what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2019-01-25

WordPress MM-Forms-Community 2.2.7 Shell Upload / SQL Injection
Posted Jan 25, 2019
Authored by KingSkrupellos

WordPress MM-Forms-Community plugin version 2.2.7 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | ca2fec971b7a3528fd7278de926970107ee488cb97fb506bb4fd47a58dc86b18
WordPress pitajte-strucnjaka 4.9.6 Shell Upload
Posted Jan 25, 2019
Authored by KingSkrupellos

WordPress pitajte-strucnjaka plugin version 4.9.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 930445443ba80f5f43d55ad6c8f92ff3ef3caf629402b118a7786da6ab7e8471
Python GnuPG 0.4.3 Improper Input Validation
Posted Jan 25, 2019
Authored by Stig Palmquist, Alexander Kjall

Researchers discovered a way to inject data through the passphrase property of the gnupg.GPG.encrypt() and gnupg.GPG.decrypt() methods when symmetric encryption is used. The supplied passphrase is not validated for newlines, and the library passes --passphrase-fd=0 to the gpg executable, which expects the passphrase on the first line of stdin, and the ciphertext to be decrypted or plaintext to be encrypted on subsequent lines. By supplying a passphrase containing a newline an attacker can control/modify the ciphertext/plaintext being decrypted/encrypted. Proof of concept exploit included. Version 0.4.3 is affected.

tags | exploit, proof of concept
advisories | CVE-2019-6690
SHA-256 | 2ddd6ea3428cff6a5351b694f600825f17bf24b9cc0a6b871e114db2d991529a
Podcast Generator 2.7 Cross Site Scripting
Posted Jan 25, 2019
Authored by Zekvan Arslan | Site netsparker.com

Podcast Generator version 2.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-20121
SHA-256 | 342aa0add9d97bf1e5a03940d7b2d050192f55a9959995061ac92669ad0ea45a
Apple Security Advisory 2019-1-24-1
Posted Jan 25, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-1-24-1 - iTunes 12.9.3 for Windows is now available and addresses code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | windows, apple
advisories | CVE-2018-20346, CVE-2018-20505, CVE-2018-20506, CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6221, CVE-2019-6226, CVE-2019-6227, CVE-2019-6229, CVE-2019-6233, CVE-2019-6234, CVE-2019-6235
SHA-256 | ac79794ec22441e2867245a8673787a895a1818b2a307cea606a45fb20502f9a
Green CMS 2.x Arbitrary File / Directory Download
Posted Jan 25, 2019
Authored by Ihsan Sencan

Green CMS version 2.x suffers from arbitrary file and directory download vulnerabilities.

tags | exploit, arbitrary, vulnerability, info disclosure
SHA-256 | 7a59de12b3748877d64521ce09e47e0f8cc72dbfdf74601538a71773948eac29
Green CMS 2.x SQL Injection
Posted Jan 25, 2019
Authored by Ihsan Sencan

Green CMS version 2.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bf9d26094abaa46d3909203a826a37b8642c913de2d637a38daa95492576c897
Joomla RSFirewall 2.11.25 Database Disclosure
Posted Jan 25, 2019
Authored by KingSkrupellos

Joomla RSFirewall component version 2.11.25 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | cc831fedf778341c9441a1d649f14fbc4dde0f211990168812eb2d59b1b240ec
Lua 5.3.5 Use-After-Free
Posted Jan 25, 2019
Authored by Fady Mohamed Osman

Lua version 5.3.5 suffers from a use-after-free vulnerability.

tags | exploit
advisories | CVE-2019-6706
SHA-256 | e4fa1f2a58aeecca822a55e272763709ae37bde58311cf5071a4a4b56331b1ad
WordPress Wisechat 2.6.3 Forced Redirect / Phishing
Posted Jan 25, 2019
Authored by MTK

WordPress Wisechat plugin version 2.6.3 suffers from a forced tab redirection flow that can aid in phishing attacks.

tags | exploit
advisories | CVE-2019-6780
SHA-256 | 735a795a37627d01a0cb21c77897831a4970caff4a6ac87e4926f646c947d658
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close