Twenty Year Anniversary
Showing 1 - 16 of 16 RSS Feed

Files Date: 2016-08-15

WordPress Google Maps 2.1.2 Cross Site Scripting
Posted Aug 15, 2016
Authored by Securify B.V., Julien Rentrop

WordPress Google Maps plugin version 2.1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f9844dd54b9498055970a52b9ba3b5cd
WordPress Photo Gallery 1.8.5 Cross Site Request Forgery
Posted Aug 15, 2016
Authored by Securify B.V., Umit Aksu

WordPress Photo Gallery by Supsystic plugin version 1.8.5 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 625ced56b0cca98e30d45e32fb4b8dcf
WordPress Email Users 4.8.3 Cross Site Request Forgery
Posted Aug 15, 2016
Authored by Securify B.V., Julien Rentrop

WordPress Email Users plugin version 4.8.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | b62a138839af9627696d31ca2bd6890c
WordPress Peter's Login Redirect 2.9.0 XSS / CSRF
Posted Aug 15, 2016
Authored by Yorick Koster, Securify B.V.

WordPress Peter's Login Redirect plugin version 2.9.0 suffers from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 164261e2b6677c675ff9d7ad23a326d9
WordPress Photo Gallery 1.8.5 Cross Site Scripting
Posted Aug 15, 2016
Authored by Securify B.V., Umit Aksu

WordPress Photo Gallery by Supsystic plugin version 1.8.5 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | f0ce8f15f849c182b8d5d9749db7f90d
Taser Axon Dock 3.1 Authentication Bypass
Posted Aug 15, 2016
Authored by Reginald Dodd

Taser Axon Dock version 3.1 suffers from authentication bypass vulnerabilities.

tags | exploit, vulnerability, bypass
MD5 | 610172bfaf49b7ab2d9fb5729ecbd246
Stash CMS 1.0.3 SQL Injection
Posted Aug 15, 2016
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Stash CMS version 1.0.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 55790a0ec2601c8f91f6ae69d1f71743
nopCommerce 3.70 Cross Site Scripting
Posted Aug 15, 2016
Authored by Tal Argoni

nopCommerce version 3.70 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a2ff01c1639a3eb2b26e9d9118b1813d
OpenCart 2.0.3.1 Cross Site Scripting
Posted Aug 15, 2016
Authored by Hamed Izadi

OpenCart version 2.0.3.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1bcebd45a68c1ba36cd7e4594c685b3c
Ubuntu Security Notice USN-3061-1
Posted Aug 15, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3061-1 - Eddie Harari discovered that OpenSSH incorrectly handled password hashing when authenticating non-existing users. A remote attacker could perform a timing attack and enumerate valid users. Tomas Kuthan, Andres Rojas, and Javier Nieto discovered that OpenSSH did not limit password lengths. A remote attacker could use this issue to cause OpenSSH to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-6210, CVE-2016-6515
MD5 | 6cd4c17a7cea97f346989d636afe8d94
Debian Security Advisory 3648-1
Posted Aug 15, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3648-1 - Multiple vulnerabilities were discovered in the dissectors for NDS, PacketBB, WSP, MMSE, RLC, LDSS, RLC and OpenFlow, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2016-6504, CVE-2016-6505, CVE-2016-6506, CVE-2016-6507, CVE-2016-6508, CVE-2016-6509, CVE-2016-6510, CVE-2016-6511
MD5 | 7d9a1981d5360ad4e39652e20db69e96
Telegram Bot API Cross Site Request Forgery / Denial Of Service
Posted Aug 15, 2016
Authored by 4L1R3Z4

A cross site request forgery vulnerability in the Telegram Bot API can allow for denial of service attacks.

tags | exploit, denial of service, info disclosure, csrf
MD5 | 64297ed3dab411f1c63fa2afe6521ab2
Linksys E2500 / E1200 Command Injection
Posted Aug 15, 2016
Authored by Samuel Huntley

Linksys E2500 and E1200 devices suffered from a command injection vulnerability.

tags | advisory
MD5 | 4a9806bc0b231056d9a9f35fdc20cac9
Linksys E1200 Authorization Bypass
Posted Aug 15, 2016
Authored by Samuel Huntley

Parent controls on the Linksys E1200 suffered from having missing authorization controls.

tags | advisory, bypass
MD5 | 3c0fca9a22c61bce7065467c592c5e92
PayPal 2FA Bypass
Posted Aug 15, 2016
Authored by Shawar Khan | Site vulnerability-lab.com

PayPal suffered from a two-factor authentication bypass vulnerability.

tags | exploit, bypass
MD5 | 5fd8a55eb3be5fd0fd4a9fd7259e0dea
Joomla AceFTP Arbitrary File Download
Posted Aug 15, 2016
Authored by howucan

Joomla AceFTP component appears to suffer from an arbitrary file download vulnerability.

tags | exploit, arbitrary
MD5 | ba8083aabec860386c829a33fb43ca68
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    1 Files
  • 18
    Nov 18th
    1 Files
  • 19
    Nov 19th
    3 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    7 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close