what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2016-11-08

NETGEAR ADSL Router WNR500 1.0.7.2 Authenticated Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

NETGEAR ADSL router WNR500 with firmware version 1.0.7.2 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 37be78c42c3b55a3b819038c95ab826cabf382a3f2e995c0d63f525d10469092
WordPress WassUp Real Time Analytics 1.9 Cross Site Scripting
Posted Nov 8, 2016
Authored by Securify B.V., Burak Kelebek

WordPress WassUp Real Time Analytics plugin version 1.9 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e8137223a57a625cf51649d12b64986a673655e47a6295721338115351eeeda2
D-Link ADSL Router DSL-2750E SEA_1.01 Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

D-Link ADSL router DSL-2750E with firmware version SEA_1.01 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | b5cc0cb35b840c6c2c8438b5a60b7406a7e537060a74b65c8afb79b6db75e0da
D-Link ADSL Router DSL-2750U IN_1.02 Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

D-Link ADSL router DSL-2750U with firmware version IN_1.02 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 17a33f87025c815f104a5eaf2901d637b55e392eedc1676d79ed751ba87abf30
D-Link ADSL Router DSL-2750E SEA_1.04 Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

D-Link ADSL router DSL-2750E with firmware version SEA_1.04 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 4c263e7e84c9a03874186180d8c6e97f6a4c6172c73172bd76477eb821290289
PLANET ADSL Router AND-4101 1.8 Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

PLANET ADSL router AND-4101 version 1.8 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 0291af77aa2080fa30afc81376a583d98c46f724faff946aa572825c0d428aac
NETGEAR ADSL Router JNR1010 1.0.0.16 Authenticated Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

NETGEAR ADSL router JNR1010 with firmware version 1.0.0.16 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 24bd17b9494c941c6add9f7baaa6d068169f297fc8c99dcffdf45aad02b0f418
D-Link ADSL Router DSL-2730U IN_1.02 Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

D-Link ADSL router DSL-2730U with firmware version IN_1.02 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 7a59fc02fabba5e5c37b8d049bb3e36936533505c8239de1363d5d407955d4bb
MOVISTAR ADSL Router BHS_RTA BHS_RTA_C0_019 Remote File Disclosure
Posted Nov 8, 2016
Authored by Todor Donev

MOVISTAR ADSL router BHS_RTA BHS_RTA_C0_019 suffers from a file disclosure vulnerability.

tags | exploit
SHA-256 | 3109144c6c4063c6fbf2fb1f5dfd651b9ae5c7c7825cf67c068e8b464f5352a8
WordPress Caldera Forms 1.3.5.3 Cross Site Scripting
Posted Nov 8, 2016
Authored by Securify B.V., Jurgen Kloosterman

WordPress Caldera Forms plugin version 1.3.5.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5fe319cfc0582676fbf3df11ae0eedd99b8dcaba165bf4d04951d75ab931d4e3
WordPress Quotes Collection 2.0.5 Cross Site Scripting
Posted Nov 8, 2016
Authored by Yorick Koster, Securify B.V.

WordPress Quotes Collection plugin version 2.0.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3e714101167947eb893acf037ef84d9ed96b9fc784119af58b4e11c5506a768a
WordPress YITH WooCommerce Compare 2.0.9 PHP Object Injection
Posted Nov 8, 2016
Authored by Yorick Koster, Securify B.V.

WordPress YITH WooCommerce Compare plugin version 2.0.9 suffers from a PHP object injection vulnerability.

tags | exploit, php
SHA-256 | 0db04c264f42b23b55cb4613767ded49fab18d10ff1bb03155469fb2bb5d9b85
Bart Ransomware (Win32/Filecoder.Bart) (Kidnapping) Resource Hacking
Posted Nov 8, 2016
Authored by Todor Donev

This report explains the ability to change the code of Bart. An attacker can edit the code and seamlessly put their own dark website with a different Bitcoin account.

tags | exploit
SHA-256 | 235979bd4239144dac76322065de02f0e43ecad6b1af8f34cf9b75dd3c4fb090
Android Proxy Auto Config (PAC) Crash
Posted Nov 8, 2016
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Android devices can be crashed forcing a halt and then a soft reboot by downloading a large proxy auto config (PAC) file when adjusting the Android networking settings. This can also be exploited by an MITM attacker that can intercept and replace the PAC file. However, the bug is mitigated by multiple factors and the likelihood of exploitation is low.

