exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2018-10-24

WebExec Authenticated User Code Execution
Posted Oct 24, 2018
Authored by Ron | Site metasploit.com

This Metasploit module uses a valid username and password of any level (or password hash) to execute an arbitrary payload. This Metasploit module is similar to the "psexec" module, except allows any non-guest account by default.

tags | exploit, arbitrary
advisories | CVE-2018-15442
SHA-256 | 62064773ec9a35ea65bfaad94997ca19e3bcbb3be2deb552ff222d7fe63317a4
WebEx Local Service Permissions Code Execution
Posted Oct 24, 2018
Authored by Jeff McJunkin | Site metasploit.com

This Metasploit module exploits a flaw in the 'webexservice' Windows service, which runs as SYSTEM, can be used to run arbitrary commands locally, and can be started by limited users in default installations.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2018-15442
SHA-256 | 5fd5f73708b7741614718b8a1cece16b9de49b88d3267e6f1549bbe34dc56a0a
Polycom VVX 500 / VVX 601 5.8.0.12848 Information Exposure
Posted Oct 24, 2018
Authored by Micha Borrmann | Site syss.de

Polycom VVX 500 / VVX 601 versions 5.8.0.12848 and below suffer from an information exposure vulnerability.

tags | exploit
advisories | CVE-2018-18566
SHA-256 | 3946095174c52f0117914befe41f9b683f9acdfb9bf275dc1ae13b547ebad25b
Ubuntu Security Notice USN-3801-1
Posted Oct 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3801-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass CSP restrictions, spoof the protocol registration notification bar, leak SameSite cookies, bypass mixed content warnings, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, protocol
systems | linux, ubuntu
advisories | CVE-2018-12388, CVE-2018-12395, CVE-2018-12398, CVE-2018-12399, CVE-2018-12403
SHA-256 | 070751dac62d0e36aedbaaf6e004869962630cbbfb0a6e6921710868df00e0da
Polycom VVX 500 / VVX 601 5.8.0.12848 Man-In-The-Middle
Posted Oct 24, 2018
Authored by Micha Borrmann | Site syss.de

Polycom VVX 500 / VVX 601 versions 5.8.0.12848 and below suffer from a man-in-the-middle vulnerability.

tags | exploit
advisories | CVE-2018-18568
SHA-256 | 7b5fbf76b7eba76a71529c6ea57d610f4fcc5779b2d7571076b77a2832b5f4db
Ubuntu Security Notice USN-3800-1
Posted Oct 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3800-1 - It was discovered that audiofile incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. It was discovered that audiofile incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-13440, CVE-2018-17095
SHA-256 | a7e5c0f782761dfd9cc3c0d7985146da741cb8594d5d1afb7b7c0913ff432b73
AudioCodes 440HD / 450HD IP Phone 3.1.2.89 Man-In-The-Middle
Posted Oct 24, 2018
Authored by Micha Borrmann | Site syss.de

AudioCodes 440HD / 450HD IP Phone versions 3.1.2.89 and below suffer from a man-in-the-middle vulnerability.

tags | exploit
advisories | CVE-2018-18567
SHA-256 | 60e19e61a99c7d9dabb6688f443d8a862df2c3e07135d755e7dfeaf5d3b99db3
Fifa Master XLS 2.3.2 SQL Injection
Posted Oct 24, 2018
Authored by Ihsan Sencan

Fifa Master XLS version 2.3.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 125e9c25a3fa2ae176e044edf7920e8e3adf0c78a058ae7c6c3045e654036b7f
Axioscloud Sissiweb Registro Elettronico 7.0.0 Cross Site Scripting
Posted Oct 24, 2018
Authored by Dino Barlattani

Axioscloud Sissiweb Registro Elettronico version 7.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18437
SHA-256 | 3c10863d0e2abd4f243f81f66ecbdb173b4bda14b1de618998cf91e3b4670490
Micro Focus Security Bulletin MFSBGN03827 1
Posted Oct 24, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03827 1 - A potential vulnerability has been identified in Micro Focus Real User Monitoring software. The vulnerability could be exploited to execute arbitrary. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2018-18589
SHA-256 | ab13bf0e442bc072c2571cc544c143eaa85a0ddafb8372ec20be428a8152b862
Slackware Security Advisory - mozilla-firefox Updates
Posted Oct 24, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | e2a6e9ec1ae8b96e67a1f30b278fa7f17bcb3e584472afb5823947db0b4a7075
Microsoft Data Sharing Local Privilege Escalation
Posted Oct 24, 2018
Authored by SandboxEscaper

Microsoft Data Sharing local privilege escalation proof of concept exploit.

tags | exploit, local, proof of concept
SHA-256 | da8c6406c1abcf27d99ca4b620356d083b3c9d9f3ce24c41c93b45e85d1ceb64
SG ERP 1.0 SQL Injection
Posted Oct 24, 2018
Authored by Ihsan Sencan

SG ERP version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f6b68c383cae436410bd69f36a0ef65ebdd0d2595fef8a1d17ebe5fc7c7e01cd
Exim 4.90 Remote Code Execution
Posted Oct 24, 2018
Authored by hackk.gr

Exim version 4.90 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2018-6789
SHA-256 | 19a743e6423b65998debf24be560524e381d039e1cadcd20d9257dd956d9b4a1
WordPress Question Answer 1.2.30 Cross Site Scripting
Posted Oct 24, 2018
Authored by Socket_0x03

WordPress Question Answer plugin version 1.2.30 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d44391c0448238523824c2a679caee01b4d2cea7dca1ad65ca6ab902cc45d2c3
WordPress Pie Register 3.0.17 Cross Site Scripting
Posted Oct 24, 2018
Authored by Socket_0x03

WordPress Pie Register plugin version 3.0.17 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 057d741f7c549aed246af5237089d843b8893e0bc20ee5587939842697dfa4ff
LANGO Codeigniter Multilingual Script 1.0 Cross Site Scripting
Posted Oct 24, 2018
Authored by Ismail Tasdelen

LANGO Codeigniter Multilingual Script version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18416
SHA-256 | 7ef7a20f78b99c0b6409e9aec1213dcdccc6549054e8bf691f98d9c6cc7f0723
Apache OFBiz 16.11.04 XML Injection
Posted Oct 24, 2018
Authored by Jamie Parfet

Apache OFBiz version 16.11.04 suffers from an XML external entity injection vulnerability.

tags | exploit
SHA-256 | 36d19f82674523cd5eb22a791b5b04960c9b88ec383c0ff4e0f963bd580a6ca6
Linux/x86 execve(/bin/cat /etc/ssh/sshd_config) Shellcode
Posted Oct 24, 2018
Authored by Goutham Madhwaraj

44 bytes small Linux/x86 execve(/bin/cat /etc/ssh/sshd_config) shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 569c1b818f20700e5f5bd58566b797c2f92c5f341cb5ada4c7481b026ff2ee07
PHPTPoint Hospital Management System 1 SQL Injection
Posted Oct 24, 2018
Authored by Boumediene Kaddour

PHPTPoint Hospital Management System version 1 suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2018-18705
SHA-256 | 2d4b587c33cdf76d4e73e4c8c3ff290c9508b810cfcb0d1537d816714c7afa88
Adult Filter 1.0 Denial Of Service
Posted Oct 24, 2018
Authored by Beren Kuday Gorun

Adult Filter version 1.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 9867ac15a175415eba7e8b060d59d30c7d1378360895e66c413b3675488f1fe0
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close