Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-03-17

phplist 3.2.6 SQL Injection
Posted Mar 17, 2017
Authored by Tim Coen | Site curesec.com

phplist version 3.2.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7c2bf3f926923355281275a000149241
HumHub 1.0.1 Cross Site Scripting
Posted Mar 17, 2017
Authored by Tim Coen | Site curesec.com

HumHub versions 1.0.1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 83937d1bbdcdebc8dbb425032c67a868
phplist 3.2.6 Cross Site Scripting
Posted Mar 17, 2017
Authored by Tim Coen | Site curesec.com

phplist version 3.2.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | fd4ff7e895f9fb0aa45877cc730cf93b
WordPress Multiple Plugin File Upload
Posted Mar 17, 2017
Authored by The Martian

WordPress plugins Zen App Mobile Native versions 3.0 and below, webapp-builder version 2.0, wp2android-turn-wp-site-into-android-app version 1.1.4, mobile-app-builder-by-wappress version 1.05, and mobile-friendly-app-builder-by-easytouch version 3.0 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2017-1002000, CVE-2017-1002001, CVE-2017-1002002, CVE-2017-1002003, CVE-2017-6104
MD5 | 88bbba2ab602c5fa130ef461e7157609
Red Hat Security Advisory 2017-0558-01
Posted Mar 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0558-01 - Mozilla Firefox is an open source web browser. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-5428
MD5 | 78334ac988f38630a372ed63cc8c5516
Red Hat Security Advisory 2017-0549-01
Posted Mar 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0549-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The following packages have been upgraded to a later upstream version: redhat-release-virtualization-host, imgbased, redhat-virtualization-host.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-9577, CVE-2016-9578
MD5 | eca1f0a2ec1d397e9b3ebb2330ca0adf
Red Hat Security Advisory 2017-0552-01
Posted Mar 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0552-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. The following packages have been upgraded to a later upstream version: rhevm-appliance. Security Fix: A vulnerability was discovered in SPICE in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.

tags | advisory, overflow, code execution, protocol
systems | linux, redhat
advisories | CVE-2016-9577, CVE-2016-9578
MD5 | ad82727f2b2f97eabba52e45a8a99396
HumHub 0.20.1 / 1.0.0-beta.3 Shell Upload
Posted Mar 17, 2017
Authored by Tim Coen | Site curesec.com

HumHub versions 0.20.1 and 1.0.0-beta.3 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | bac27572af595d598e5c3e8c9a092787
WordPress Membership Simplified 1.58 Arbitrary File Download
Posted Mar 17, 2017
Authored by Larry W. Cashdollar, The Martian

WordPress Membership Simplified plugin version 1.58 arbitrary file download exploit.

tags | exploit, arbitrary
advisories | CVE-2017-1002008
MD5 | 260861bd0a211b17bbc2fecb274f788d
Cisco Security Advisory 20170317-cmp
Posted Mar 17, 2017
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: The failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device, and The incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, arbitrary, local, protocol
systems | cisco, osx
advisories | CVE-2017-3881
MD5 | e95dfb301f191a5ec25fd4391f2377a8
CompMgmtLauncher Fileless UAC Bypass
Posted Mar 17, 2017
Authored by Enigma, Chaitanya Haritash

CompMgmtLauncher fileless UAC bypass exploit.

tags | exploit
MD5 | b3024bd40eb28f40e7a627a5abad2a1b
ICMusic CMS 1.x SQL Injection
Posted Mar 17, 2017
Authored by Bilal Kardadou

ICMusic CMS version 1.x suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 722f4f1216f9f8d4501ff1a7b0597f99
AXIS Network Camera Cross Site Scripting
Posted Mar 17, 2017
Authored by OrwellLabs, SmithW | Site orwelllabs.com

AXIS Network Cameras suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-8256
MD5 | 15128c556f3a06a3b9b223958fcb2b93
AXIS Communications Cross Site Request Forgery
Posted Mar 17, 2017
Authored by OrwellLabs | Site orwelllabs.com

AXIS Communications suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-8255
MD5 | 280b73f6048d043bb943cdc67b14838d
AXIS Communications XSS / Content Inclusion
Posted Mar 17, 2017
Authored by OrwellLabs | Site orwelllabs.com

AXIS Communications with firmware versions prior to 5.80.x suffer from cross site scripting and content inclusion vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-8258
MD5 | 87588be58b16d0c360ce0939a8bd3a7d
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close