Exploit the possiblities
Showing 1 - 17 of 17 RSS Feed

Files Date: 2017-01-12

Cisco Firepower Management Console 6.0 Post Authentication UserAdd
Posted Jan 12, 2017
Authored by Matt, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in Cisco Firepower Management Console. The management system contains a configuration flaw that allows the www user to execute the useradd binary, which can be abused to create backdoor accounts. Authentication is required to exploit this vulnerability.

tags | exploit
systems | cisco
advisories | CVE-2016-6433
MD5 | 846d8ff8181fafdfacf01ebb0af1bdb5
Ansible 2.1.4 / 2.2.1 Command Execution
Posted Jan 12, 2017
Site computest.nl

During a summary code review of Ansible, Computest found and exploited several issues that allow a compromised host to execute commands on the Ansible controller and thus gain access to the other hosts controlled by that controller. Versions 2.1.4 and 2.2.1 are affected.

tags | exploit
advisories | CVE-2016-9587
MD5 | 55094e1c86c49071eda4c4d59903e7d2
Adobe Flash 24.0.0.186 Code Execution
Posted Jan 12, 2017
Authored by Francis Provencher

This documented vulnerability allows a remote attacker to execute malicious code or access to a part of the dynamically allocated memory using a user interaction visiting a Web page or open a specially crafted SWF file, an attacker is able to create an "out of bound" memory corruption. A file with an "ActionRecord" structure that contains an invalid value in "ActionGetURL2" could lead to remote code execution in the context of the current user. Proof of concept code included.

tags | exploit, remote, web, code execution, proof of concept
advisories | CVE-2017-2930
MD5 | 29eff5852d8270398abf4007b49b527b
Movie Portal Script 7.35 SQL Injection
Posted Jan 12, 2017
Authored by Ihsan Sencan

Movie Portal Script version 7.35 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a0ecaa368242b61f6d509811ce591b45
Travel Portal Script 9.33 SQL Injection
Posted Jan 12, 2017
Authored by Ihsan Sencan

Travel Portal Script version 9.33 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | bf82c890821d1491a6b8ddfee628854d
Siemens SIMATIC CP 343-1 Advanced IKEv1 Cipher Suite Configuration
Posted Jan 12, 2017
Authored by Andrea Barisani

The SIMATIC CP 343-1 Advanced product allows configuration of the IKEv1 cipher suite configuration, which specifies the IKE and Encapsulating Security Payload (ESP) supported algorithms, with one cipher for each setting. It is evaluated that the configuration is not consistent with the supported ciphers that are eventually applied on the IPSec responder of the SIMATIC CP 343-1 Advanced. In fact, regardless of the selected choice for the ESP cipher, it is always possible for the IPSec client to propose, and successfully use, DES, 3DES, AES128 and AES256. This invalidates the potential desire to enforce a stronger cipher, as the client can always decide to use weaker. Siemens SIMATIC CP 343-1 Advanced tested with fw V3.0.44 is affected.

tags | advisory
MD5 | 341767e9c8ce19c5df56ce607d808a9c
Cobi Tools 1.0.8 Script Insertion
Posted Jan 12, 2017
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Cobi Tools version 1.0.8 suffers from a malicious script insertion vulnerability that affects the client side application.

tags | exploit
MD5 | 98ae32ce19400a0328a797986b4e245f
Boxoft Wav 1.1.0.0 Buffer Overflow
Posted Jan 12, 2017
Authored by SaifAllah benMassaoud | Site vulnerability-lab.com

Boxoft Wav version 1.1.0.0 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 2f081ae51187d374cbf4fc6670037cbc
Huawei Flybox B660 Cross Site Request Forgery
Posted Jan 12, 2017
Authored by SaifAllah benMassaoud | Site vulnerability-lab.com

Huawei Flybox B660 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 63e75ebc52b73d2f858269fe62177d3f
Bit Defender Authentication Token Bypass
Posted Jan 12, 2017
Authored by Lawrence Amer | Site vulnerability-lab.com

Bit Defender's website suffered from an authentication token bypass vulnerability.

tags | exploit, bypass
MD5 | bf9a8af3111e5e41234ed3f5acb51ac9
Blackboard LMS 9.1 SP14 Cross Site Scripting
Posted Jan 12, 2017
Authored by Lawrence Amer | Site vulnerability-lab.com

Blackboard LMS version 9.1 SP14 suffers from a persistent cross site scripting vulnerability in the title functionality.

tags | exploit, xss
MD5 | 69b7d4ed7e0d0feba443cda421a021d0
Blackboard LMS 9.1 SP14 Cross Site Scripting
Posted Jan 12, 2017
Authored by Lawrence Amer | Site vulnerability-lab.com

Blackboard LMS version 9.1 SP14 suffers from a persistent cross site scripting vulnerability in the profile functionality.

tags | exploit, xss
MD5 | d20a2be6720f7e94c4e4f640697e77d7
Responsive File Manager 9.11.0 Cross Site Scripting
Posted Jan 12, 2017
Authored by M.R.S.L.Y

Responsive File Manager version 9.11.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ada96e5a618af02d36b564a6d168a635
Microsoft Windows 8.1 (x64) RGNOBJ Integer Overflow
Posted Jan 12, 2017
Authored by Saif

Microsoft Windows 8.1 (x64) RBNOBJ integer overflow exploit leveraging the vulnerability noted in MS16-098.

tags | exploit, overflow
systems | windows
MD5 | 8a737b7ad315dc96dce208a313e1c2f2
Microsoft Windows Kernel win32k.sys NtSetWindowLongPtr Privilege Escalation
Posted Jan 12, 2017
Authored by Rick Larabee

Microsoft Windows kernel win32k.sys NtSetWindowLongPtr privilege escalation exploit that leverages the vulnerability outlined in MS16-135.

tags | exploit, kernel
systems | windows
advisories | CVE-2016-7255
MD5 | 13ff014602aa25a46fb4bd6101ed0674
VideoLan VLC Media Player 2.2.1 Buffer Overflow
Posted Jan 12, 2017
Authored by Patrick Coleman

Proof of concept .mov that demonstrates a DecodeAdpcmImaQT buffer overflow vulnerability in VideoLAN VLC Media Player version 2.2.1.

tags | exploit, overflow, proof of concept
advisories | CVE-2016-5108
MD5 | c22ad771dd542bf753e86ddd9e463c00
Firejail Privilege Escalation
Posted Jan 12, 2017
Authored by Daniel Hodson

Firejail suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | d15a089c242f961ba736fa0d946fac7d
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close