exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 339 RSS Feed

Files Date: 2016-12-01 to 2016-12-31

Dell SonicWALL Secure Mobile Access SMA 8.1 CSRF / XSS
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL Secure Mobile Access SMA version 8.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 9c6e1e62011dc14636b4f5849d5f84a87d42f3acec586620f4296ac473fb6a89
Dell SonicWALL Network Security Appliance NSA 6600 XSS
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL Network Security Appliance NSA 6600 suffers from a reflective cross site scripting vulnerability. Versions affected include NSA 6600 running SonicOS Enhanced 6.2.4.3-31n, WXA 4000 running 1.3.2.0-07, and SafeMode 6.1.0.11.

tags | exploit, xss
SHA-256 | 7acfa2c554a74790d4f42eb76bd861d05da2b1676d2dbb778bd9718473d384d5
Dell SonicWALL Global Management System GMS 8.1 Adobe Flex SOP Bypass
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL GMS versions 8.1 and below are compiled with a vulnerable version of Adobe Flex SDK allowing for same-origin request forgery and cross-site content hijacking.

tags | exploit
SHA-256 | 8f794ee7fc9e35a42edc8e64fbf6ee9b23bb21bc417c3048b02542052351a465
Dell SonicWALL Global Management System GMS 8.1 Cross Site Scripting
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL Global Management System GMS version 8.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 4ff507814e6b70172b5af043ac9e0187e3cde0d9d9dc599e3faaaaadbb3a2be8
Dell SonicWALL Global Management System GMS 8.1 Blind SQL Injection
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL Global Management System GMS version 8.1 suffers from multiple blind SQL Injection vulnerabilities.

tags | exploit, vulnerability, sql injection
SHA-256 | ed39afdb0140eefc12c029710bd973c6e28062ce928ce54e618a3047f92fce43
Gentoo Linux Security Advisory 201612-49
Posted Dec 30, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-49 - A vulnerability in mod_wsgi could lead to privilege escalation. Versions less than 4.3.0 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2014-8583
SHA-256 | ca41096d460fe443d6a3451c919e32eb523a3ee9eebf78037712cd61bf3da4d4
Red Hat Security Advisory 2016-2999-01
Posted Dec 30, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2999-01 - In accordance with the Red Hat OpenShift Enterprise Support Life Cycle Policy, support for OpenShift Enterprise 2.x will end on December 31, 2016. Red Hat will not provide extended support for this product. Customers are requested to migrate to a supported Red Hat OpenShift Enterprise product prior to the end of the life cycle for OpenShift Enterprise 2.x.

tags | advisory
systems | linux, redhat
SHA-256 | 3bd9d82cc8f62b4b6059ee2669cbdac6b398a337acfea1198811f8bd3f7fadf6
SoftMaker FreeOffice 2016 DLL Hijacking
Posted Dec 30, 2016
Authored by Stefan Kanthak

The executable installers for SoftMaker FreeOffice 2016 suffer from a dll hijacking vulnerability.

tags | advisory
systems | windows
SHA-256 | 39d6f374e7f5ddfb9ee1f781e5f859bda17f2c5deadec395f98ca0fec1c23cb7
WordPress Templatic 2.3.6 File Upload
Posted Dec 30, 2016
Authored by r3m1ck

WordPress Templatic plugin versions 2.3.6 and below suffer from a remote file upload vulnerability.

tags | exploit, remote, file upload
SHA-256 | fff3adededad0edcf403d8a8ae2510616b9205fa30fb3b7430db7969991f8258
GRIZZLY STEPPE - Russian Malicious Cyber Activity
Posted Dec 30, 2016
Site us-cert.gov

This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE.

tags | paper
SHA-256 | 982523e4d3ea03d3e507bd1c733dc795411c04b6c39b21e3be32e22dc1029863
Bettercap 1.6.0
Posted Dec 29, 2016
Authored by evilsocket | Site bettercap.org

BetterCAP is a powerful, flexible, and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.

