exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2018-11-01

Anviz AIM CrossChex Standard 4.3 Excel Macro Injection
Posted Nov 1, 2018
Authored by LiquidWorm | Site zeroscience.mk

CSV (XLS) Injection (Excel Macro Injection or Formula Injection) exists in the AIM CrossChex version 4.3 when importing or exporting users using xls Excel file. This can be exploited to execute arbitrary commands on the affected system via SE attacks when an attacker inserts formula payload in the Name field when adding a user or using the custom fields Gender, Position, Phone, Birthday, Employ Date and Address. Upon importing, the application will launch Excel program and execute the malicious macro formula.

tags | exploit, arbitrary
SHA-256 | 9934935bc5349b6cebbf4d3fe113a6d562530ce82af94be3a16bcc6ed7017ad7
Slackware Security Advisory - curl Updates
Posted Nov 1, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-16839, CVE-2018-16840, CVE-2018-16842
SHA-256 | 65f4dbc81ad891a30f90da807afd6698f33572afbe3c1ad0ca72642554585a0e
Google Cardboard Android / iOS Applications Information Disclosure
Posted Nov 1, 2018
Authored by David Coomber | Site info-sec.ca

The Google Cardboard Android and iOS applications (Android version 1.8, iOS version 1.2 and below) sends potentially sensitive information such as OS, CPU architecture, graphics chip vendor and version, CPU count, RAM, VRAM, screen size, device make and model, unencrypted to a third party site (Unity 3D Stats).

tags | advisory, info disclosure
systems | ios
SHA-256 | 42361a507af264ec429f830956d8abdd01925163d38d47dcc127b1fc891edff6
Sourcetree Git Arbitrary Code Execution
Posted Nov 1, 2018
Authored by Atlassian, Terry Zhang

An attacker can exploit the embedded version of Git used in Sourcetree if they can commit to a Git repository linked in Sourcetree. This allows them to execute arbitrary code on systems running a vulnerable version of Sourcetree for macOS. Versions of Sourcetree for macOS starting with version 1.02b before version 3.0.0 are affected by this vulnerability. Versions of Sourcetree for Windows starting with version 0.5.1.0 before version 3.0.0 are affected by this vulnerability.

tags | advisory, arbitrary
systems | windows
advisories | CVE-2018-13396, CVE-2018-13397
SHA-256 | 32eacd269abd3e89eabbc766ac7946e1762c239c4e1ea7feaf37f59de4e0886f
Brava! Enterprise / Server 16.4 Information Disclosure
Posted Nov 1, 2018
Authored by Luke Bailiff

Brava! Enterprise and Server components versions 7.5 through 16.4 suffer from a sensitive data exposure vulnerability due to weak permissions.

tags | exploit, info disclosure
SHA-256 | 22ddcecdf678369fce4fd0eec120348fb5cd6c405de17d297ede0c2e352fb5d9
Zoho ManageEngine OpManager 12.3 Cross Site Scripting
Posted Nov 1, 2018
Authored by Hakan Bayir

Zoho ManageEngine OpManager version 12.3 suffers from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2018-18715, CVE-2018-18716
SHA-256 | dd397fed4163fc8d8337bb0cec0c033bc8a073e6bddfd2ea65f12472b4f23b18
Packet Storm New Exploits For October, 2018
Posted Nov 1, 2018
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 252 exploits added to Packet Storm in October, 2018.

tags | exploit
SHA-256 | 2cdfde44988447d6cb183dd741826624e1b294f18ab4e409ef6ca5f2240763c8
Artha The Open Thesaurus 1.0.3.0 Denial Of Service
Posted Nov 1, 2018
Authored by Ihsan Sencan

Artha The Open Thesaurus version 1.0.3.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 4cf7eda53e72ff722cef8e3b66039584bc650f6cee02f93e1b4c7e096f65dc11
WebDrive 18.00.5057 Denial Of Service
Posted Nov 1, 2018
Authored by Victor Mondragon

WebDrive version 18.00.5057 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 0f647243a7a443c8d4ebfdf161b9b82a659bb854d5df8201be399f82f4804f4f
Arm Whois 3.11 Denial Of Service
Posted Nov 1, 2018
Authored by Yair Rodriguez Aparicio

Arm Whois version 3.11 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | a07509b584c200cf3ce7ed1d55d762c4cd6c02aff98ce2b08e7bb8de57adcd53
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close