exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2017-04-04

Botan C++ Crypto Algorithms Library 2.1.0
Posted Apr 4, 2017
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: Various updates.
tags | library
SHA-256 | 460f2d7205aed113f898df4947b1f66ccf8d080eec7dac229ef0b754c9ad6294
Debian/Ubuntu ntfs-3g Local Privilege Escalation
Posted Apr 4, 2017
Authored by h00die, Jann Horn | Site metasploit.com

ntfs-3g mount helper in Ubuntu 16.04, 16.10, Debian 7, 8, and possibly 9 does not properly sanitize the environment when executing modprobe. This can be abused to load a kernel module and execute a binary payload as the root user.

tags | exploit, kernel, root
systems | linux, debian, ubuntu
advisories | CVE-2017-0358
SHA-256 | 2ca15f26f7b775b7c9e764235153327a7035b9b299e27a2b52603944e606c8c3
SolarWind LEM Default SSH Password Remote Code Execution
Posted Apr 4, 2017
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits the default credentials of SolarWind LEM. A menu system is encountered when the SSH service is accessed with the default username and password which is "cmc" and "password". By exploiting a vulnerability that exist on the menuing script, an attacker can escape from restricted shell. This Metasploit module was tested against SolarWinds LEM v6.3.1.

tags | exploit, shell
SHA-256 | 38c9a347de106f708a89c8ce2d154e8a0699cc4ed9c612954b9310a28b9b7379
Airwatch 6.1.x / 6.4.x LDAP Injection
Posted Apr 4, 2017
Authored by Patrick Webster

Airwatch versions 6.1.x and 6.4.x suffer from an ldap injection vulnerability.

tags | exploit
SHA-256 | de63a8e1e53104e08f13950e374edc66f2fd33fd0b373e7bbf041d5891287eb4
Avaya Radvision SCOPIA Desktop SQL Injection
Posted Apr 4, 2017
Authored by Patrick Webster

Avaya Radvision SCOPIA Desktop versions 7.7.000.042 and 8.2.101.046 suffer from a blind SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 9df3a8763b4d5e5041c60ed04a57311756f2452722710236a1bec7035997445b
LanternCMS Cross Site Scripting / SQL Injection
Posted Apr 4, 2017
Authored by Patrick Webster

LanternCMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 10d7e8a5a9ae21aa469a8adb55db9076be8af353719bd4c575e7a05d73cca228
SilverStripe CMS 3.1.9 Path Disclosure
Posted Apr 4, 2017
Authored by Patrick Webster

SilverStripe CMS versions 3.1.9 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | add33c249921191d92637723848b95bc133583d1c0e290741c752d7043e43c6d
SmartJobBoard 5.0.9 Cross Site Scripting / Information Disclosure
Posted Apr 4, 2017
Authored by Patrick Webster

SmartJobBoard version 5.0.9 suffers from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | c79e0d8f6a1f8afcd1cdbe7ed6730c17027d52772fefbc91a7eebe1dc62521f4
Computer Associates (Layer7) API Gateway 7 / 8 / 9 CRLF Response Splitting / Directory Traversal
Posted Apr 4, 2017
Authored by Patrick Webster

Computer Associates API Gateway versions 7, 8, and 9 suffer from CRLF response splitting and directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion
SHA-256 | c3dd3bb5978a20a8fe51af9fbf3170c7d9624fcb5b17a87073c4c2abded21d2b
ManageEngine Applications Manager 12 / 13 XSS / SQL Injection / Code Execution
Posted Apr 4, 2017
Authored by Lukasz Juszczyk

ManageEngine Applications Manager versions 12 and 13 suffers from code execution, cross site scripting, XXE injection, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, code execution, xss, sql injection, xxe
advisories | CVE-2016-9488, CVE-2016-9489, CVE-2016-9490, CVE-2016-9491, CVE-2016-9498
SHA-256 | e1e13048508f4633fd462aa20cb03dbf93dfb087461802ac1eb799e30684ba4e
Kaseya VSA 9.02.00.04 Information Disclosure
Posted Apr 4, 2017
Authored by Patrick Webster

