Twenty Year Anniversary
Showing 1 - 19 of 19 RSS Feed

Files Date: 2017-02-17

Elefant CMS 1.3.12-RC Cross Site Request Forgery
Posted Feb 17, 2017
Authored by Tim Coen | Site curesec.com

Elefant CMS version 1.3.12-RC suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | fc7cf738a673dda40b44ed50d78452f1
Simplessus Files 3.7.7 Path Traversal
Posted Feb 17, 2017
Authored by Dr. Adrian Vollmer

Simplessus Files version 3.7.7 suffers from a path traversal vulnerability.

tags | exploit
MD5 | d813c0d04e4be8d5bec232b1904c7925
Ubuntu Security Notice USN-3199-2
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-2 - USN-3199-1 fixed a vulnerability in the Python Cryptography Toolkit. Unfortunately, various programs depended on the original behavior of the Python Cryptography Toolkit which was altered when fixing the vulnerability. This update retains the fix for the vulnerability but issues a warning rather than throwing an exception. Code which produces this warning should be updated because future versions of the Python Cryptography Toolkit re-introduce the exception. Various other issues were also addressed.

tags | advisory, python
systems | linux, ubuntu
MD5 | 340428b2c433631648bcdd669fbbaccf
Gentoo Linux Security Advisory 201702-09
Posted Feb 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201702-9 - Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. Versions less than 6.9.7.4 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-10144, CVE-2016-10145, CVE-2016-10146, CVE-2016-9298, CVE-2017-5506, CVE-2017-5507, CVE-2017-5508, CVE-2017-5509, CVE-2017-5510, CVE-2017-5511
MD5 | c3fba19b13397cf8ad5131572fb7bfe3
Debian Security Advisory 3790-1
Posted Feb 17, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3790-1 - Several vulnerabilities were discovered in spice, a SPICE protocol client and server library.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2016-9577, CVE-2016-9578
MD5 | 057392338dc2777cfbf3d200578cfa4c
Ubuntu Security Notice USN-3199-1
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-1 - It was discovered that the ALGnew function in block_templace.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability. A remote attacker could use this flaw to execute arbitrary code by using a crafted initialization vector parameter.

tags | advisory, remote, overflow, arbitrary, python
systems | linux, ubuntu
MD5 | 0fa5ef4093d20bcb56084b1ba3f57d3b
Ubuntu Security Notice USN-3201-1
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3201-1 - It was discovered that Bind incorrectly handled rewriting certain query responses when using both DNS64 and RPZ. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-3135
MD5 | e8dec5411f275911113f9ec2f92c2211
Ubuntu Security Notice USN-3200-1
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3200-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2362, CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2366, CVE-2017-2369, CVE-2017-2371, CVE-2017-2373
MD5 | cf31bf98538e913c42f72a1e76e115ce
Elefant CMS 1.3.12-RC Cross Site Scripting
Posted Feb 17, 2017
Authored by Tim Coen | Site curesec.com

Elefant CMS version 1.3.12-RC suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 9a39e7b765b561f796597a4b731b9b2b
Simplessus Files 3.7.7 SQL Injection
Posted Feb 17, 2017
Authored by Dr. Adrian Vollmer

Simplessus Files version 3.7.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2f1c7f2ff30ea7a4523db75470be390d
WordPress Corner Ad 1.0.7 Cross Site Scripting
Posted Feb 17, 2017
Authored by Atik Rahman

WordPress Corner Ad plugin version 1.0.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ded59677ebaa87356ca6bd84e8b0a2f1
Joomla Team Display 1.2.1 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla Team Display component version 1.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 06a0c21c3b25433382758b689dfaaa41
Joomla Spider Calendar Lite 3.2.16 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla Spider Calendar Lite component version 3.2.16 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5ac6149b70e34862964f43ad41c24236
Joomla Groovy Gallery 1.0.0 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla Groovy Gallery component version 1.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 22db73269fc19563dd9ece8a3a8cc16b
Joomla WMT Content Timeline 1.0 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla WMT Content Timeline component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3bcae2039fcf1b3d6116af976bd1e39f
Windows x86 Protect Process Shellcode
Posted Feb 17, 2017
Authored by Ege Balci

229 bytes small Windows x86 protect process shellcode.

tags | x86, shellcode
systems | windows
MD5 | ccdac6d32d7ef147989f93231c7395e3
Xshell5 5.0 Build 1124 DLL Hijacking
Posted Feb 17, 2017
Authored by Nassim Asrir

Xshell5 version 5.0 build 1124 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 4ddc87e927a32b0464b49d6185174cb2
JBoss 4.0.2 Cross Site Scripting
Posted Feb 17, 2017
Authored by justpentest

JBoss version 4.0.2 suffers from a cross site scripting vulnerability in the jmx-console HtmlAdaptor DatabasePersistencePlugin parameter.

tags | exploit, xss
MD5 | aedb44e346ea17f3abeda1d4e1156b64
Geutebruck testaction.cgi Remote Command Execution
Posted Feb 17, 2017
Authored by Davy Douhine, Frederic Cikala, Florent Montel | Site metasploit.com

This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/testaction.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware <= 1.11.0.12 are concerned. Tested on 5.02024 G-Cam/EFD-2250 running 1.11.0.12 firmware.

tags | exploit, arbitrary, cgi, root
advisories | CVE-2017-5173, CVE-2017-5174
MD5 | 584256c90a7c1a22c6fb8b90488d1b76
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    4 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close