ignore security and it'll go away
Showing 1 - 14 of 14 RSS Feed

Files Date: 2016-06-23

EdgeCore ES3526XA Manager CSRF / Access Bypass / Weak Credentials
Posted Jun 23, 2016
Authored by Karn Ganeshen

EdgeCore ES3526XA Manager suffers from weak credential, access bypass, and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, bypass, csrf
MD5 | bb4d9ad993afe5fa615e07ce1f0cf0a0
WordPress Ultimate Product Catalog 3.8.6 Shell Upload
Posted Jun 23, 2016
Authored by Joaquin Ramirez Martinez

WordPress Ultimate Product Catalog plugin version 3.8.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 9972135514f331af513d103bacd45759
vPet Engine 2.1 SQL Injection / Backdoor Account
Posted Jun 23, 2016
Authored by indoushka

vPet Engine version 2.1 suffers from remote SQL injection and default backdoor admin account vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 9f84c5b23c30a61a098bf12a063627e7
Sierra Wireless AirLink Raven XE Industrial 3G Gateway CSRF / File Upload
Posted Jun 23, 2016
Authored by Karn Ganeshen

Sierra Wireless AirLink Raven XE Industrial 3G Gateway suffers from cross site request forgery, information disclosure, and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, info disclosure, file upload, csrf
MD5 | 3e6d79e2ff5f919a1799a9ffb4c203b2
Packet Fence 6.1.1
Posted Jun 23, 2016
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Fixed missing schema version update statement. Various other changes.
tags | tool, remote
systems | unix
MD5 | 068ef3ceea78f414ab81c470ae0379d4
Windows Local WebDAV NTLM Reflection Elevation Of Privilege
Posted Jun 23, 2016
Authored by Google Security Research, forshaw

A default installation of Windows 7/8 can be made to perform a NTLM reflection attack through WebDAV which allows a local user to elevate privileges to local system.

tags | exploit, local
systems | linux, windows, 7
advisories | CVE-2016-3225
MD5 | 82d6af8e271805e83f08f43f439eb387
Red Hat Security Advisory 2016-1292-01
Posted Jun 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1292-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449
MD5 | 59ced5e929b2b407550c94cdb91fce8b
Red Hat Security Advisory 2016-1293-01
Posted Jun 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1293-01 - The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution. The setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-4444, CVE-2016-4446, CVE-2016-4989
MD5 | 7421a4d37cd5cfa2d82f70070ea07ed2
FinderView Path Traversal / Cross Site Scripting
Posted Jun 23, 2016
Authored by HaHwul

FinderView suffers from path traversal and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion
MD5 | 55e8044d9613e0998e4b943c11aa761f
XuezhuLi FileSharing Cross Site Request Forgery
Posted Jun 23, 2016
Authored by HaHwul

XuezhuLi FileSharing suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | f210f8c3b489e225a7221ffc085155e1
XuezhuLi FileSharing Path Traversal
Posted Jun 23, 2016
Authored by HaHwul

XuezhuLi FileSharing suffers from a path traversal vulnerability.

tags | exploit, file inclusion
MD5 | 2075f3f672e08999be5e05c81909c27b
Getsimple CMS 3.3.10 Shell Upload
Posted Jun 23, 2016
Authored by s0nk3y

Getsimple CMS versions 3.3.10 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
MD5 | c539f6d7da6408ce658be6ae9c0c17bb
Dolibarr CRM Command Injection
Posted Jun 23, 2016
Authored by David Silveiro

Dolibarr CRM versions prior to 3.9.1 suffer from a command injection vulnerability.

tags | exploit
MD5 | 7e6e3f458fcecdd573c4df5d36e993a9
Quick.Cart.Ext 6.7 Cross Site Request Forgery
Posted Jun 23, 2016
Authored by s0nk3y

Quick.Cart.Ext versions 6.7 and below remote admin add cross site request forgery exploit.

tags | exploit, remote, csrf
MD5 | 75e6951c4d26297c1bc140218150bf23
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close