what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-03-17

phplist 3.2.6 SQL Injection
Posted Mar 17, 2017
Authored by Tim Coen | Site curesec.com

phplist version 3.2.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3a8716d8154640fb091e7e4ecb469133a180b7d026bc009f119af8e4f440c31f
HumHub 1.0.1 Cross Site Scripting
Posted Mar 17, 2017
Authored by Tim Coen | Site curesec.com

HumHub versions 1.0.1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 84e2c861e2a5b5be387957dbda21bbcdbc94dfd62a68f7116415ca90a446680c
phplist 3.2.6 Cross Site Scripting
Posted Mar 17, 2017
Authored by Tim Coen | Site curesec.com

phplist version 3.2.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 046fdb7147de89e5678f40291706a2c5db86533e5e185f63c2c0c252c570f448
WordPress Multiple Plugin File Upload
Posted Mar 17, 2017
Authored by The Martian

WordPress plugins Zen App Mobile Native versions 3.0 and below, webapp-builder version 2.0, wp2android-turn-wp-site-into-android-app version 1.1.4, mobile-app-builder-by-wappress version 1.05, and mobile-friendly-app-builder-by-easytouch version 3.0 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2017-1002000, CVE-2017-1002001, CVE-2017-1002002, CVE-2017-1002003, CVE-2017-6104
SHA-256 | d5bff193bd29f6f964bd7aa3614593b2a326b8990fd473a26860467ee66defb0
Red Hat Security Advisory 2017-0558-01
Posted Mar 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0558-01 - Mozilla Firefox is an open source web browser. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-5428
SHA-256 | b348aa755ab0960c9c8166625d6ac3c8c0533fb4a678aa4da9d8d2ccedf81f5b
Red Hat Security Advisory 2017-0549-01
Posted Mar 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0549-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The following packages have been upgraded to a later upstream version: redhat-release-virtualization-host, imgbased, redhat-virtualization-host.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-9577, CVE-2016-9578
SHA-256 | 0052f605c3d35e88430203ed2b5f303e9cc564420ae6b663866eb01d683189bb
Red Hat Security Advisory 2017-0552-01
Posted Mar 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0552-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. The following packages have been upgraded to a later upstream version: rhevm-appliance. Security Fix: A vulnerability was discovered in SPICE in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.

tags | advisory, overflow, code execution, protocol
systems | linux, redhat
advisories | CVE-2016-9577, CVE-2016-9578
SHA-256 | 7e67cfe68d03ce819942763349967d9a4ad4a5691416b3afd8bf7afc654d4a38
HumHub 0.20.1 / 1.0.0-beta.3 Shell Upload
Posted Mar 17, 2017
Authored by Tim Coen | Site curesec.com

HumHub versions 0.20.1 and 1.0.0-beta.3 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | bc26c6b7f83e3576352a65414047fbc9ceaa533e87f431f3480b0c169b02770d
WordPress Membership Simplified 1.58 Arbitrary File Download
Posted Mar 17, 2017
Authored by Larry W. Cashdollar, The Martian

WordPress Membership Simplified plugin version 1.58 arbitrary file download exploit.

tags | exploit, arbitrary
advisories | CVE-2017-1002008
SHA-256 | 4c08533b53ceaa110bfa5f0e14cb895598bf93d3e447435710268285bdcdec4b
Cisco Security Advisory 20170317-cmp
Posted Mar 17, 2017
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: The failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device, and The incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, arbitrary, local, protocol
systems | cisco, osx
advisories | CVE-2017-3881
SHA-256 | 209636ac80e070405b945bd39606a236c49f1da456a8faee8149160ebe8d92bd
CompMgmtLauncher Fileless UAC Bypass
Posted Mar 17, 2017
Authored by Enigma, Chaitanya Haritash

CompMgmtLauncher fileless UAC bypass exploit.

tags | exploit
SHA-256 | a0a044adf5767b3e816bf740206ecf733863b9b76a701325d22f43b35e474700
ICMusic CMS 1.x SQL Injection
Posted Mar 17, 2017
Authored by Bilal Kardadou

ICMusic CMS version 1.x suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | b24021d2acaab58a42b91bb21b9de8a886aec7e5b29e5f827b169cef1afd20af
AXIS Network Camera Cross Site Scripting
Posted Mar 17, 2017
Authored by OrwellLabs, SmithW | Site orwelllabs.com

AXIS Network Cameras suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-8256
SHA-256 | 7f35f4f18383ebe5ff7cc4de9dcd2a43399937773c32d623582bf5a0ce49a147
AXIS Communications Cross Site Request Forgery
Posted Mar 17, 2017
Authored by OrwellLabs | Site orwelllabs.com

AXIS Communications suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-8255
SHA-256 | 6ce1f95d63bb6a76251be7cbf6a96669d1e9595da4cc84e20c4645e334d14c72
AXIS Communications XSS / Content Inclusion
Posted Mar 17, 2017
Authored by OrwellLabs | Site orwelllabs.com

AXIS Communications with firmware versions prior to 5.80.x suffer from cross site scripting and content inclusion vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-8258
SHA-256 | 642480feefae2be497487c4e039cff10b86c95ef8ebb4844cde30dd5b7ce6249
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close