what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2017-02-17

Elefant CMS 1.3.12-RC Cross Site Request Forgery
Posted Feb 17, 2017
Authored by Tim Coen | Site curesec.com

Elefant CMS version 1.3.12-RC suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | de7243db48cddd6c808e1a9eacb1044d56649c1f9f4181acc839a3c6a756964e
Simplessus Files 3.7.7 Path Traversal
Posted Feb 17, 2017
Authored by Dr. Adrian Vollmer | Site syss.de

Simplessus Files version 3.7.7 suffers from a path traversal vulnerability.

tags | exploit
SHA-256 | ca93aac35bd3715340c6f154e617f228396816f0d6c00017e81d884b06b9a427
Ubuntu Security Notice USN-3199-2
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-2 - USN-3199-1 fixed a vulnerability in the Python Cryptography Toolkit. Unfortunately, various programs depended on the original behavior of the Python Cryptography Toolkit which was altered when fixing the vulnerability. This update retains the fix for the vulnerability but issues a warning rather than throwing an exception. Code which produces this warning should be updated because future versions of the Python Cryptography Toolkit re-introduce the exception. Various other issues were also addressed.

tags | advisory, python
systems | linux, ubuntu
SHA-256 | ffdcb4098907eacbe478078964c23d7b8fe357a3fb8a5cf606b1d9935d33f913
Gentoo Linux Security Advisory 201702-09
Posted Feb 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201702-9 - Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. Versions less than 6.9.7.4 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-10144, CVE-2016-10145, CVE-2016-10146, CVE-2016-9298, CVE-2017-5506, CVE-2017-5507, CVE-2017-5508, CVE-2017-5509, CVE-2017-5510, CVE-2017-5511
SHA-256 | 76c4d959e155995070047941ecd5e0069dcc43c4077e5f8e9c14cc9087bcdc9c
Debian Security Advisory 3790-1
Posted Feb 17, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3790-1 - Several vulnerabilities were discovered in spice, a SPICE protocol client and server library.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2016-9577, CVE-2016-9578
SHA-256 | 49cc794953e2a7fa3792442d95f833015b85f773dc7987a963b5beab5882e82d
Ubuntu Security Notice USN-3199-1
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-1 - It was discovered that the ALGnew function in block_templace.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability. A remote attacker could use this flaw to execute arbitrary code by using a crafted initialization vector parameter.

tags | advisory, remote, overflow, arbitrary, python
systems | linux, ubuntu
SHA-256 | e8a7c38d5847c9eb619e356107017e6f6145e41512cc339e081a0c3d1ef48e20
Ubuntu Security Notice USN-3201-1
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3201-1 - It was discovered that Bind incorrectly handled rewriting certain query responses when using both DNS64 and RPZ. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-3135
SHA-256 | aa4b9a3339b5c3377bb62c14333d747ef7a018f9172d10f35322b16f7763eef6
Ubuntu Security Notice USN-3200-1
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3200-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2362, CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2366, CVE-2017-2369, CVE-2017-2371, CVE-2017-2373
SHA-256 | a61c6b895c9fb308b79806c33c686eac64252cfe20244790ee0c7c447b60ff74
Elefant CMS 1.3.12-RC Cross Site Scripting
Posted Feb 17, 2017
Authored by Tim Coen | Site curesec.com

Elefant CMS version 1.3.12-RC suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | cb68cea61a5731c1d2926a6f64a75543d5ed4edbf03a18f9eac70ef5da6d6f47
Simplessus Files 3.7.7 SQL Injection
Posted Feb 17, 2017
Authored by Dr. Adrian Vollmer | Site syss.de

Simplessus Files version 3.7.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d79a21938fcd88041127624fd9f5ba1912160c33c332652fb5b2dbfdb36b14b2
WordPress Corner Ad 1.0.7 Cross Site Scripting
Posted Feb 17, 2017
Authored by Atik Rahman

WordPress Corner Ad plugin version 1.0.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 79ca2e10f1247f6b9413b75406fbef2e991f2c4a573ac859680ce9e6ea04f3cd
Joomla Team Display 1.2.1 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla Team Display component version 1.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 14e70b0fa794bf6bbc0d06320635c01f6ad5379041bf578fef7fad22c82f7780
Joomla Spider Calendar Lite 3.2.16 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla Spider Calendar Lite component version 3.2.16 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5782b92df61aa2dc060e9f5c3d34108a2b5de2aca18cb5f23d808cf4bf210ea1
Joomla Groovy Gallery 1.0.0 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla Groovy Gallery component version 1.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2cd4d05cbe2fc0df8ebfd27f3e7c957eb5d2ac7ab07b16a16c5814c67891b79e
Joomla WMT Content Timeline 1.0 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla WMT Content Timeline component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | de7c77f4f9524697a4ce40a3724a7d5156643c454237f9228e2fde7ac0103177
Windows x86 Protect Process Shellcode
Posted Feb 17, 2017
Authored by Ege Balci

229 bytes small Windows x86 protect process shellcode.

tags | x86, shellcode
systems | windows
SHA-256 | b8fe8bc29e25d0326cace2297fc1684495e84eb4288f471a99b735848293e156
Xshell5 5.0 Build 1124 DLL Hijacking
Posted Feb 17, 2017
Authored by Nassim Asrir

Xshell5 version 5.0 build 1124 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | adc9cfccf64d4a92b0becac91603ad2491206bbe65dbe08df6868b17d64fd5f9
JBoss 4.0.2 Cross Site Scripting
Posted Feb 17, 2017
Authored by justpentest

JBoss version 4.0.2 suffers from a cross site scripting vulnerability in the jmx-console HtmlAdaptor DatabasePersistencePlugin parameter.

tags | exploit, xss
SHA-256 | d1534f71c95d9024c0e3a23e0024991e7d74c1479be8ff0756971996865d685a
Geutebruck testaction.cgi Remote Command Execution
Posted Feb 17, 2017
Authored by Davy Douhine, Frederic Cikala, Florent Montel | Site metasploit.com

This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/testaction.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware <= 1.11.0.12 are concerned. Tested on 5.02024 G-Cam/EFD-2250 running 1.11.0.12 firmware.

tags | exploit, arbitrary, cgi, root
advisories | CVE-2017-5173, CVE-2017-5174
SHA-256 | 1a871ca3aa7b2e6e423f8d9e8cda9e0aa977c1488a8441163c46f083da5f5f3c
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close