Showing 1 - 15 of 15

Files Date: 2017-04-07

D-Link DWR-116 Directory Traversal: Posted Apr 7, 2017; Authored by Patryk Bogdan; D-Link DWR-116 suffers from an arbitrary file download vulnerability via a directory traversal attack.; tags | exploit, arbitrary, file inclusion; advisories | CVE-2017-6190; SHA-256 | 23a0fc8addbdf276ed70de4a813cd44583c79154afa98ea96c7cc840eb71ef6a; Download | Favorite | View

Debian Security Advisory 3827-1: Posted Apr 7, 2017; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3827-1 - Multiple vulnerabilities have been discovered in the JasPer library for processing JPEG-2000 images, which may result in denial of service or the execution of arbitrary code if a malformed image is processed.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, debian; advisories | CVE-2016-10249, CVE-2016-10251, CVE-2016-9591; SHA-256 | 4170f85a10bcb8468b41aabc85e4629e67fb361a2d7f3f41e41a62a5cd16a152; Download | Favorite | View

Red Hat Security Advisory 2017-0867-03: Posted Apr 7, 2017; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2017-0867-03 - In accordance with the Red Hat Virtualization 3.x Support Life Cycle Policy, support will end on September 30, 2017. Red Hat will not provide extended support for the Red Hat Virtualization Manager and Red Hat Virtualization Host.; tags | advisory; systems | linux, redhat; SHA-256 | f33b71aaa82828c0f92dc1dc044fbc3c7a4872a31e889767ee542be1189baa1c; Download | Favorite | View

HPE Security Bulletin HPESBGN03733 1: Posted Apr 7, 2017; Authored by Hewlett Packard Enterprise | Site hpe.com; HPE Security Bulletin HPESBGN03733 1 - A potential security vulnerability in Jakarta Multipart parser in Apache Struts has been addressed in HPE Universal CMDB. This vulnerability could be remotely exploited to allow code execution via mishandled file upload. Revision 1 of this advisory.; tags | advisory, code execution, file upload; advisories | CVE-2017-5638; SHA-256 | 203b21286e8f35dd6f52eec0b3e4bbb43621d80d6ac0d878939de5e01acf4c15; Download | Favorite | View

ASUS WRT Cross Site Scripting Nmap NSE Script: Posted Apr 7, 2017; Authored by Rewanth Cool; This NSE script for Nmap exploits a cross site scripting vulnerability in ASUS WRT.; tags | exploit, xss; advisories | CVE-2017-6547; SHA-256 | dc729410f996cb5390eaf15cba905ed977d2a0114ef1313e0b4da162988f05e0; Download | Favorite | View

WordPress CopySafe Web Cross Site Request Forgery: Posted Apr 7, 2017; Authored by Zhiyang Zeng; WordPress CopySafe plugin versions prior to 2.6 suffer from multiple cross site request forgery vulnerabilities.; tags | exploit, vulnerability, csrf; SHA-256 | 39a7998d2c015107f6d803acfc684b474df99fa1e6561fcc5a9639fd7deb12bd; Download | Favorite | View

rldns Man-In-The-Middle Tool: Posted Apr 7, 2017; Authored by Ringlayer | Site ringlayer.net; rldns-mitm is a modified version of rldns version 1.1 to support man-in-the-middle attacks. Whatever dns request is received will always return a single ip address, which has been assigned via a command line argument.; tags | tool; systems | unix; SHA-256 | d5f0856cfec0e1cabe3e996ccecfef0b79818dfbe59e070fe260316da7b864e4; Download | Favorite | View

MyBB 1.8.10 Server-Side Request Forgery: Posted Apr 7, 2017; Authored by Fikri Fadzil, Wan Ikram, Jasveer Singh | Site sec-consult.com; MyBB version 1.8.10 suffers from a server-side request forgery vulnerability.; tags | exploit; advisories | CVE-2017-7566; SHA-256 | 6def021f002d068b7afcd4018825a75bd63b3083cfd72ea4e1babc7809fe489e; Download | Favorite | View

Apache Ignite 1.8 XXE Injection: Posted Apr 7, 2017; Authored by Pierre Ernst; Apache Ignite versions 1.0.0-RC3 through 1.8 suffer from an arbitrary file read that can be leveraged due to an eXternal Xml Entity vulnerability.; tags | advisory, arbitrary, xxe; advisories | CVE-2016-6805; SHA-256 | 087495b3f9da905fb1b199761aceab54aedc4dac4fd57ad1a8752e7faefe80e4; Download | Favorite | View

ASUS WRT Session Hijacking Nmap NSE Script: Posted Apr 7, 2017; Authored by Rewanth Cool; This NSE script for Nmap exploits a session hijacking vulnerability in ASUS WRT.; tags | exploit; advisories | CVE-2017-6549; SHA-256 | b45dea80c430c73f9884d44f27c5d9c6a0cd4f15377c975115423101d99aeff2; Download | Favorite | View

WordPress Elegant Themes Divi Theme Directory Traversal Nmap NSE Script: Posted Apr 7, 2017; Authored by Rewanth Cool; This NSE script for Nmap exploits a directory traversal in WordPress Elegant Themes Divi Theme.; tags | exploit; advisories | CVE-2015-1579; SHA-256 | ce7e5b084999cd800b4b712c630ec486d87251330de0d59ad9c51f9953013ca6; Download | Favorite | View

e107 CMS 2.1.4 Cross Site Request Forgery: Posted Apr 7, 2017; Authored by Zhiyang Zeng; e107 CMS version 2.1.4 suffers from multiple cross site request forgery vulnerabilities.; tags | exploit, vulnerability, csrf; SHA-256 | a3dd0d8bafb4e81d20da7c0057ad67cea0e439e447cc7a4c3fdebae5ed5634c6; Download | Favorite | View

WordPress WHIZZ Cross Site Request Forgery: Posted Apr 7, 2017; Authored by Zhiyang Zeng; WordPress WHIZZ plugin versions prior to 1.1.1 suffer from multiple cross site request forgery vulnerabilities.; tags | exploit, vulnerability, csrf; SHA-256 | dae4dd9cf6a521fdd38b81f06a1e243dfcb58003582b813621f88ef1dfe40593; Download | Favorite | View

1Password 4.6.1.619 DLL Hijacking: Posted Apr 7, 2017; Authored by Stefan Kanthak; 1Password version 4.6.1.619 suffers from an executable installer dll hijacking vulnerability.; tags | exploit; systems | windows; SHA-256 | 2886dc6785a81258444df7df6fe2e59dfa6ecc7926c2989b62c72588be404096; Download | Favorite | View

Mydbr 4.3.2 Open Redirect: Posted Apr 7, 2017; Authored by Hasnain Raza; Mydbr version 4.3.2 suffers from an open redirection vulnerability.; tags | exploit; SHA-256 | ee527ffede36e23183fe8eb30ccf4c365945df4177202187ce05a62d632940b2; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days