Changes: Generated a new CA pem file with less descriptive fields, trying to clone GoDaddy CA as much as possible. New -R rainbow option! Updated mac vendors lookup file with latest version. Various other updates and improvements.
tags | tool, web, sniffer, tcp
systems | unix
SHA-256 | 3d3a14ee4fba97035034727f21e21de345c72cdcaf102f2678fe07019f684110
SwiftMailer Remote Code Execution
Posted Dec 29, 2016
Authored by Dawid Golunski

SwiftMailer versions prior to 5.4.5-DEV suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2016-10074
SHA-256 | 6c8d495f3e13599fefac246580f75812ee61962841c2cff7e333f604d3caee57
Joomla aWeb Cart Watching System For Virtuemart 2.6.0 SQL Injection
Posted Dec 29, 2016
Authored by Javi Espejo

Joomla aWeb Cart Watching System for Virtuemart component version 2.6.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7e01460777d0c5fa47b60fb42392b753f3aa3c93727eef86010d979434caf030
Android tlc_server Heap Overflow
Posted Dec 29, 2016
Authored by Google Security Research, laginimaineb

Android suffers from a heap overflow vulnerability in the tlc_server via the LOAD_TUI_RESOURCE command.

tags | advisory, overflow
SHA-256 | 86e702bdd1d488d4d30b48a6d40d70980efaf82cea8187080028d215fe150b1f
ifchk 1.0.6
Posted Dec 29, 2016
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Default log directory location has changed. PID file has been relocated.
tags | tool
systems | unix
SHA-256 | 972db3aa0cca5a41e4432bc9c3475cedbf89ac641971474928f4bfb8940ed4bc
PHPMailer Remote Code Execution
Posted Dec 29, 2016
Authored by anarc0der

PHPMailer versions prior to 5.2.18 remote code execution exploit. Written in python.

tags | exploit, remote, code execution, python
advisories | CVE-2016-10033
SHA-256 | 0c56ae7013e3bf2befd1a423d12185599a480137baf9d7604084810574ff6517
WordPress Simply Poll 1.4.1 SQL Injection
Posted Dec 28, 2016
Authored by TAD GROUP

WordPress Simply Poll plugin version 1.4.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ef47966e67d7cfe37bcac64037fb9770922a3340d0c34e06bc26a88367e9820b
Apache Qpid Broker For Java 6.1.0 Information Leak
Posted Dec 28, 2016
Authored by Oleksandr Rudyy

The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. Versions affected include 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, and 6.1.0.

tags | advisory, java, remote
advisories | CVE-2016-8741
SHA-256 | bbddbf23e1945b53856cc72ded8b1e2e1d8c44d3cf6502cc4774ffa2d0a1ea0d
PHPMailer Remote Code Execution
Posted Dec 28, 2016
Authored by Dawid Golunski

PHPMailer versions prior to 5.2.20 zero day remote code execution exploit. This bypasses the CVE-2016-10033 patch.

tags | exploit, remote, code execution
advisories | CVE-2016-10033, CVE-2016-10045
SHA-256 | 773582183b0cfc6f38ae24f52f7dfb831cd2f3410287245bc6daea84d4d8db83
Popcorn Time 5.6 DLL Hijacking
Posted Dec 28, 2016
Authored by ZwX

Popcorn Time version 5.6 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 883530884f216f6c68ef7fc7eb9ed28a2843523eb359a4b11af300a6969b344a
WordPress Image Slider 1.1.41 / 1.1.89 Arbitrary File Deletion
Posted Dec 27, 2016
Authored by Tom Adams

WordPress Image Slider plugin versions 1.1.41 and 1.1.89 suffer from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
SHA-256 | d26c0835b8209ca0f2b538837df8ceca4fa3b26c17c033bd4da15d6d4bce5a72
PHPMailer 5.2.17 Remote Code Execution
Posted Dec 27, 2016
Authored by Dawid Golunski

PHPMailer versions prior to 5.2.18 suffer from a remote code execution vulnerability. This archive consists of the full advisory and also the proof of concept code.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2016-10033
SHA-256 | dff0fa27b99b22d59b30f33bda4811c6f57a5db1cf1cab549e564bd62faa8e9c
Gentoo Linux Security Advisory 201612-48
Posted Dec 27, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-48 - Multiple vulnerabilities have been discovered in Firejail, the worst of which may allow bypassing of sandbox protection. Versions less than 0.9.44.2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
SHA-256 | c2e979eb3bc4ad52d25870c0826ed70cd68f17895354266918e0594a0f5706c0
PHPMailer 5.2.17 Remote Code Execution
Posted Dec 26, 2016
Authored by Dawid Golunski

PHPMailer version 5.2.17 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2016-10033
SHA-256 | 71254449b5468229de9f3d24cd3659f8ff035410115b6cf7f950f99bf518712f
Wampserver 3.0.6 Privilege Escalation
Posted Dec 26, 2016
Authored by Heliand Dema

Wampserver version 3.0.6 suffers from an insecure file permissions privilege escalation vulnerability.

tags | exploit
SHA-256 | c7e89a27153abc7ebb3140264dc5c61b0e999733bfa04f0a88ce1e56a56b9a1d
Page 1 of 14
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close