exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2017-04-04

Botan C++ Crypto Algorithms Library 2.1.0
Posted Apr 4, 2017
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: Various updates.
tags | library
SHA-256 | 460f2d7205aed113f898df4947b1f66ccf8d080eec7dac229ef0b754c9ad6294
Debian/Ubuntu ntfs-3g Local Privilege Escalation
Posted Apr 4, 2017
Authored by h00die, Jann Horn | Site metasploit.com

ntfs-3g mount helper in Ubuntu 16.04, 16.10, Debian 7, 8, and possibly 9 does not properly sanitize the environment when executing modprobe. This can be abused to load a kernel module and execute a binary payload as the root user.

tags | exploit, kernel, root
systems | linux, debian, ubuntu
advisories | CVE-2017-0358
SHA-256 | 2ca15f26f7b775b7c9e764235153327a7035b9b299e27a2b52603944e606c8c3
SolarWind LEM Default SSH Password Remote Code Execution
Posted Apr 4, 2017
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits the default credentials of SolarWind LEM. A menu system is encountered when the SSH service is accessed with the default username and password which is "cmc" and "password". By exploiting a vulnerability that exist on the menuing script, an attacker can escape from restricted shell. This Metasploit module was tested against SolarWinds LEM v6.3.1.

tags | exploit, shell
SHA-256 | 38c9a347de106f708a89c8ce2d154e8a0699cc4ed9c612954b9310a28b9b7379
Airwatch 6.1.x / 6.4.x LDAP Injection
Posted Apr 4, 2017
Authored by Patrick Webster

Airwatch versions 6.1.x and 6.4.x suffer from an ldap injection vulnerability.

tags | exploit
SHA-256 | de63a8e1e53104e08f13950e374edc66f2fd33fd0b373e7bbf041d5891287eb4
Avaya Radvision SCOPIA Desktop SQL Injection
Posted Apr 4, 2017
Authored by Patrick Webster

Avaya Radvision SCOPIA Desktop versions 7.7.000.042 and 8.2.101.046 suffer from a blind SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 9df3a8763b4d5e5041c60ed04a57311756f2452722710236a1bec7035997445b
LanternCMS Cross Site Scripting / SQL Injection
Posted Apr 4, 2017
Authored by Patrick Webster

LanternCMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 10d7e8a5a9ae21aa469a8adb55db9076be8af353719bd4c575e7a05d73cca228
SilverStripe CMS 3.1.9 Path Disclosure
Posted Apr 4, 2017
Authored by Patrick Webster

SilverStripe CMS versions 3.1.9 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | add33c249921191d92637723848b95bc133583d1c0e290741c752d7043e43c6d
SmartJobBoard 5.0.9 Cross Site Scripting / Information Disclosure
Posted Apr 4, 2017
Authored by Patrick Webster

SmartJobBoard version 5.0.9 suffers from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | c79e0d8f6a1f8afcd1cdbe7ed6730c17027d52772fefbc91a7eebe1dc62521f4
Computer Associates (Layer7) API Gateway 7 / 8 / 9 CRLF Response Splitting / Directory Traversal
Posted Apr 4, 2017
Authored by Patrick Webster

Computer Associates API Gateway versions 7, 8, and 9 suffer from CRLF response splitting and directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion
SHA-256 | c3dd3bb5978a20a8fe51af9fbf3170c7d9624fcb5b17a87073c4c2abded21d2b
ManageEngine Applications Manager 12 / 13 XSS / SQL Injection / Code Execution
Posted Apr 4, 2017
Authored by Lukasz Juszczyk

ManageEngine Applications Manager versions 12 and 13 suffers from code execution, cross site scripting, XXE injection, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, code execution, xss, sql injection, xxe
advisories | CVE-2016-9488, CVE-2016-9489, CVE-2016-9490, CVE-2016-9491, CVE-2016-9498
SHA-256 | e1e13048508f4633fd462aa20cb03dbf93dfb087461802ac1eb799e30684ba4e
Kaseya VSA 9.02.00.04 Information Disclosure
Posted Apr 4, 2017
Authored by Patrick Webster