tags | exploit, denial of service
advisories | CVE-2016-6723
SHA-256 | 9a6a1af684f67a60cc245b0a7841aeca5cc4c686f0d9b20cffcd532b0d7b75f1
Verint Impact 360 11.1 Cross Site Scripting
Posted Nov 8, 2016
Authored by Sanehdeep Singh

Verint Impact 360 version 11.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 54466b5060b6fd427f94d75478de5e4cab2d71ef2d0fa9d482daec21fc337374
D-Link DIR Routers HNAP Login Stack Buffer Overflow
Posted Nov 8, 2016
Authored by Pedro Ribeiro

A stack buffer overflow affects several D-Link routers and can be exploited by an unauthenticated attacker. The interesting thing about this vulnerability is that it affects both ARM and MIPS devices, so exploitation is slightly different for each type.

tags | advisory, overflow
advisories | CVE-2016-6563
SHA-256 | cb979ec54ab67f3c6ce43a8df2d9651d4f4b33a1511fd13e636ea603d7c292d6
Debian Security Advisory 3707-1
Posted Nov 8, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3707-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox or denial of service.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2016-5542, CVE-2016-5554, CVE-2016-5573, CVE-2016-5582, CVE-2016-5597
SHA-256 | 26c1328e5eb986a17476cf821d7021bb648a48216dc71e92833317634cdaccad
HP Security Bulletin HPSBGN03643 1
Posted Nov 8, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03643 1 - Potential security vulnerabilities have been identified in the Filter SDK component of HPE KeyView. These vulnerabilities could be exploited remotely to allow code execution. Revision 1 of this advisory.

tags | advisory, vulnerability, code execution
advisories | CVE-2016-4402, CVE-2016-4403, CVE-2016-4404
SHA-256 | 5fcf168a5e11f3ffa6c1e51ce1fa0dd0bfe6ab355c1e3756e5301a956e6c100a
Red Hat Security Advisory 2016-2675-01
Posted Nov 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2675-01 - The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. Security Fix: An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.

tags | advisory, local, root
systems | linux, redhat
advisories | CVE-2016-7035
SHA-256 | a68cb6d8e8b31bf59042cd3b25b599310ecfc4572219f094534586a9d3317e8d
HP Security Bulletin HPSBGN03656 1
Posted Nov 8, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03656 1 - Several vulnerabilities are addressed in this security bulletin: * Potential security vulnerabilities were identified in HPE Network Node Manager i (NNMi) Software. The vulnerability could result in cross-site scripting (XSS). * A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Network Node Manager i (NNMi) Software. The vulnerability could be remotely exploited to allow remote code execution. Revision 1 of this advisory.

tags | advisory, java, remote, vulnerability, code execution, xss
advisories | CVE-2016-4398, CVE-2016-4399, CVE-2016-4400
SHA-256 | 725b923c074674fa9ab362f651b92f45fa124a6151253c8521f25e8694d74589
HP Security Bulletin HPSBGN03657 1
Posted Nov 8, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03657 1 - A potential security vulnerability was identified in HPE Network Node Manager i (NNMi) Software. The vulnerability could result in local code execution. Revision 1 of this advisory.

tags | advisory, local, code execution
advisories | CVE-2016-4397
SHA-256 | 735c2d5a6677c1c934bdb6c3e7dc60d42aa3c2aa0c3349e08df85047d41419da
Red Hat Security Advisory 2016-2674-01
Posted Nov 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2674-01 - The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fix: A design flaw was found in the libgcrypt PRNG. An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-6313
SHA-256 | caf6d9e673258d4b82393cbb762f5437eca9d415345b9281588f106dbc75a521
Faraznet CMS 4.x Cross Site Scripting
Posted Nov 8, 2016
Authored by IeDb

Faraznet CMS version 4.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 520ccc53a04695dad61179d8d1abfc4f2fd58d47fbf5984487eb12e2a76925f1
NodCMS PHP Code Execution
Posted Nov 8, 2016
Authored by Ashiyane Digital Security Team

NodCMS suffers from a code execution vulnerability by leveraging a cross site request forgery vulnerability.

tags | exploit, code execution, csrf
SHA-256 | b385bfd2e1ed36be02d3dff98b02b6ed9703d813d2d8545b1bcff69187d57ded
NodCMS Cross Site Scripting
Posted Nov 8, 2016
Authored by Ashiyane Digital Security Team

NodCMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 67b9df9da3297615f3801c6acfb5b496dfb68103df20d1aa24dcbeeec602ee60
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close