what you don't know can hurt you
Showing 1 - 10 of 10 RSS Feed

Files Date: 2019-01-25

WordPress MM-Forms-Community 2.2.7 Shell Upload / SQL Injection
Posted Jan 25, 2019
Authored by KingSkrupellos

WordPress MM-Forms-Community plugin version 2.2.7 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
MD5 | 982252fe3a971fdcf2bcfce4c7d269bb
WordPress pitajte-strucnjaka 4.9.6 Shell Upload
Posted Jan 25, 2019
Authored by KingSkrupellos

WordPress pitajte-strucnjaka plugin version 4.9.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | ea500206c71fd9e591418c2fcbaca0a0
Python GnuPG 0.4.3 Improper Input Validation
Posted Jan 25, 2019
Authored by Stig Palmquist, Alexander Kjall

Researchers discovered a way to inject data through the passphrase property of the gnupg.GPG.encrypt() and gnupg.GPG.decrypt() methods when symmetric encryption is used. The supplied passphrase is not validated for newlines, and the library passes --passphrase-fd=0 to the gpg executable, which expects the passphrase on the first line of stdin, and the ciphertext to be decrypted or plaintext to be encrypted on subsequent lines. By supplying a passphrase containing a newline an attacker can control/modify the ciphertext/plaintext being decrypted/encrypted. Proof of concept exploit included. Version 0.4.3 is affected.

tags | exploit, proof of concept
advisories | CVE-2019-6690
MD5 | e016c88b0480fac6a3d286a496f1edac
Podcast Generator 2.7 Cross Site Scripting
Posted Jan 25, 2019
Authored by Zekvan Arslan | Site netsparker.com

Podcast Generator version 2.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-20121
MD5 | 44cd517cd983b6aa9682476b4f3d6a7e
Apple Security Advisory 2019-1-24-1
Posted Jan 25, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-1-24-1 - iTunes 12.9.3 for Windows is now available and addresses code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | windows, apple
advisories | CVE-2018-20346, CVE-2018-20505, CVE-2018-20506, CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6221, CVE-2019-6226, CVE-2019-6227, CVE-2019-6229, CVE-2019-6233, CVE-2019-6234, CVE-2019-6235
MD5 | f89b50f56fffdb5c4ded7a32cf3242c8
Green CMS 2.x Arbitrary File / Directory Download
Posted Jan 25, 2019
Authored by Ihsan Sencan

Green CMS version 2.x suffers from arbitrary file and directory download vulnerabilities.

tags | exploit, arbitrary, vulnerability, info disclosure
MD5 | 4b9723b2419952406455afdf54beb329
Green CMS 2.x SQL Injection
Posted Jan 25, 2019
Authored by Ihsan Sencan

Green CMS version 2.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ab4522cdfd75c7ccda683d398f9dfcb2
Joomla RSFirewall 2.11.25 Database Disclosure
Posted Jan 25, 2019
Authored by KingSkrupellos

Joomla RSFirewall component version 2.11.25 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 2cfa753658349a6032fa2cdb5c1879c0
Lua 5.3.5 Use-After-Free
Posted Jan 25, 2019
Authored by Fady Mohamed Osman

Lua version 5.3.5 suffers from a use-after-free vulnerability.

tags | exploit
advisories | CVE-2019-6706
MD5 | 8d0b3f3c6d4c1f3c03561ae9b1cbc983
WordPress Wisechat 2.6.3 Forced Redirect / Phishing
Posted Jan 25, 2019
Authored by MTK

WordPress Wisechat plugin version 2.6.3 suffers from a forced tab redirection flow that can aid in phishing attacks.

tags | exploit
advisories | CVE-2019-6780
MD5 | 0ecf870da16821584b6e2f2155bb3fd6
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    10 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close