Twenty Year Anniversary
Showing 1 - 21 of 21 RSS Feed

Files Date: 2018-10-24

WebExec Authenticated User Code Execution
Posted Oct 24, 2018
Authored by Ron | Site metasploit.com

This Metasploit module uses a valid username and password of any level (or password hash) to execute an arbitrary payload. This Metasploit module is similar to the "psexec" module, except allows any non-guest account by default.

tags | exploit, arbitrary
advisories | CVE-2018-15442
MD5 | f64043cd388c7bcf8333b3fc69fd3574
WebEx Local Service Permissions Code Execution
Posted Oct 24, 2018
Authored by Jeff McJunkin | Site metasploit.com

This Metasploit module exploits a flaw in the 'webexservice' Windows service, which runs as SYSTEM, can be used to run arbitrary commands locally, and can be started by limited users in default installations.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2018-15442
MD5 | 2b248ba2b86d0a4dfcd16b0c774febf2
Polycom VVX 500 / VVX 601 5.8.0.12848 Information Exposure
Posted Oct 24, 2018
Authored by Micha Borrmann

Polycom VVX 500 / VVX 601 versions 5.8.0.12848 and below suffer from an information exposure vulnerability.

tags | exploit
advisories | CVE-2018-18566
MD5 | 8a586de40e17b8d9e7994abc3bf45715
Ubuntu Security Notice USN-3801-1
Posted Oct 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3801-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass CSP restrictions, spoof the protocol registration notification bar, leak SameSite cookies, bypass mixed content warnings, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, protocol
systems | linux, ubuntu
advisories | CVE-2018-12388, CVE-2018-12395, CVE-2018-12398, CVE-2018-12399, CVE-2018-12403
MD5 | 952c961245ddeace11587b0845c529ab
Polycom VVX 500 / VVX 601 5.8.0.12848 Man-In-The-Middle
Posted Oct 24, 2018
Authored by Micha Borrmann

Polycom VVX 500 / VVX 601 versions 5.8.0.12848 and below suffer from a man-in-the-middle vulnerability.

tags | exploit
advisories | CVE-2018-18568
MD5 | 05bfe95da19ea87af112e03808ba1a41
Ubuntu Security Notice USN-3800-1
Posted Oct 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3800-1 - It was discovered that audiofile incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. It was discovered that audiofile incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-13440, CVE-2018-17095
MD5 | 8c54a7ad04f3f70a57a4f762ea3172b7
AudioCodes 440HD / 450HD IP Phone 3.1.2.89 Man-In-The-Middle
Posted Oct 24, 2018
Authored by Micha Borrmann

AudioCodes 440HD / 450HD IP Phone versions 3.1.2.89 and below suffer from a man-in-the-middle vulnerability.

tags | exploit
advisories | CVE-2018-18567
MD5 | cc3a9a5d3d057caf02399a3bc9167c45
Fifa Master XLS 2.3.2 SQL Injection
Posted Oct 24, 2018
Authored by Ihsan Sencan

Fifa Master XLS version 2.3.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 89484db71e0b0216902497e14909a5bb
Axioscloud Sissiweb Registro Elettronico 7.0.0 Cross Site Scripting
Posted Oct 24, 2018
Authored by Dino Barlattani

Axioscloud Sissiweb Registro Elettronico version 7.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18437
MD5 | 057a6759eb246de8e34e93b7317c3f4b
Micro Focus Security Bulletin MFSBGN03827 1
Posted Oct 24, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03827 1 - A potential vulnerability has been identified in Micro Focus Real User Monitoring software. The vulnerability could be exploited to execute arbitrary. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2018-18589
MD5 | bc8c909ea8e29b26c1e8a1ba31e462a5
Slackware Security Advisory - mozilla-firefox Updates
Posted Oct 24, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | f63152000f1ecb10d442e78953eb61cf
Microsoft Data Sharing Local Privilege Escalation
Posted Oct 24, 2018
Authored by SandboxEscaper

Microsoft Data Sharing local privilege escalation proof of concept exploit.

tags | exploit, local, proof of concept
MD5 | 19b3b9b54f750224bfd2143dfd869414
SG ERP 1.0 SQL Injection
Posted Oct 24, 2018
Authored by Ihsan Sencan

SG ERP version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f0c203b3d06ac27007ad2ec6136191e4
Exim 4.90 Remote Code Execution
Posted Oct 24, 2018
Authored by hackk.gr

Exim version 4.90 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2018-6789
MD5 | 01c5629b664738de293238917077574d
WordPress Question Answer 1.2.30 Cross Site Scripting
Posted Oct 24, 2018
Authored by Socket_0x03

WordPress Question Answer plugin version 1.2.30 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 89d920b301ef30c8a49564082e7c34f3
WordPress Pie Register 3.0.17 Cross Site Scripting
Posted Oct 24, 2018
Authored by Socket_0x03

WordPress Pie Register plugin version 3.0.17 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8e5c5b3a53378f14911c41e8c2fcd258
LANGO Codeigniter Multilingual Script 1.0 Cross Site Scripting
Posted Oct 24, 2018
Authored by Ismail Tasdelen

LANGO Codeigniter Multilingual Script version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18416
MD5 | 3d79dc36216f7b57f8bfb18599f34c62
Apache OFBiz 16.11.04 XML Injection
Posted Oct 24, 2018
Authored by Jamie Parfet

Apache OFBiz version 16.11.04 suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | a88b221f2ca2e7c605f98af851140409
Linux/x86 execve(/bin/cat /etc/ssh/sshd_config) Shellcode
Posted Oct 24, 2018
Authored by Goutham Madhwaraj

44 bytes small Linux/x86 execve(/bin/cat /etc/ssh/sshd_config) shellcode.

tags | x86, shellcode
systems | linux
MD5 | 08e75ccaebbd0e64a304144280cd18e9
PHPTPoint Hospital Management System 1 SQL Injection
Posted Oct 24, 2018
Authored by Boumediene Kaddour

PHPTPoint Hospital Management System version 1 suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2018-18705
MD5 | 21487e5413eadd6846a0ca329be0ce54
Adult Filter 1.0 Denial Of Service
Posted Oct 24, 2018
Authored by Beren Kuday Gorun

Adult Filter version 1.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 9f21d60e5dc90631d8602911bda5c2f4
Page 1 of 1
Back1Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    15 Files
  • 14
    Dec 14th
    14 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close