exploit the possibilities
Showing 1 - 17 of 17 RSS Feed

Files Date: 2019-02-21

Nuuo Central Management SQL Injection
Posted Feb 21, 2019
Authored by Pedro Ribeiro | Site metasploit.com

The Nuuo Central Management Server allows an authenticated user to query the state of the alarms. This functionality can be abused to inject SQL into the query. As SQL Server 2005 Express is installed by default, xp_cmdshell can be enabled and abused to achieve code execution. This module will either use a provided session number (which can be guessed with an auxiliary module) or attempt to login using a provided username and password - it will also try the default credentials if nothing is provided.

tags | exploit, code execution
advisories | CVE-2018-18982
MD5 | a6bd69ef31e399150c79831f73918115
MatrixSSL x.509 Certificate Verification Stack Buffer Overflow
Posted Feb 21, 2019
Authored by Tavis Ormandy, Google Security Research

MatrixSSL suffers from a stack buffer overflow vulnerability when verifying x.509 certificates.

tags | exploit, overflow
MD5 | af74f61a0e0930cd9ea350d669953baf
WebKit JSC reifyStaticProperty Attribute Flag Issue
Posted Feb 21, 2019
Authored by Google Security Research, lokihardt

WebKit JSC has an issue where reifyStaticProperty needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetter.

tags | exploit
advisories | CVE-2019-6215
MD5 | f76ec921b78dcbb720528b54c5ba83f3
Ubuntu Security Notice USN-3866-2
Posted Feb 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3866-2 - USN-3866-1 fixed vulnerabilities in Ghostscript. The new Ghostscript version introduced a regression when printing certain page sizes. This update fixes the problem. Tavis Ormandy discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
MD5 | 77dd6ff7d1ee5ef8a4e5f5a8cfca6724
MikroTik RouterOS Firewall / NAT Bypass
Posted Feb 21, 2019
Authored by Jacob Baines

MikroTik RouterOS versions prior to 6.43.12 (stable) and 6.42.12 (long-term) firewall and NAT bypass exploit.

tags | exploit
advisories | CVE-2019-3924
MD5 | e0d598bbd700882e76a6d03ab552473e
ScreenStream 3.0.15 Denial Of Service
Posted Feb 21, 2019
Authored by Marcelo Vazquez

ScreenStream version 3.0.15 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | f04703213b7aec2dfd03ff775170af4f
C4G Basic Laboratory Information System (BLIS) 3.4 SQL Injection
Posted Feb 21, 2019
Authored by Carlos Avila

C4G Basic Laboratory Information System (BLIS) version 3.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c8222b82970286e88034d4ab2e084964
Virtual VCR Max .0a Buffer Overflow
Posted Feb 21, 2019
Authored by Wade Guest

Virtual VCR Max version .0a suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 3ca8a297b947cf09f7598def30ba652f
AirDrop 2.0 Denial Of Service
Posted Feb 21, 2019
Authored by Marcelo Vazquez

AirDrop version 2.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 827873256c71e3fda41f235475089748
Medical Store Script 3.0.3 Cross Site Scripting
Posted Feb 21, 2019
Authored by Mr Winst0n

Medical Store Script version 3.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 65518d6ed57e57e42d44d50de273779e
WordPress Village 5.0 CSRF / Backdoor / SQL Injection
Posted Feb 21, 2019
Authored by KingSkrupellos

WordPress Village theme version 5.0 suffers from cross site request forgery, backdoor access, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
MD5 | 61b6dad4e62244a4d5b8f34bc2aebc83
Typo3 CMS Modern Guestbook tx_veguestbook_pi1 3.3.0 SQL Injection
Posted Feb 21, 2019
Authored by KingSkrupellos

Typo3 CMS Modern Guestbook tx_veguestbook_pi1 version 3.3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0f4aaa768e92715e59f43bee0bdd030f
Joomla AdsManager 3.2.0 CSRF / Database Disclosure / SQL Injection
Posted Feb 21, 2019
Authored by KingSkrupellos

Joomla AdsManager component version 3.2.0 suffers from cross site request forgery, database disclosure, remote file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection, file inclusion, csrf
MD5 | 5564752e65defdfd7b0020bd14875166
Drupal Pubdlcnt 7.x-1.2 Open Redirection
Posted Feb 21, 2019
Authored by KingSkrupellos

Drupal Pubdlcnt module version 7.x-1.2 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 59eccf643253fbdc792ec5ecc29b9f93
Valentina Studio 9.0.5 Buffer Overflow
Posted Feb 21, 2019
Authored by Alejandra Sanchez

Valentina Studio version 9.0.5 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 0aa7b7239c40dcefcaef3514032e1afc
RealTerm Serial Terminal 2.0.0.70 Echo Port Buffer Overflow
Posted Feb 21, 2019
Authored by Matteo Malvica

RealTerm Serial Terminal version 2.0.0.70 suffers from an echo port buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 0abb6067c6406e7edbcb0f14f22b89b2
EI-Tube 3 SQL Injection
Posted Feb 21, 2019
Authored by Meisam Monsef

EI-Tube version 3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | db63c4d59c23a361f3496205475a4c87
Page 1 of 1
Back1Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    32 Files
  • 20
    Feb 20th
    15 Files
  • 21
    Feb 21st
    17 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close