exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2019-02-21

Nuuo Central Management SQL Injection
Posted Feb 21, 2019
Authored by Pedro Ribeiro | Site metasploit.com

The Nuuo Central Management Server allows an authenticated user to query the state of the alarms. This functionality can be abused to inject SQL into the query. As SQL Server 2005 Express is installed by default, xp_cmdshell can be enabled and abused to achieve code execution. This module will either use a provided session number (which can be guessed with an auxiliary module) or attempt to login using a provided username and password - it will also try the default credentials if nothing is provided.

tags | exploit, code execution
advisories | CVE-2018-18982
SHA-256 | 37ab5bd3eec6195dfddf3099592e9cd3aad7e37d04562dd4ebba3cbc36289fe3
MatrixSSL x.509 Certificate Verification Stack Buffer Overflow
Posted Feb 21, 2019
Authored by Tavis Ormandy, Google Security Research

MatrixSSL suffers from a stack buffer overflow vulnerability when verifying x.509 certificates.

tags | exploit, overflow
SHA-256 | 0ccbebf140226df810122f520adfba7097e335f9c1626f1162be12918d0909ff
WebKit JSC reifyStaticProperty Attribute Flag Issue
Posted Feb 21, 2019
Authored by Google Security Research, lokihardt

WebKit JSC has an issue where reifyStaticProperty needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetter.

tags | exploit
advisories | CVE-2019-6215
SHA-256 | 8b5b037a7c556813e39c8ace7602b2465e0d1f1bd48644498c3c77c7c30f96e6
Ubuntu Security Notice USN-3866-2
Posted Feb 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3866-2 - USN-3866-1 fixed vulnerabilities in Ghostscript. The new Ghostscript version introduced a regression when printing certain page sizes. This update fixes the problem. Tavis Ormandy discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
SHA-256 | d3b572b9e8dd59539d1f53e077357aac14bc80c5a7b56bc9204c9a39e33d44ec
MikroTik RouterOS Firewall / NAT Bypass
Posted Feb 21, 2019
Authored by Jacob Baines

MikroTik RouterOS versions prior to 6.43.12 (stable) and 6.42.12 (long-term) firewall and NAT bypass exploit.

tags | exploit
advisories | CVE-2019-3924
SHA-256 | 76d8b41f9f478dd81cf50cfdd51f6592ff6a23a044fbd5ad0d719cc3c7cef3ac
ScreenStream 3.0.15 Denial Of Service
Posted Feb 21, 2019
Authored by Marcelo Vazquez

ScreenStream version 3.0.15 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 80f8bc6d09f3f73b635472cc2a3b5a76617279a448667494a4129e4dde624995
C4G Basic Laboratory Information System (BLIS) 3.4 SQL Injection
Posted Feb 21, 2019
Authored by Carlos Avila

C4G Basic Laboratory Information System (BLIS) version 3.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 105a483e409804b0fff0748e498f8c46b68c513d439a743dd34f7fe6876f970f
Virtual VCR Max .0a Buffer Overflow
Posted Feb 21, 2019
Authored by Wade Guest

Virtual VCR Max version .0a suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 21edc1d24274891ee85c0133cca0fcc971802d357249b4f867cef403acaf597f
AirDrop 2.0 Denial Of Service
Posted Feb 21, 2019
Authored by Marcelo Vazquez

AirDrop version 2.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 7ad6c43ffaed0009c5c879421a4c957c290c029e10ba022d3e483bb5eeae09ad
Medical Store Script 3.0.3 Cross Site Scripting
Posted Feb 21, 2019
Authored by Mr Winst0n

Medical Store Script version 3.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9a1f801acf5c5bce1ff29459f7e08eaf2a58362ad4ce999902e39a814070683d
WordPress Village 5.0 CSRF / Backdoor / SQL Injection
Posted Feb 21, 2019
Authored by KingSkrupellos

WordPress Village theme version 5.0 suffers from cross site request forgery, backdoor access, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
SHA-256 | 27adfafedcfe47f73c1954865735f79c81c28a637bc1740b0417e8fa73c37141
Typo3 CMS Modern Guestbook tx_veguestbook_pi1 3.3.0 SQL Injection
Posted Feb 21, 2019
Authored by KingSkrupellos

Typo3 CMS Modern Guestbook tx_veguestbook_pi1 version 3.3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a2dea393d022fd3fa2f6800c76deb936c546eb08ce2d45be2801966f31ac584e
Joomla AdsManager 3.2.0 CSRF / Database Disclosure / SQL Injection
Posted Feb 21, 2019
Authored by KingSkrupellos

Joomla AdsManager component version 3.2.0 suffers from cross site request forgery, database disclosure, remote file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection, file inclusion, csrf
SHA-256 | 01c4a4784a6d62f40a52fc15f9c5a3368ca70716e3f78820d5e7d3a4534d5d72
Drupal Pubdlcnt 7.x-1.2 Open Redirection
Posted Feb 21, 2019
Authored by KingSkrupellos

Drupal Pubdlcnt module version 7.x-1.2 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 5a5e2cc4bc34572b323417c64f4e9650678715862a7a81a19fe3a2f57fbcb7dd
Valentina Studio 9.0.5 Buffer Overflow
Posted Feb 21, 2019
Authored by Alejandra Sanchez

Valentina Studio version 9.0.5 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 993dc07913420503fd7e4b429c9b0779d6f5e0eed0972d0e32e174e6c0172efa
RealTerm Serial Terminal 2.0.0.70 Echo Port Buffer Overflow
Posted Feb 21, 2019
Authored by Matteo Malvica

RealTerm Serial Terminal version 2.0.0.70 suffers from an echo port buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 801b86d255328b3fedc995c0bcbbcc29d2ca3f7b6e8522ecf7a4d5babd746c01
EI-Tube 3 SQL Injection
Posted Feb 21, 2019
Authored by Meisam Monsef

EI-Tube version 3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 587d00f17a692f0c85c44ba747af330fcc83ab6847b6e816bf0bdda4efbf8e34
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    20 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close