRticket Ticket System 1 Cross Site Scripting
Posted Jun 13, 2016
Authored by Hamit ABIS

FRticket Ticket System version 1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8527469fd19e7f5c5c540ddee7c8b40b47f3ad4c21ec96d6a078bbd2cf8b3fde
Easy RM To MP3 Converter 2.7.3.700 Universal DEP + ASLR Bypass
Posted Jun 13, 2016
Authored by Csaba Fitzl

Easy RM to MP3 Converter version 2.7.3.700 .m3u exploit with universal DEP + ASLR bypass.

tags | exploit, overflow
advisories | CVE-2009-1330
SHA-256 | c1b6ff1ccc271bc2947e2458d9021c1994270c51f8e9a947e5c1a3834bd58107
Riot Games League Of Legends Insecure File Permissions Privilege Escalation
Posted Jun 13, 2016
Authored by Cyril Vallicari

Riot Games League of Legends suffers from an insecure file permissions privilege escalation vulnerability.

tags | exploit
SHA-256 | 068a99e6c2e99d9bcc6db11b9c72c5815c3965b16aeebe25b36576795c37c19b
Armadito Antimalware Backdoor / Bypass
Posted Jun 13, 2016
Authored by Ax

Armadito Antimalware suffers from a bypass vulnerability.

tags | exploit, bypass
SHA-256 | 057ccef5354fec1d98a107a85aca95fd534e3b72fc282659bd24a9218a6f24e5
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    12 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close