Exploit the possiblities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2017-02-17

Elefant CMS 1.3.12-RC Cross Site Request Forgery
Posted Feb 17, 2017
Authored by Tim Coen | Site curesec.com

Elefant CMS version 1.3.12-RC suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | fc7cf738a673dda40b44ed50d78452f1
Simplessus Files 3.7.7 Path Traversal
Posted Feb 17, 2017
Authored by Dr. Adrian Vollmer

Simplessus Files version 3.7.7 suffers from a path traversal vulnerability.

tags | exploit
MD5 | d813c0d04e4be8d5bec232b1904c7925
Ubuntu Security Notice USN-3199-2
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-2 - USN-3199-1 fixed a vulnerability in the Python Cryptography Toolkit. Unfortunately, various programs depended on the original behavior of the Python Cryptography Toolkit which was altered when fixing the vulnerability. This update retains the fix for the vulnerability but issues a warning rather than throwing an exception. Code which produces this warning should be updated because future versions of the Python Cryptography Toolkit re-introduce the exception. Various other issues were also addressed.

tags | advisory, python
systems | linux, ubuntu
MD5 | 340428b2c433631648bcdd669fbbaccf
Gentoo Linux Security Advisory 201702-09
Posted Feb 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201702-9 - Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. Versions less than 6.9.7.4 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-10144, CVE-2016-10145, CVE-2016-10146, CVE-2016-9298, CVE-2017-5506, CVE-2017-5507, CVE-2017-5508, CVE-2017-5509, CVE-2017-5510, CVE-2017-5511
MD5 | c3fba19b13397cf8ad5131572fb7bfe3
Debian Security Advisory 3790-1
Posted Feb 17, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3790-1 - Several vulnerabilities were discovered in spice, a SPICE protocol client and server library.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2016-9577, CVE-2016-9578
MD5 | 057392338dc2777cfbf3d200578cfa4c
Ubuntu Security Notice USN-3199-1
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-1 - It was discovered that the ALGnew function in block_templace.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability. A remote attacker could use this flaw to execute arbitrary code by using a crafted initialization vector parameter.

tags | advisory, remote, overflow, arbitrary, python
systems | linux, ubuntu
MD5 | 0fa5ef4093d20bcb56084b1ba3f57d3b
Ubuntu Security Notice USN-3201-1
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3201-1 - It was discovered that Bind incorrectly handled rewriting certain query responses when using both DNS64 and RPZ. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-3135
MD5 | e8dec5411f275911113f9ec2f92c2211
Ubuntu Security Notice USN-3200-1
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3200-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2362, CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2366, CVE-2017-2369, CVE-2017-2371, CVE-2017-2373
MD5 | cf31bf98538e913c42f72a1e76e115ce
Elefant CMS 1.3.12-RC Cross Site Scripting
Posted Feb 17, 2017
Authored by Tim Coen | Site curesec.com

Elefant CMS version 1.3.12-RC suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 9a39e7b765b561f796597a4b731b9b2b
Simplessus Files 3.7.7 SQL Injection
Posted Feb 17, 2017
Authored by Dr. Adrian Vollmer

Simplessus Files version 3.7.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2f1c7f2ff30ea7a4523db75470be390d
WordPress Corner Ad 1.0.7 Cross Site Scripting
Posted Feb 17, 2017
Authored by Atik Rahman

WordPress Corner Ad plugin version 1.0.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ded59677ebaa87356ca6bd84e8b0a2f1
Joomla Team Display 1.2.1 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla Team Display component version 1.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 06a0c21c3b25433382758b689dfaaa41
Joomla Spider Calendar Lite 3.2.16 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla Spider Calendar Lite component version 3.2.16 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5ac6149b70e34862964f43ad41c24236
Joomla Groovy Gallery 1.0.0 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla Groovy Gallery component version 1.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 22db73269fc19563dd9ece8a3a8cc16b
Joomla WMT Content Timeline 1.0 SQL Injection
Posted Feb 17, 2017
Authored by Ihsan Sencan

Joomla WMT Content Timeline component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3bcae2039fcf1b3d6116af976bd1e39f
Windows x86 Protect Process Shellcode
Posted Feb 17, 2017
Authored by Ege Balci

229 bytes small Windows x86 protect process shellcode.

tags | x86, shellcode
systems | windows
MD5 | ccdac6d32d7ef147989f93231c7395e3
Xshell5 5.0 Build 1124 DLL Hijacking
Posted Feb 17, 2017
Authored by Nassim Asrir

Xshell5 version 5.0 build 1124 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 4ddc87e927a32b0464b49d6185174cb2
JBoss 4.0.2 Cross Site Scripting
Posted Feb 17, 2017
Authored by justpentest

JBoss version 4.0.2 suffers from a cross site scripting vulnerability in the jmx-console HtmlAdaptor DatabasePersistencePlugin parameter.

tags | exploit, xss
MD5 | aedb44e346ea17f3abeda1d4e1156b64
Geutebruck testaction.cgi Remote Command Execution
Posted Feb 17, 2017
Authored by Davy Douhine, Frederic Cikala, Florent Montel | Site metasploit.com

This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/testaction.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware <= 1.11.0.12 are concerned. Tested on 5.02024 G-Cam/EFD-2250 running 1.11.0.12 firmware.

tags | exploit, arbitrary, cgi, root
advisories | CVE-2017-5173, CVE-2017-5174
MD5 | 584256c90a7c1a22c6fb8b90488d1b76
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close