Twenty Year Anniversary
Showing 1 - 25 of 409 RSS Feed

Files Date: 2017-12-01 to 2017-12-31

HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution
Posted Dec 30, 2017
Authored by temp66, aushack | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in HP LoadRunner before 9.50 and also HP Performance Center before 9.50. HP LoadRunner 12.53 and other versions are also most likely vulnerable if the (non-default) SSL option is turned off. By sending a specially crafted packet, an attacker can execute commands remotely. The service is vulnerable provided the Secure Channel feature is disabled (default).

tags | exploit, remote
advisories | CVE-2010-1549
MD5 | 4eb8ba850be0cf618f94b940a2f21499
Bitcoin Cash Receive Payments 1.0 Cross Site Scripting
Posted Dec 30, 2017
Authored by ShanoWeb

The CoinPayments API in Bitcoin Cash Receive Payments version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 42789bef05be6fea5b18960dbe4be86b
WBiz Desk 1.0 Cross Site Scripting
Posted Dec 30, 2017
Authored by ShanoWeb

WBiz Desk version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d1829414a65d7e17e8f99155a5028e89
Joomla Varista Education 2.9 SQL Injection
Posted Dec 30, 2017
Authored by pwny

Joomla Varista Education template version 2.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 90e0fe5c5eca8b99b688639a00e6acb4
Joomla Jtag Minicart 4.1.0 SQL Injection
Posted Dec 30, 2017
Authored by Bilal Kardadou

Joomla Jtag Minicart component version 4.1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d5e7eabd9bc8b1b4dcd3e4e160596d6f
Joomla JomHoliday 4.0 SQL Injection
Posted Dec 30, 2017
Authored by Bilal Kardadou

Joomla JomHoliday component version 4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | da2a6b3883eadf088b5f051e33b4b551
Joomla JomEvents 3.7 SQL Injection
Posted Dec 30, 2017
Authored by Bilal Kardadou

Joomla JomEvents component version 3.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 60d6031e70c6ffd4f1573e719680d17c
Joomla JomEstate PRO 3.7 SQL Injection
Posted Dec 30, 2017
Authored by Bilal Kardadou

Joomla JomEstate PRO component version 3.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 61dc15a4b90d5870784b2a593c2b9683
Joomla Jtag Members Directory 5.3.7 SQL Injection
Posted Dec 30, 2017
Authored by Bilal Kardadou

Joomla Jtag Members Directory component version 5.3.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | daf5446c9e3515dd656f602a3801b089
Joomla SP Movie Database 1.4 SQL Injection
Posted Dec 30, 2017
Authored by pwny

Joomla SP Movie Database component version 1.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | df2ddb6994191abd090eebafe2dd84e8
GNU Privacy Guard 2.2.4
Posted Dec 29, 2017
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Multiple translations updated and various new options added.
tags | tool, encryption
MD5 | 709e5af5bba84d251c520222e720972f
Lynis Auditing Tool 2.5.8
Posted Dec 29, 2017
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Check added for empty files improved on several locations. New allow-auto-purge setting in profile for short-lived systems. Additional checks for log and report file. Changes to support time synchronization in old and newer systemd releases. Enhanced output for systems other than Linux. New class (hardware) added and enabled in default profile.
tags | tool, scanner
systems | unix
MD5 | 62e95e9f15e5263d57106879c144fea2
Ansvif 1.8.1.1
Posted Dec 29, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release is for Windows 10 compatibility. Includes an ansvif.exe (with embedded icon this time), and printf.exe for reproducing faults. Also included are the examples to test ansvif on.
tags | tool, fuzzer
systems | unix
MD5 | f47c628a779c1cf59ca0520159f7b5a8
Joomla! JEXTN FAQ Pro 4.0.0 SQL Injection
Posted Dec 29, 2017
Authored by Ihsan Sencan

Joomla! JEXTN FAQ Pro component version 4.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-17875
MD5 | a8612c06937ba16977e4cfda0159f6b9
Cambium ePMP1000 2.5 Command Injection
Posted Dec 29, 2017
Authored by Karn Ganeshen | Site metasploit.com

