Twenty Year Anniversary
Showing 1 - 16 of 16 RSS Feed

Files Date: 2018-05-25

Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting
Posted May 25, 2018
Authored by Yavuz Atlas

Ruckus (Brocade) ICX7450-48 web application has a reflected cross site scripting vulnerability. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information.

tags | exploit, web, arbitrary, xss
advisories | CVE-2018-11027
MD5 | f976bce0727f1eca872a6b33a06942da
Debian Security Advisory 4210-1
Posted May 25, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4210-1 - This update provides mitigations for the Spectre v4 variant in x86-based micro processors. On Intel CPUs this requires updated microcode which is currently not released publicly (but your hardware vendor may have issued an update).

tags | advisory, x86
systems | linux, debian
advisories | CVE-2018-3639
MD5 | 675d048788c90a65cc1c06cdbf93690f
Debian Security Advisory 4209-1
Posted May 25, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4209-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5161, CVE-2018-5162, CVE-2018-5168, CVE-2018-5170, CVE-2018-5178, CVE-2018-5183, CVE-2018-5184, CVE-2018-5185
MD5 | beaf141404bc7f22621c2c7e3ab520cf
Microsoft Windows Paint Security Feature Bypass / Unsafe File Creation
Posted May 25, 2018
Authored by Eduardo Braun Prado

Microsoft Windows Paint suffers from security feature bypass and unsafe file creation vulnerabilities.

tags | exploit, vulnerability
systems | windows
MD5 | da3594505f62c1e8ec64fd08c44fb673
Windscribe 1.81 Code Execution
Posted May 25, 2018
Authored by Emin Ghuliev

The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \\.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVPN process or other processes (like taskkill, etc.). There is no validation of the program name before constructing the lpCommandLine argument for a CreateProcess call. An attacker can run any malicious process with SYSTEM privileges through this named pipe.

tags | exploit
MD5 | a6c5e9643876d42b920d727040388409
Oracle WebCenter (Fatwire) Improper Access Control
Posted May 25, 2018
Authored by Sebastian Cornejo Olave

Oracle WebCenter (Fatwire) Content Server versions prior to 7 suffer from an improper access control vulnerability.

tags | exploit
advisories | CVE-2017-10033
MD5 | d8910a7d98d0280a9d45740f1b6a3484
SAP Internet Transaction Server 6200.x Session Fixation / Cross Site Scripting
Posted May 25, 2018
Authored by J. Carillo Lencina

SAP Internet Transaction Server 6200.x suffers from session fixation and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-11415
MD5 | 5f425a0378b0023e63a4376f5f7c1283
MyBB Moderator Log Notes 1.1 Cross Site Scripting
Posted May 25, 2018
Authored by 0xB9

MyBB Moderator Log Notes plugin version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c8b9c3ea3ab1417a75a93cc210758d0b
KomSeo Cart 1.3 SQL Injection
Posted May 25, 2018
Authored by Ozkan Mustafa Akkus

KomSeo Cart version 1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a35edf6b3f6ddb9da3500aa37bdba9f2
Symfony PdoSessionHandler Denial Of Service
Posted May 25, 2018
Authored by Federico Stange

Symfony versions 2.7.0 up to but not including 4.0.10 suffer from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 4a5da39e598d6b9e2c67117935f6ce7c
Wchat Fully Responsive PHP AJAX Chat Script 1.5 Shell Upload
Posted May 25, 2018
Authored by indoushka

Wchat Fully Responsive PHP AJAX Chat Script version 1.5 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, php
MD5 | ef20a197f0eb75efb49439e9806f82c9
Android OS FLAG_SECURE Information Disclosure
Posted May 25, 2018
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Android OS did not use the FLAG_SECURE flag for sensitive settings, potentially exposing sensitive data to other applications on the same device with the screen capture permissions. The vendor (Google) fixed this issue in 2018-02-01 Pixel security update.

tags | exploit, info disclosure
advisories | CVE-2017-13243
MD5 | 3d5be645dd8dd858af3c22c6ccf95a32
NewsBee CMS 1.4 Cross Site Scripting
Posted May 25, 2018
Authored by indoushka

NewsBee CMS version 1.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 878a59b2ec6c61dc09d8a43c81b5fd0a
Tim Balitbang Depdiknas 3.5 SQL Injection
Posted May 25, 2018
Authored by indoushka

Tim Balitbang Depdiknas version 3.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ff2215ea2dec9ddbe6cffe103cf180b9
Oracle WebCenter (Fatwire) 7.x Cross Site Scripting
Posted May 25, 2018
Authored by Richard Alviarez

Oracle WebCenter versions 7.x prior to 11gR1 suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-2791
MD5 | f3b2a6ff308869a19a7de037bfd7c7d7
Tim Balitbang Depdiknas 3.5 Cross Site Scripting
Posted May 25, 2018
Authored by indoushka

Tim Balitbang Depdiknas version 3.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7fe475cb36b63a4acf3f192a520eec40
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

August 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    19 Files
  • 2
    Aug 2nd
    17 Files
  • 3
    Aug 3rd
    16 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    1 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    9 Files
  • 9
    Aug 9th
    7 Files
  • 10
    Aug 10th
    10 Files
  • 11
    Aug 11th
    1 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    14 Files
  • 14
    Aug 14th
    18 Files
  • 15
    Aug 15th
    38 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close