exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 15 of 15

Files Date: 2016-09-30

Ubiquiti UniFi AP AC Lite 5.2.7 Improper Access Control

Posted Sep 30, 2016

Authored by Tim Schughart, Khanh Quoc Pham, Immanuel Bar

Ubiquiti UniFi AP AC Lite version 5.2.7 allows for direct modification of the database with no authentication.

tags | exploit

advisories | CVE-2016-7792

SHA-256 | f40eba146d3abfc3da878bf10eac9a021530c62f26eb11f3fb7cd42dd34d3ee2

Download | Favorite | View

Perixx PERIDUO-710W KG-1027 Spoof Attack

Posted Sep 30, 2016

Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

The Perixx PERIDUO-710W KG-1027 mouse suffers from insufficient verification of data authenticity allowing for a spoofing attack.

tags | advisory, spoof

SHA-256 | f4bc0516c208b0307fe50d327f89c8d288ef83ffc61506179cd54509362894b3

Download | Favorite | View

CHERRY B.UNLIMITED AES JD-0400EU-2/01 Spoof Attack

Posted Sep 30, 2016

Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

The CHERRY B.UNLIMITED AES JD-0400EU-2/01 mouse suffers from insufficient verification of data authenticity allowing for a spoofing attack.

tags | advisory, spoof

SHA-256 | 1638ec208f8e37eaf9b5a1c43ce2ce9035fedf7e2ee03ce599899ee97a9d2669

Download | Favorite | View

Netgear Genie 2.4.32 Privilege Escalation

Posted Sep 30, 2016

Authored by Tulpa

Netgear Genie version 2.4.32 suffers from an unquoted service path elevation of privilege vulnerability.

tags | exploit

SHA-256 | 2056971e0ae31e7938639d6e5878bad3c9fc7563e3f320699fe69f8f53a5d5ff

Download | Favorite | View

Sophos UTM 9.405-5 / 9.404-5 Information Disclosure

Posted Sep 30, 2016

Authored by Tim Schughart, Khanh Quoc Pham

Sophos UTM versions 9.405-5 and 9.404-5 suffer from information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure

advisories | CVE-2016-7397, CVE-2016-7442

SHA-256 | d41db865905127ac19f3ef1c4274c38fede90b47131595b8392634352dd0efc8

Download | Favorite | View

Logitech M520 Y-R0012 Spoof Attack

Posted Sep 30, 2016

Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

The Logitech M520 Y-R0012 mouse suffers from insufficient verification of data authenticity allowing for a spoofing attack.

tags | advisory, spoof

SHA-256 | b5b536b4797a8eff1eb40c967a4bdf37db110f16f71fc0a6f0da5e15e92a9b27

Download | Favorite | View

Joomla Huge-IT Portfolio Gallery 1.0.6 SQL Injection

Posted Sep 30, 2016

Authored by Larry W. Cashdollar

Joomla Huge-IT Portfolio Gallery plugin version 1.0.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

advisories | CVE-2016-1000124

SHA-256 | c736d80fc3abb2b181ac9b8ebf78e33ac2a58f366fa330b5853b34264816675e

Download | Favorite | View

Apache MyFaces Trinidad Information Disclosure

Posted Sep 30, 2016

Authored by Teemu Kaariainen, Andy Schwartz

Apache MyFaces Trinidad versions 1.0.0 to 1.0.13, 1.2.1 to 1.2.14, 2.0.0 to 2.0.1, and 2.1.0 to 2.1.1 suffer from an information disclosure vulnerability.

tags | advisory, info disclosure

advisories | CVE-2016-5019

SHA-256 | d52ae0b80ff5e5d1cc0efc513c971067776f22f749a120d81c7b142b8af4aa14

Download | Favorite | View

Abus Security Cams 0101a Cross Site Scripting

Posted Sep 30, 2016

Authored by Tim Schughart

Abus Security Cams version 0101a suffer from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 648c480851032ffc3e2a82f73e241748f1cdb7c65fbc13387177b4b51e815d29

Download | Favorite | View

KeepNote 0.7.8 Remote Command Execution

Posted Sep 30, 2016

Authored by R-73eN

KeepNote version 0.7.8 remote command execution exploit.

tags | exploit, remote

SHA-256 | 8bfd902ee6f98b0f54948d1c268ef2b23dc7997141f131f8746da78e239a4fd6

Download | Favorite | View

WordPress KBoard Cross Site Scripting

Posted Sep 30, 2016

Authored by T3NZOG4N, Mojtaba MobhaM, FireKernel

WordPress KBoard plugin versions prior to 4.4 suffer from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | b0fb3e1c2b8f1c0e641f0aa5ff3083546bad3cc404b8b157a455e4163687d85a

Download | Favorite | View

WordPress KBoard 2.7 SQL Injection

Posted Sep 30, 2016

Authored by T3NZOG4N, Mojtaba MobhaM, FireKernel

WordPress KBoard plugin version 2.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | 0ec3c9361595ffdfaf4d2a9a071fda6cac0360bf0a97484ea409460c56ce7643

Download | Favorite | View

Snort 2.9.7.0-WIN32 DLL Hijacking

Posted Sep 30, 2016

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Snort version 2.9.7.0-WIN32 suffers from a dll hijacking vulnerability.

tags | exploit

systems | windows

advisories | CVE-2016-1417

SHA-256 | 99e8267b21959831c715ef5fa474d44025b8ef4dced326af53c493d96ca68d98

Download | Favorite | View

Joomla Huge-IT Catalog 1.0.7 SQL Injection

Posted Sep 30, 2016

Authored by Larry W. Cashdollar

Joomla Huge-IT Catalog component version 1.0.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

advisories | CVE-2016-1000125

SHA-256 | ec7c54b92dde7ae79e9dedd8de808f51247be85b0c3eea5eefcd781c3c987514

Download | Favorite | View

AnswerScript 2.7.1 Cross Site Scripting

Posted Sep 30, 2016

Authored by indoushka

AnswerScript version 2.7.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 9c6a3496429128b109c27d8c038eb36008a1315ff779be364d9d17791a02999d

Download | Favorite | View