exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-05-17

CEWE Photoshow 6.4.3 Password Denial Of Service
Posted May 17, 2019
Authored by Alejandra Sanchez

CEWE Photoshow version 6.4.3 dneial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 3ea4d1517345a8e1279cb60577f1c5a47e6cea6e3b9f36a469137122fcb56d16
CEWE Photo Importer 6.4.3 Denial Of Service
Posted May 17, 2019
Authored by Alejandra Sanchez

CEWE Photo Importer version 6.4.3 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 946545f9129aa8d4cae5ac741ce3e90317b531e1373b3f5d660496e948752b87
Iperius Backup 6.1.0 Privilege Escalation
Posted May 17, 2019
Authored by bzyo

Iperius Backup version 6.1.0 suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 81444dad26eed9342fbfa06d4227a454b3785d42acfeceee83a1f32d06a61109
OpenDNSSEC 2.1.4
Posted May 17, 2019
Site opendnssec.org

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

Changes: Various bug fixes.
tags | tool
systems | unix
SHA-256 | 77e85e417d1067a5e4529b636248875a9e2d1925d5e90f022449007e59d6a293
Common Desktop Environment 2.3.0 dtprintinfo Privilege Escalation
Posted May 17, 2019
Authored by Marco Ivaldi

A buffer overflow in the DtPrinterAction::PrintActionExists() function in the Common Desktop Environment 2.3.0 and earlier, as used in Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long printer name passed to dtprintinfo by a malicious lpstat program.

tags | exploit, overflow, local, root
systems | solaris
advisories | CVE-2019-2832
SHA-256 | 061ca4997bee326476bbf713f5e74683ca863ebc4120b082849a1add69987dfe
Hydra Network Logon Cracker 9.0
Posted May 17, 2019
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Revamped rdp module to use FreeRDP library. Added memcached module. Added mongodb module. Various other updates.
tags | tool, web, imap
systems | cisco, unix
SHA-256 | 56672e253c128abaa6fb19e77f6f59ba6a93762a9ba435505a009ef6d58e8d0e
Huawei eSpace 1.1.11.103 Meeting Heap Overflow
Posted May 17, 2019
Authored by LiquidWorm | Site zeroscience.mk

Huawei eSpace version 1.1.11.103 Meeting suffers from a heap-based memory overflow vulnerability when parsing large amount of bytes to the 'strNum' string parameter in GetNameyNum() in 'ContactsCtrl.dll' and 'strName' string parameter in SetUserInfo() in eSpaceStatusCtrl.dll library, resulting in heap memory corruption. An attacker can gain access to the system of the affected node and execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2014-9418
SHA-256 | af90f5f900b600c33da10df6fd3d4e998fd6d70a94b3e1f74e59750b88b5031a
Huawei eSpace 1.1.11.103 Meeting Image File Format Handling Buffer Overflow
Posted May 17, 2019
Authored by LiquidWorm | Site zeroscience.mk

Huawei eSpace version 1.1.11.103 Meeting conference whiteboard functionality is vulnerable to a buffer overflow issue when inserting known image file formats. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

tags | exploit, overflow, arbitrary
advisories | CVE-2014-9417
SHA-256 | bda1b5e8a26593481f81b3c32e14564c523a358fd9231d9e797c58ba31fa1bf0
Huawei eSpace 1.1.11.103 Unicode Stack Buffer Overflow
Posted May 17, 2019
Authored by LiquidWorm | Site zeroscience.mk

Huawei eSpace Meeting cenwpoll.dll unicode stack buffer overflow exploit with SEH overwrite.

tags | exploit, overflow
advisories | CVE-2014-9415
SHA-256 | 490ee762476b17bd1fdf9781ccc265693d3c3a5bc2f6c5da8afb99d25162c0f0
Huawei eSpace 1.1.11.103 DLL Hijacking
Posted May 17, 2019
Authored by LiquidWorm | Site zeroscience.mk

Huawei eSpace version 1.1.11.103 suffers from a DLL Hijacking issue. The vulnerability is caused due to the application loading libraries (mfc71enu.dll, mfc71loc.dll, tcapi.dll and airpcap.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening a related application file (.html, .jpg, .png) located on a remote WebDAV or SMB share.

tags | exploit, remote, arbitrary
advisories | CVE-2014-9416
SHA-256 | 9aea69b662c8d5265e392a312f1101654a587b68b47e8265d432fd5d1e6f36d7
Cisco Expressway Gateway 11.5.1 Directory Traversal
Posted May 17, 2019
Site redteam-pentesting.de

Cisco Expressway Gateway version 11.5.1 suffers from a directory traversal vulnerability.

tags | exploit
systems | cisco
advisories | CVE-2019-1854
SHA-256 | 2d21823c888f2d2b908cd05eb0a2166fac4b33a4729b2a9f4b52422d2a88a0f7
Ubuntu Security Notice USN-3985-2
Posted May 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3985-2 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
SHA-256 | f1cb1a1bf9b2f78407c94f968bde455d07cd4e360ff1504fa77d64c0ecf72c91
Freelance Cockpit CRM 3.3.1 SQL Injection
Posted May 17, 2019
Authored by Mehmet Emiroglu

Freelance Cockpit CRM version 3.3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 83fdff2598f2c65877939315359b738ef06523adf646dec31a73e9540e8bd871
Sandboxie 5.30 Denial Of Service
Posted May 17, 2019
Authored by Alejandra Sanchez

Sandboxie version 5.30 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 703fb07db8e564ae274bfc1f929d0a682ebcc0df143eb67b3aa58dc467a4adbc
Horde Webmail 5.2.22 XSS / CSRF / SQL Injection / Code Execution
Posted May 17, 2019
Authored by Numan OZDEMIR

Horde Webmail version 5.2.22 suffers from code execution, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection, csrf
advisories | CVE-2019-12094, CVE-2019-12095
SHA-256 | f0b687fb3216938177a63fc81ec64bebd639bf70d529cb1674744db3e33e6e03
GAT-Ship Web Module 1.30 Information Disclosure
Posted May 17, 2019
Authored by Gionathan Reale

GAT-Ship Web Module versions 1.30 and below suffer from an information disclosure vulnerability.

tags | exploit, web, info disclosure
advisories | CVE-2019-12163
SHA-256 | eee145bca3e8be5c6e6502419bf53c84bf36f406d6f22716d15d882f00a1f2e2
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close