Exploit the possiblities
Showing 1 - 24 of 24 RSS Feed

Files Date: 2017-09-26

WordPress Apartment Management System SQL Injection
Posted Sep 26, 2017
Authored by Ihsan Sencan

WordPress Apartment Management System extension suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 30c295cccd89b1bc7f06ff8685aac83b
Fibaro Home Center 2 Remote Command Execution
Posted Sep 26, 2017
Authored by forsec

Fibaro Home Center 2 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 09c6be8673678a057db790d7e6a6f990
WordPress Hospital Management System SQL Injection
Posted Sep 26, 2017
Authored by Ihsan Sencan

WordPress Hospital Management System extension suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8682387811a842d29be436f261c6077f
WordPress School Management System SQL Injection
Posted Sep 26, 2017
Authored by Ihsan Sencan

WordPress School Management System extension suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0cda76a901e15da566800aa0938da66e
WordPress Gym Management System SQL Injection
Posted Sep 26, 2017
Authored by Ihsan Sencan

WordPress Gym Management System extension suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 213ed8e46043db75d6c8d036fdc3b338
Microsoft Security Bulletin CVE Revision Increment For September, 2017
Posted Sep 26, 2017
Site microsoft.com

This Microsoft bulletin summary lists a CVE that has undergone a major revision increment.

tags | advisory
advisories | CVE-2017-8628
MD5 | 961696dd6c4f6e909336f122b5339803
Red Hat Security Advisory 2017-2810-01
Posted Sep 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2810-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2014-9970, CVE-2015-6644, CVE-2017-2582, CVE-2017-5645, CVE-2017-7536
MD5 | 85bba48cb7d9766ea095711a1a7abd74
Red Hat Security Advisory 2017-2800-01
Posted Sep 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2800-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2017-1000253
MD5 | f624242496e3e9e5bd4a524d360f827d
Gentoo Linux Security Advisory 201709-26
Posted Sep 26, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201709-26 - A vulnerability in libsoup might allow remote attackers to execute arbitrary code. Versions less than 2.56.1 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2017-2885
MD5 | c8d38d81687d7e66c2429726ec0b8124
Phrack - Attacking JavaScript Engines
Posted Sep 26, 2017
Authored by phrack, saelo

Phrack: Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622.

tags | javascript, magazine
advisories | CVE-2016-4622
MD5 | 7eb5ac7affbfc927e6c0294bb84baa2c
Red Hat Security Advisory 2017-2799-01
Posted Sep 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2799-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2017-1000253
MD5 | d9a8cbf51e80abb6a2ee952cb1ae1ca9
HP Security Bulletin HPESBGN03773 1
Posted Sep 26, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBGN03773 1 - A potential security vulnerability has been identified in Application Performance Management (BSM) Platform. The vulnerability could be remotely exploited to allow code execution. Revision 1 of this advisory.

tags | advisory, code execution
advisories | CVE-2017-14350
MD5 | 2c4565d1d661e2fe9764d28afd92d037
NodeJS Debugger Command Injection
Posted Sep 26, 2017
Authored by Patrick Thomas | Site metasploit.com

This Metasploit module uses the "evaluate" request type of the NodeJS V8 debugger protocol (version 1) to evaluate arbitrary JS and call out to other system commands. The port (default 5858) is not exposed non-locally in default configurations, but may be exposed either intentionally or via misconfiguration.

tags | exploit, arbitrary, protocol
MD5 | 260e98e4a2de2ba0114c147e14bfe31c
Adobe Flash appleToRange Out-Of-Bounds Read
Posted Sep 26, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from an out-of-bounds read in applyToRange.

tags | exploit
advisories | CVE-2017-11282
MD5 | 2affd9d0f1912209f30f0ba1d9e102af
Adobe Flash MP4 Edge Processing Out-Of-Bounds Write
Posted Sep 26, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from an out-of-bounds write vulnerability in MP4 Edge Processing.

tags | exploit
advisories | CVE-2017-11281
MD5 | 1fba274055f73bc9face215dd69b7fef
Adobe Flash MP4 Parsing Out-Of-Bounds Read
Posted Sep 26, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from an out-of-bounds memory read vulnerability in MP4 parsing.

tags | exploit
advisories | CVE-2017-11281
MD5 | 24f532664260c990b1f1cef42371784e
Broadcom 802.11r (FT) Reassociation Response Overflows
Posted Sep 26, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from multiple overflow vulnerabilities when handling 802.11r (FT) Reassociation Response.

tags | advisory, overflow, vulnerability
advisories | CVE-2017-11121
MD5 | 1e78093fdd782872ab115f5141a79346
Broadcom 802.11k Neighbor Report Response Out-Of-Bounds Write
Posted Sep 26, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from an out-of-bounds write when handling 802.11k Neighbor Report Response.

tags | exploit
advisories | CVE-2017-11120
MD5 | c66159611f52d4704833cd26af2fd32d
Broadcom 802.11v WNM Sleep Mode Response Heap Overflow
Posted Sep 26, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from a heap overflow vulnerability when handling 802.11v WNM Sleep Mode Response.

tags | advisory, overflow
advisories | CVE-2017-7065
MD5 | 48eb86c5a0494efa869be0836999b41c
CyberLink LabelPrint Buffer Overflow
Posted Sep 26, 2017
Authored by f3ci

CyberLink LabelPrint versions prior to 2.5 SEH unicode buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2017-14627
MD5 | 1cd03ffbdcf150fe1d5d92784904d0da
JitBit Helpdesk 9.0.2 Broken Authentication
Posted Sep 26, 2017
Authored by Kc57

JitBit Helpdesk versions 9.0.2 and below suffer from a broken authentication vulnerability.

tags | exploit
MD5 | c16b07e97504938d37f19aff1a6d763c
Solarwinds LEM Insecure Update Process
Posted Sep 26, 2017
Authored by Hank Leininger

Software updates for Solarwinds products are packaged and delivered insecurely, leading to root compromise of Solarwinds devices.

tags | advisory, root
MD5 | 80fc94af19356ab49a171c02ae5a06b3
Oracle 9i XDB 9.2.01 HTTP PASS Buffer Overflow
Posted Sep 26, 2017
Authored by Charles Dardaman

Oracle 9i XDB version 9.2.0.1 HTTP PASS buffer overflow exploit.

tags | exploit, web, overflow
advisories | CVE-2003-0727
MD5 | 6c259834ea4c8181ae541a8566a0832f
Disk Pulse Enterprise 10.0.12 GET Buffer Overflow
Posted Sep 26, 2017
Authored by sickness

Disk Pulse Enterprise version 10.0.12 GET buffer overflow SEH exploit.

tags | exploit, overflow
MD5 | 36b790c3356a4fa721b0bd092dc61b0f
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close