This Metasploit module exploits an OS Command Injection vulnerability in Cambium ePMP1000 device management portal. It requires any one of the following login credentials - admin/admin, installer/installer, home/home - to set up a reverse netcat shell.

tags | exploit, shell
MD5 | e8f57e714dbbdcf280d1f87e4b85a1b3
Cambium ePMP1000 3.1-3.5-RC7 Command Injection
Posted Dec 29, 2017
Authored by Karn Ganeshen | Site metasploit.com

This Metasploit module exploits an OS Command Injection vulnerability in Cambium ePMP1000 device management portal. It requires any one of the following login credentials - admin/admin, installer/installer, home/home - to set up a reverse netcat shell. The module has been tested on versions 3.1-3.5-RC7.

tags | exploit, shell
advisories | CVE-2017-5255
MD5 | 5481d93d50d546555a22281fcd4dd6d7
pfSense 2.1.3-RELEASE (amd64) Remote Command Execution
Posted Dec 28, 2017
Authored by wetw0rk, Jared Stephens | Site metasploit.com

pfSense, a free BSD based open source firewall distribution, versions 2.2.6 and below contain a remote command execution vulnerability post authentication in the _rrd_graph_img.php page. The vulnerability occurs via the graph GET parameter. A non-administrative authenticated attacker can inject arbitrary operating system commands and execute them as the root user. Verified against 2.1.3.

tags | exploit, remote, arbitrary, root, php
systems | bsd
MD5 | 9e31715f8e4cf15c616cd81794fa4e26
Xerox DC260 EFI Fiery Controller Webtools 2.0 Arbitrary File Disclosure
Posted Dec 28, 2017
Authored by LiquidWorm | Site zeroscience.mk

Xerox DC260 EFI Fiery Controller Webtools version 2.0 suffers from an arbitrary file disclosure vulnerability.

tags | exploit, arbitrary
MD5 | a44e185804302ccb4969d4ebe063fbdf
NetTransport Download Manager 2.96L Buffer Overflow
Posted Dec 28, 2017
Authored by Aloyce J. Makalanga

NetTransport Download Manager version 2.96L suffers from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-17968
MD5 | e71994fc53b5735a4314821c022c1ec4
NetWin SurgeFTP 23f2 Cross Site Scripting
Posted Dec 28, 2017
Authored by Aloyce J. Makalanga

NetWin SurgeFTP version 23f2 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2017-17933
MD5 | 6d220f01e26813e240711ce432f4e017
Easy!Appointments 1.2.1 Cross Site Scripting
Posted Dec 28, 2017
Authored by LiquidWorm | Site zeroscience.mk

Easy!Appointments version 1.2.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | cc878f4e3c383245a7d2b094db8ec62b
ALLMediaServer 0.95 Buffer Overflow
Posted Dec 28, 2017
Authored by Anurag Srivastava | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in ALLMediaServer 0.95. The vulnerability is caused due to a boundary error within the handling of HTTP request.

tags | exploit, web, overflow
MD5 | 97ea52e06fd6cde938a0e4bd2d7e7b54
HP Insight Control For VMware vCenter Server 7.3 Insecure Permissions
Posted Dec 28, 2017
Authored by Glafkos Charalambous

HP Insight Control for VMware vCenter Server version 7.3 allows a low privileged attacker to read sensitive information files, decrypt all configuration server passwords, and gain access to the systems which in turn leads to the compromise of the whole infrastructure.

tags | exploit
MD5 | c2a6b747186e5c0920f5dafb6cf4af43
GoodTravel Travel And Locations 1.0 Cross Site Scripting
Posted Dec 28, 2017
Authored by ShanoWeb

GoodTravel Travel and Locations PHP script and mobile application version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | c2a461b1002f9b29d0789f75b5b9c583
Tripbuddy Travel, Locations, And Events 1.0 Cross Site Scripting
Posted Dec 28, 2017
Authored by ShanoWeb

Tripbuddy Travel, Locations, and Events version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | cbff59774e6c186f9765c4d1a136ea53
Page 1 of 17
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    7 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    40 Files
  • 23
    May 23rd
    64 Files
  • 24
    May 24th
    55 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close