all things security
Showing 1 - 25 of 32 RSS Feed

Files Date: 2016-11-08

NETGEAR ADSL Router WNR500 1.0.7.2 Authenticated Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

NETGEAR ADSL router WNR500 with firmware version 1.0.7.2 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 747f55dee43e920764d5ecd3ac92e6be
WordPress WassUp Real Time Analytics 1.9 Cross Site Scripting
Posted Nov 8, 2016
Authored by Securify B.V., Burak Kelebek

WordPress WassUp Real Time Analytics plugin version 1.9 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 65bdb981f48a8a70d32a006db0d3a97e
D-Link ADSL Router DSL-2750E SEA_1.01 Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

D-Link ADSL router DSL-2750E with firmware version SEA_1.01 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 5bc47508221a15c46958d01a10a933c0
D-Link ADSL Router DSL-2750U IN_1.02 Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

D-Link ADSL router DSL-2750U with firmware version IN_1.02 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 0e9f686623d0693839f1d3eb50b72896
D-Link ADSL Router DSL-2750E SEA_1.04 Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

D-Link ADSL router DSL-2750E with firmware version SEA_1.04 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | d8d245dfa2b3b09db5495627298de150
PLANET ADSL Router AND-4101 1.8 Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

PLANET ADSL router AND-4101 version 1.8 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | ecd61b18820d4f6c4a15e656f0671864
NETGEAR ADSL Router JNR1010 1.0.0.16 Authenticated Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

NETGEAR ADSL router JNR1010 with firmware version 1.0.0.16 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | d33e29e7f827d147f228eba790c24732
D-Link ADSL Router DSL-2730U IN_1.02 Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

D-Link ADSL router DSL-2730U with firmware version IN_1.02 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 873c4d3f8a51b30021ca180435e768a8
MOVISTAR ADSL Router BHS_RTA BHS_RTA_C0_019 Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

MOVISTAR ADSL router BHS_RTA BHS_RTA_C0_019 suffers from a file disclosure vulnerability.

tags | exploit
MD5 | b20e3a35a47308c805b9a82524867d3e
WordPress Caldera Forms 1.3.5.3 Cross Site Scripting
Posted Nov 8, 2016
Authored by Securify B.V., Jurgen Kloosterman

WordPress Caldera Forms plugin version 1.3.5.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3dc44cc3f5bd965a1a7826fd63931a9f
WordPress Quotes Collection 2.0.5 Cross Site Scripting
Posted Nov 8, 2016
Authored by Yorick Koster, Securify B.V.

WordPress Quotes Collection plugin version 2.0.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | bc366a974dcdbff135ba8c177ff78ff6
WordPress YITH WooCommerce Compare 2.0.9 PHP Object Injection
Posted Nov 8, 2016
Authored by Yorick Koster, Securify B.V.

WordPress YITH WooCommerce Compare plugin version 2.0.9 suffers from a PHP object injection vulnerability.

tags | exploit, php
MD5 | 31616f34fc67b6800ac686eebe3d57f6
Bart Ransomware (Win32/Filecoder.Bart) (Kidnapping) Resource Hacking
Posted Nov 8, 2016
Authored by Todor Donev

This report explains the ability to change the code of Bart. An attacker can edit the code and seamlessly put their own dark website with a different Bitcoin account.

tags | exploit
MD5 | a6d7580c00427bf2c48a31ade058d9fb
Android Proxy Auto Config (PAC) Crash
Posted Nov 8, 2016
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Android devices can be crashed forcing a halt and then a soft reboot by downloading a large proxy auto config (PAC) file when adjusting the Android networking settings. This can also be exploited by an MITM attacker that can intercept and replace the PAC file. However, the bug is mitigated by multiple factors and the likelihood of exploitation is low.

tags | exploit, denial of service
advisories | CVE-2016-6723
MD5 | 2fa68504ac9ddb6c75e9d6c2714fdd85
Verint Impact 360 11.1 Cross Site Scripting
Posted Nov 8, 2016
Authored by Sanehdeep Singh

Verint Impact 360 version 11.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2c37eb75b45e04584aaae5ac5e1a4ef1
D-Link DIR Routers HNAP Login Stack Buffer Overflow
Posted Nov 8, 2016
Authored by Pedro Ribeiro

A stack buffer overflow affects several D-Link routers and can be exploited by an unauthenticated attacker. The interesting thing about this vulnerability is that it affects both ARM and MIPS devices, so exploitation is slightly different for each type.

tags | advisory, overflow
advisories | CVE-2016-6563
MD5 | d3a085c7858b7b0de7bb572e6ea818f9
Debian Security Advisory 3707-1
Posted Nov 8, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3707-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox or denial of service.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2016-5542, CVE-2016-5554, CVE-2016-5573, CVE-2016-5582, CVE-2016-5597
MD5 | f1e5fb2ecc833c86bb5934b94ab05183
HP Security Bulletin HPSBGN03643 1
Posted Nov 8, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03643 1 - Potential security vulnerabilities have been identified in the Filter SDK component of HPE KeyView. These vulnerabilities could be exploited remotely to allow code execution. Revision 1 of this advisory.

tags | advisory, vulnerability, code execution
advisories | CVE-2016-4402, CVE-2016-4403, CVE-2016-4404
MD5 | 683576c645e376e86c3e5ea17149bae3
Red Hat Security Advisory 2016-2675-01
Posted Nov 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2675-01 - The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. Security Fix: An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.

tags | advisory, local, root
systems | linux, redhat
advisories | CVE-2016-7035
MD5 | 63673cbb36cbe7598d24b5bc1b93c4fa
HP Security Bulletin HPSBGN03656 1
Posted Nov 8, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03656 1 - Several vulnerabilities are addressed in this security bulletin: * Potential security vulnerabilities were identified in HPE Network Node Manager i (NNMi) Software. The vulnerability could result in cross-site scripting (XSS). * A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Network Node Manager i (NNMi) Software. The vulnerability could be remotely exploited to allow remote code execution. Revision 1 of this advisory.

tags | advisory, java, remote, vulnerability, code execution, xss
advisories | CVE-2016-4398, CVE-2016-4399, CVE-2016-4400
MD5 | f6cfabe7f015600a4603fc75872b9e35
HP Security Bulletin HPSBGN03657 1
Posted Nov 8, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03657 1 - A potential security vulnerability was identified in HPE Network Node Manager i (NNMi) Software. The vulnerability could result in local code execution. Revision 1 of this advisory.

tags | advisory, local, code execution
advisories | CVE-2016-4397
MD5 | c711e9992be4d0d70390e7ef9040aa4b
Red Hat Security Advisory 2016-2674-01
Posted Nov 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2674-01 - The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fix: A design flaw was found in the libgcrypt PRNG. An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-6313
MD5 | a882517489b10d45e21f91429e287283
Faraznet CMS 4.x Cross Site Scripting
Posted Nov 8, 2016
Authored by IeDb

Faraznet CMS version 4.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 06557631720b079b03f41c03d6f391f7
NodCMS PHP Code Execution
Posted Nov 8, 2016
Authored by Ashiyane Digital Security Team

NodCMS suffers from a code execution vulnerability by leveraging a cross site request forgery vulnerability.

tags | exploit, code execution, csrf
MD5 | 81d154e83a278453686c21ed68f445f8
NodCMS Cross Site Scripting
Posted Nov 8, 2016
Authored by Ashiyane Digital Security Team

NodCMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9c6dab60c2a215561ebbbab2d54fa132
Page 1 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close