exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2018-05-25

Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting
Posted May 25, 2018
Authored by Yavuz Atlas

Ruckus (Brocade) ICX7450-48 web application has a reflected cross site scripting vulnerability. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information.

tags | exploit, web, arbitrary, xss
advisories | CVE-2018-11027
SHA-256 | 27a7cd8a7a62e0be86fc0d1b264684c922b4883cb9b420bbfe2e830d0dc023e0
Debian Security Advisory 4210-1
Posted May 25, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4210-1 - This update provides mitigations for the Spectre v4 variant in x86-based micro processors. On Intel CPUs this requires updated microcode which is currently not released publicly (but your hardware vendor may have issued an update).

tags | advisory, x86
systems | linux, debian
advisories | CVE-2018-3639
SHA-256 | e7dea1a2627fbb19e4616f6132a1e36513ef8af16446a94b6535d852641ce04e
Debian Security Advisory 4209-1
Posted May 25, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4209-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5161, CVE-2018-5162, CVE-2018-5168, CVE-2018-5170, CVE-2018-5178, CVE-2018-5183, CVE-2018-5184, CVE-2018-5185
SHA-256 | 8bbe58c3e9149d6a999adfc2a891c12ec7ba1c9b3ae6957237c80f7104c859b5
Microsoft Windows Paint Security Feature Bypass / Unsafe File Creation
Posted May 25, 2018
Authored by Eduardo Braun Prado

Microsoft Windows Paint suffers from security feature bypass and unsafe file creation vulnerabilities.

tags | exploit, vulnerability
systems | windows
SHA-256 | e6fef4e0b9ef146905d8a071b3b29604250562d956ddbfa3221083d5aa8a09c9
Windscribe 1.81 Code Execution
Posted May 25, 2018
Authored by Emin Ghuliev

The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \\.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVPN process or other processes (like taskkill, etc.). There is no validation of the program name before constructing the lpCommandLine argument for a CreateProcess call. An attacker can run any malicious process with SYSTEM privileges through this named pipe.

tags | exploit
SHA-256 | bf2758f710f5c4fe5241aa4cde9fdd9079abc1121a02d1ab0b1722bc127d65f2
Oracle WebCenter (Fatwire) Improper Access Control
Posted May 25, 2018
Authored by Sebastian Cornejo Olave

Oracle WebCenter (Fatwire) Content Server versions prior to 7 suffer from an improper access control vulnerability.

tags | exploit
advisories | CVE-2017-10033
SHA-256 | 11b66a517d85ae5791cf12834f198989ebf759b0c1b2dbbb348334070c9ccc5f
SAP Internet Transaction Server 6200.x Session Fixation / Cross Site Scripting
Posted May 25, 2018
Authored by J. Carillo Lencina

SAP Internet Transaction Server 6200.x suffers from session fixation and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-11415
SHA-256 | c374e8d14e78e73390da1e10fc4c4271a42c7efb1f8f9b21ddcf6ecbea0a04e7
MyBB Moderator Log Notes 1.1 Cross Site Scripting
Posted May 25, 2018
Authored by 0xB9

MyBB Moderator Log Notes plugin version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 646be467fbb3c4182ed953787289ccf1a8af62a09848362c2e7238841160395b
KomSeo Cart 1.3 SQL Injection
Posted May 25, 2018
Authored by Ozkan Mustafa Akkus

KomSeo Cart version 1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a7e0f57a689ccff05e4bb8917e6265377c6a4da92979d293027baca984aa5555
Symfony PdoSessionHandler Denial Of Service
Posted May 25, 2018
Authored by Federico Stange

Symfony versions 2.7.0 up to but not including 4.0.10 suffer from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 26b7da48a7c27d7fa08e3760dbf6cd9067e7c7cd898165e49aa5ce37faddd8f6
Wchat Fully Responsive PHP AJAX Chat Script 1.5 Shell Upload
Posted May 25, 2018
Authored by indoushka

Wchat Fully Responsive PHP AJAX Chat Script version 1.5 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, php
SHA-256 | 0ed4e745c1fab69e002b80f43d15a180c82c3803904e06a035dbb3d0a992e38e
Android OS FLAG_SECURE Information Disclosure
Posted May 25, 2018
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Android OS did not use the FLAG_SECURE flag for sensitive settings, potentially exposing sensitive data to other applications on the same device with the screen capture permissions. The vendor (Google) fixed this issue in 2018-02-01 Pixel security update.

tags | exploit, info disclosure
advisories | CVE-2017-13243
SHA-256 | 419aa59f60c639bf9769fc664825bf713bf20d2a125449f8cf156e98eb09bb86
NewsBee CMS 1.4 Cross Site Scripting
Posted May 25, 2018
Authored by indoushka

NewsBee CMS version 1.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b29734cf2cb29fd89675210cdae2a6a39fc4655c6cb7c839eb7a44375cec5615
Tim Balitbang Depdiknas 3.5 SQL Injection
Posted May 25, 2018
Authored by indoushka

Tim Balitbang Depdiknas version 3.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3c5492e70aa18863af06b672e9e6820589355ac2400bad9a061e99946538679f
Oracle WebCenter (Fatwire) 7.x Cross Site Scripting
Posted May 25, 2018
Authored by Richard Alviarez

Oracle WebCenter versions 7.x prior to 11gR1 suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-2791
SHA-256 | 9c071f03c8c68b6284774cf48b6b05b21b05c5b4ac2ddcf9ac66353a74382ac9
Tim Balitbang Depdiknas 3.5 Cross Site Scripting
Posted May 25, 2018
Authored by indoushka

Tim Balitbang Depdiknas version 3.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 10f865ba4c1ea710de4395a5eba58a68f06124679f5c912826e8f575c1199b56
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    2 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close