Kaseya VSA version 9.02.00.04 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 5a59d2ffedded5fe54949dd29511e3205fb1e3caac953287dc781deab3742ac4
Trimble / Manhattan Software IWMS 9.x XXE Injection
Posted Apr 4, 2017
Authored by Patrick Webster

Trimble / Manhattan Software IWMS version 9.x suffers from an XML external entity injection vulnerability.

tags | exploit, xxe
SHA-256 | 034d6c464fd8dfb280cc2231b57e61e57db6af0250f94c9a8ef2fd8e71db6e52
Tweek!DM Document Management Bypass / SQL Injection
Posted Apr 4, 2017
Authored by Patrick Webster

Tweek!DM Document Management suffers from bypass and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 990171f149c1422942f3130de220f72cd20ac33b6f5a833745b2d53902b4acdb
Inchoo Facebook Connect Cross Site Scripting
Posted Apr 4, 2017
Authored by Patrick Webster

Inchoo Facebook Connect plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3b57827980094611b40d59abdcc9cf5477a6100b8983ee3cadbc5ac782f744d0
Red Hat Security Advisory 2017-0869-01
Posted Apr 4, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0869-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). Enhancement:

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-8399
SHA-256 | c7b5eaf57adbad1eed998d1a79c4920ea877082a5e42528c470ee450b22b4b7b
HPE Security Bulletin HPESBGN03721 1
Posted Apr 4, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBGN03721 1 - A potential vulnerability has been identified in HPE Operations Bridge Analytics. The vulnerability could be exploited to allow remote cross-site scripting (XSS). Revision 1 of this advisory.

tags | advisory, remote, xss
advisories | CVE-2017-5800
SHA-256 | cc75e14e24e91487e125a1a448e29db239a06453cf8b6d08d66d024f7d747e7e
AcoraCMS 7.0.0.6 Browser Redirect / Cross Site Scripting
Posted Apr 4, 2017
Authored by Patrick Webster

AcoraCMS version 7.0.0.6 suffers from arbitrary browser redirect and cross site scripting vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss
SHA-256 | b87426ec9fff88fdce255750542faa9c5b3eef962346cece91f55d16975ad4b2
Kaseya VSA 6.5.0.0 XSS / Brute Force
Posted Apr 4, 2017
Authored by Patrick Webster

Kaseya VSA version 6.5.0.0 suffers from cross site scripting and brute forcing vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 7fe218cd1c415fe7ecf706fc430277ad0a16b68a9d7aa68e327097eb8897004b
Maian Survey 1.1 SQL Injection
Posted Apr 4, 2017
Authored by Ihsan Sencan

Maian Survey version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 135643f1f5cf111b556e74c6a07c97400359b992d68b9de6fc965f8fcfe720c0
Maian Greetings 2.1 SQL Injection
Posted Apr 4, 2017
Authored by Ihsan Sencan

Maian Greetings version 2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d3577d5114f7cfd0b2637e700cafa78f065d0f9ae7e24019f660d9ec472b7ce6
Botan C++ Crypto Algorithms Library 1.10.16
Posted Apr 4, 2017
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: Various updates.
tags | library
SHA-256 | 6c5472401d06527e87adcb53dd270f3c9b1fb688703b04dd7a7cfb86289efe52
Maian Uploader 4.0 SQL Injection
Posted Apr 4, 2017
Authored by Ihsan Sencan

Maian Uploader version 4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c8fd181fafea3f932cda69cd7c8b127b538ab5ca638746c5e0c391c76b34c8ff
Apache Tomcat 6 / 7 / 8 / 9 Information Disclosure
Posted Apr 4, 2017
Authored by justpentest

Apache Tomcat versions 6, 7, 8, and 9 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2016-6816
SHA-256 | 731c512de3b9572b0d268461b83f563c6dac151dc2be51647331b04ca2296ad2
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    19 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close