Exploit the possiblities
Showing 1 - 23 of 23 RSS Feed

Files Date: 2017-04-04

Botan C++ Crypto Algorithms Library 2.1.0
Posted Apr 4, 2017
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: Various updates.
tags | library
MD5 | 2c91a5d65e0f9ddf4fce38bcd2734e70
Debian/Ubuntu ntfs-3g Local Privilege Escalation
Posted Apr 4, 2017
Authored by h00die, jannh[at]google.com | Site metasploit.com

ntfs-3g mount helper in Ubuntu 16.04, 16.10, Debian 7, 8, and possibly 9 does not properly sanitize the environment when executing modprobe. This can be abused to load a kernel module and execute a binary payload as the root user.

tags | exploit, kernel, root
systems | linux, debian, ubuntu
advisories | CVE-2017-0358
MD5 | 0e01d414738810b1956381fabd3b4b0e
SolarWind LEM Default SSH Password Remote Code Execution
Posted Apr 4, 2017
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits the default credentials of SolarWind LEM. A menu system is encountered when the SSH service is accessed with the default username and password which is "cmc" and "password". By exploiting a vulnerability that exist on the menuing script, an attacker can escape from restricted shell. This Metasploit module was tested against SolarWinds LEM v6.3.1.

tags | exploit, shell
MD5 | b551077e34268bd111ec9232032426a6
Airwatch 6.1.x / 6.4.x LDAP Injection
Posted Apr 4, 2017
Authored by Patrick Webster

Airwatch versions 6.1.x and 6.4.x suffer from an ldap injection vulnerability.

tags | exploit
MD5 | 9d018230a0e76872a86fc0f1fc60d245
Avaya Radvision SCOPIA Desktop SQL Injection
Posted Apr 4, 2017
Authored by Patrick Webster

Avaya Radvision SCOPIA Desktop versions 7.7.000.042 and 8.2.101.046 suffer from a blind SQL injection vulnerability.

tags | exploit, sql injection
MD5 | cb948fff839267811b4cfb5cd76607b0
LanternCMS Cross Site Scripting / SQL Injection
Posted Apr 4, 2017
Authored by Patrick Webster

LanternCMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | c6dc19aaa740a4e40266054eac2de5a3
SilverStripe CMS 3.1.9 Path Disclosure
Posted Apr 4, 2017
Authored by Patrick Webster

SilverStripe CMS versions 3.1.9 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
MD5 | de0e6325711ba6bd4d30f70771525932
SmartJobBoard 5.0.9 Cross Site Scripting / Information Disclosure
Posted Apr 4, 2017
Authored by Patrick Webster

SmartJobBoard version 5.0.9 suffers from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
MD5 | 70a0ad7b8292144d4c2b0090c4b03c63
Computer Associates (Layer7) API Gateway 7 / 8 / 9 CRLF Response Splitting / Directory Traversal
Posted Apr 4, 2017
Authored by Patrick Webster

Computer Associates API Gateway versions 7, 8, and 9 suffer from CRLF response splitting and directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion
MD5 | aa9a6a201080c8ae019201036b421b1b
ManageEngine Applications Manager 12 / 13 XSS / SQL Injection / Code Execution
Posted Apr 4, 2017
Authored by Lukasz Juszczyk

ManageEngine Applications Manager versions 12 and 13 suffers from code execution, cross site scripting, XXE injection, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, code execution, xss, sql injection
advisories | CVE-2016-9488, CVE-2016-9489, CVE-2016-9490, CVE-2016-9491, CVE-2016-9498
MD5 | 3955f3dbd6d2315f052f3f25d5c3a78f
Kaseya VSA 9.02.00.04 Information Disclosure
Posted Apr 4, 2017
Authored by Patrick Webster

Kaseya VSA version 9.02.00.04 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
MD5 | d8342ca721048f9dbe543531be1a409f
Trimble / Manhattan Software IWMS 9.x XXE Injection
Posted Apr 4, 2017
Authored by Patrick Webster

Trimble / Manhattan Software IWMS version 9.x suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | 79d5a18add30ebddc512e1a4491ee38a
Tweek!DM Document Management Bypass / SQL Injection
Posted Apr 4, 2017
Authored by Patrick Webster

Tweek!DM Document Management suffers from bypass and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 0160f108df220a9e29b0cb1baa6bcd65
Inchoo Facebook Connect Cross Site Scripting
Posted Apr 4, 2017
Authored by Patrick Webster

Inchoo Facebook Connect plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5a0e026b50724d8c4897217a8c2acb1e
Red Hat Security Advisory 2017-0869-01
Posted Apr 4, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0869-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). Enhancement:

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-8399
MD5 | 14ad0979ae718e68825be747699c9d69
HP Security Bulletin HPESBGN03721 1
Posted Apr 4, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBGN03721 1 - A potential vulnerability has been identified in HPE Operations Bridge Analytics. The vulnerability could be exploited to allow remote cross-site scripting (XSS). Revision 1 of this advisory.

tags | advisory, remote, xss
advisories | CVE-2017-5800
MD5 | 46f34a7e0a811692fcca849a298cc937
AcoraCMS 7.0.0.6 Browser Redirect / Cross Site Scripting
Posted Apr 4, 2017
Authored by Patrick Webster

AcoraCMS version 7.0.0.6 suffers from arbitrary browser redirect and cross site scripting vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss
MD5 | ebf9294c3ed3902b8146bd20c62ca6bf
Kaseya VSA 6.5.0.0 XSS / Brute Force
Posted Apr 4, 2017
Authored by Patrick Webster

Kaseya VSA version 6.5.0.0 suffers from cross site scripting and brute forcing vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 422ace8363b61c9858ef75bd8a974044
Maian Survey 1.1 SQL Injection
Posted Apr 4, 2017
Authored by Ihsan Sencan

Maian Survey version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2e62abfe8df1209a2706eb3fe772e353
Maian Greetings 2.1 SQL Injection
Posted Apr 4, 2017
Authored by Ihsan Sencan

Maian Greetings version 2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6fb4ef9c31b9f0c2a13804b0622c29cc
Botan C++ Crypto Algorithms Library 1.10.16
Posted Apr 4, 2017
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: Various updates.
tags | library
MD5 | d0c88b523b5aeaaeaf7a3f39dd9d1f3e
Maian Uploader 4.0 SQL Injection
Posted Apr 4, 2017
Authored by Ihsan Sencan

Maian Uploader version 4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f5b50fe7261015f034ba7ce00e682a15
Apache Tomcat 6 / 7 / 8 / 9 Information Disclosure
Posted Apr 4, 2017
Authored by justpentest

Apache Tomcat versions 6, 7, 8, and 9 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2016-6816
MD5 | 942614a36395e6f4a853a5410f19ae8d
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close