Exploit the possiblities
Showing 1 - 21 of 21 RSS Feed

Files Date: 2016-08-16

Pi-Hole 2.8.1 Cross Site Scripting
Posted Aug 16, 2016
Authored by loneferret

Pi-Hole version 2.8.1 with web interface version 1.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | d49bdf23f29f72daef3eba5b800e72e7
Red Hat Security Advisory 2016-1617-01
Posted Aug 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1617-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-4565
MD5 | 677cb7fa5223b005a407dfdcc3acd58a
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20160810
Posted Aug 16, 2016
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.

Changes: Various updates.
tags | tool, kernel, peer2peer
systems | linux
MD5 | 962687647a2a7d7b8c0701a718a5cd06
GitLab Impersonate Privilege Escalation
Posted Aug 16, 2016
Authored by Kaimi

GitLab suffers from a privilege escalation vulnerability via the impersonate feature. Versions 8.2.0 through 8.2.4, 8.3.0 through 8.3.8, 8.4.0 through 8.4.9, 8.5.0 through 8.5.11, 8.6.0 through 8.6.7, and 8.7.0 are affected.

tags | exploit
advisories | CVE-2016-4340
MD5 | 74dc0c8495c4820f77c077caa43f658e
Microsoft Office Word 2013 / 2016 Denial Of Service
Posted Aug 16, 2016
Authored by Francis Provencher

Microsoft Office Word 2013 and 2016 suffer from a sprmSdyaTop denial of service vulnerability as described in MS16-099.

tags | exploit, denial of service
advisories | CVE-2016-3316
MD5 | 406c296f27879b52ae7d26001358f591
Lepton CMS 2.2.0 / 2.2.1 PHP Code Injection
Posted Aug 16, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Lepton CMS versions 2.2.0 and 2.2.1 suffer from a PHP code injection vulnerability.

tags | exploit, php
MD5 | 0bc4024be6993bf3016218577fb5a04f
HP Security Bulletin HPSBHF03441 1
Posted Aug 16, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03441 1 - Potential security vulnerabilities have been identified in HPE Integrated Lights Out 3 and HPE Integrated Lights Out 4, and Integrated Lights Out 4 mRCA. The vulnerabilities could lead to multiple remote vulnerabilities. Revision 1 of this advisory.

tags | advisory, remote, vulnerability
advisories | CVE-2016-4375
MD5 | 7bb53b946a4bfac598df11c4007a9d83
SAP ABAP BASIS 7.4 Hard-Coded Password
Posted Aug 16, 2016
Authored by Vahagn Vardanyan

SAP ABAP BASIS version 7.4 suffers from a hard-coded password vulnerability.

tags | exploit
MD5 | 254fe3343ead20a5589488af2cfd2cbf
Lepton CMS 2.2.0 / 2.2.1 Directory Traversal
Posted Aug 16, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Lepton CMS versions 2.2.0 and 2.2.1 suffer from a directory traversal vulnerability.

tags | exploit
MD5 | 2a87c3e794ca87b5376f70c267470bbc
SAP Hybris E-commerce Suite 5.1.0.3 Hard-Coded Password
Posted Aug 16, 2016
Authored by Alexey Tyurin

SAP Hybris E-commerce Suite version 5.1.0.3 suffers from a hard-coded password vulnerability.

tags | advisory
MD5 | 3641f54f63821276e249c2384bb141ae
HP Security Bulletin HPSBGN03634 1
Posted Aug 16, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03634 1 - A potential security vulnerability has been identified in HPE Enterprise Solution Sizers and Storage Sizer running Smart Update. The vulnerability could be exploited remotely to allow arbitrary code execution. Revision 1 of this advisory.

tags | advisory, arbitrary, code execution
advisories | CVE-2016-4377
MD5 | eb9d0eba85d83143c215e28d4e76ceba
php-gettext Code Execution
Posted Aug 16, 2016
Authored by crashenator

php-gettext versions prior to 1.0.12 suffer from a code execution vulnerability.

tags | advisory, php, code execution
MD5 | e8604e0dafdf2bf4b1ac7c466db8b900
HP Security Bulletin HPSBST03629 1
Posted Aug 16, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03629 1 - A potential security vulnerability has been identified with HP StoreFabric B-series switches. The vulnerability could be remotely exploited resulting in disclosure of privileged information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2016-4376
MD5 | 89fce6ef0180b30216fb833f5e034af1
Actiontec T2200H Remote Reverse Root Shell
Posted Aug 16, 2016
Authored by Andrew Klaus

Actiontec T2200H allows for command injection that provides a remote root reverse shell.

tags | exploit, remote, shell, root
MD5 | 9489a774d63572ecee9b06a196dac3fd
Junkware Removal Tool DLL Hijacking
Posted Aug 16, 2016
Authored by Stefan Kanthak

Junkware Removal Tool suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | f46a0454987a6b785bebc99b4633f867
WordPress Magic Fields 1 Cross Site Scripting
Posted Aug 16, 2016
Authored by Securify B.V., Burak Kelebek

WordPress Magic Fields 1 plugin version 1.7.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 73ed61579273f79f062cb7bb3b3d55ff
WordPress Magic Fields 2 Cross Site Scripting
Posted Aug 16, 2016
Authored by Securify B.V., Burak Kelebek

WordPress Magic Fields 2 plugin version 2.3.2.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | bb2db1fbcf679ba2a9d59fd970b39c27
WordPress Link Library 5.9.12.29 Cross Site Scripting
Posted Aug 16, 2016
Authored by Securify B.V., Burak Kelebek

WordPress Link Library plugin version 5.9.12.29 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0e3da1f14c5421d1a245af91a8b6530c
WordPress Ajax Load More 2.11.1 Local File Inclusion
Posted Aug 16, 2016
Authored by Securify B.V., Burak Kelebek

WordPress Ajax Load More plugin version 2.11.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 0c6cc28df0f188a1c1ce359e46e93ed4
WordPress Theme Directory 2.0.16 Shell Upload
Posted Aug 16, 2016
Authored by xBADGIRL21

WordPress Theme Directory versions 2.0.14 through 2.0.16 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 12c674782470cc0ea3d087ab1071ed1c
WordPress Tevolution 2.3.1 Shell Upload
Posted Aug 16, 2016
Authored by xBADGIRL21

WordPress Tevolution plugin version 2.3.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | bd5546300fd195e876e792fe8e2a2560
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close