Kaseya VSA version 9.02.00.04 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 5a59d2ffedded5fe54949dd29511e3205fb1e3caac953287dc781deab3742ac4
Trimble / Manhattan Software IWMS 9.x XXE Injection
Posted Apr 4, 2017
Authored by Patrick Webster

Trimble / Manhattan Software IWMS version 9.x suffers from an XML external entity injection vulnerability.

tags | exploit, xxe
SHA-256 | 034d6c464fd8dfb280cc2231b57e61e57db6af0250f94c9a8ef2fd8e71db6e52
Tweek!DM Document Management Bypass / SQL Injection
Posted Apr 4, 2017
Authored by Patrick Webster

Tweek!DM Document Management suffers from bypass and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 990171f149c1422942f3130de220f72cd20ac33b6f5a833745b2d53902b4acdb
Inchoo Facebook Connect Cross Site Scripting
Posted Apr 4, 2017
Authored by Patrick Webster

Inchoo Facebook Connect plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3b57827980094611b40d59abdcc9cf5477a6100b8983ee3cadbc5ac782f744d0
Red Hat Security Advisory 2017-0869-01
Posted Apr 4, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0869-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). Enhancement:

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-8399
SHA-256 | c7b5eaf57adbad1eed998d1a79c4920ea877082a5e42528c470ee450b22b4b7b
HPE Security Bulletin HPESBGN03721 1
Posted Apr 4, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBGN03721 1 - A potential vulnerability has been identified in HPE Operations Bridge Analytics. The vulnerability could be exploited to allow remote cross-site scripting (XSS). Revision 1 of this advisory.

tags | advisory, remote, xss
advisories | CVE-2017-5800
SHA-256 | cc75e14e24e91487e125a1a448e29db239a06453cf8b6d08d66d024f7d747e7e
AcoraCMS 7.0.0.6 Browser Redirect / Cross Site Scripting
Posted Apr 4, 2017
Authored by Patrick Webster

AcoraCMS version 7.0.0.6 suffers from arbitrary browser redirect and cross site scripting vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss
SHA-256 | b87426ec9fff88fdce255750542faa9c5b3eef962346cece91f55d16975ad4b2
Kaseya VSA 6.5.0.0 XSS / Brute Force
Posted Apr 4, 2017
Authored by Patrick Webster

Kaseya VSA version 6.5.0.0 suffers from cross site scripting and brute forcing vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 7fe218cd1c415fe7ecf706fc430277ad0a16b68a9d7aa68e327097eb8897004b
Maian Survey 1.1 SQL Injection
Posted Apr 4, 2017
Authored by Ihsan Sencan

Maian Survey version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 135643f1f5cf111b556e74c6a07c97400359b992d68b9de6fc965f8fcfe720c0
Maian Greetings 2.1 SQL Injection
Posted Apr 4, 2017
Authored by Ihsan Sencan

Maian Greetings version 2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d3577d5114f7cfd0b2637e700cafa78f065d0f9ae7e24019f660d9ec472b7ce6
Botan C++ Crypto Algorithms Library 1.10.16
Posted Apr 4, 2017
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: Various updates.
tags | library
SHA-256 | 6c5472401d06527e87adcb53dd270f3c9b1fb688703b04dd7a7cfb86289efe52
Maian Uploader 4.0 SQL Injection
Posted Apr 4, 2017
Authored by Ihsan Sencan

Maian Uploader version 4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c8fd181fafea3f932cda69cd7c8b127b538ab5ca638746c5e0c391c76b34c8ff
Apache Tomcat 6 / 7 / 8 / 9 Information Disclosure
Posted Apr 4, 2017
Authored by justpentest

Apache Tomcat versions 6, 7, 8, and 9 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2016-6816
SHA-256 | 731c512de3b9572b0d268461b83f563c6dac151dc2be51647331b04ca2296ad2
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close