what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2019-12-30

Thrive Smart Home 1.1 SQL Injection
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

Thrive Smart Home version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | e4aeb323f7e63fc22396a520fa3afe3efdd3c385f4c7d50055f96ddd5dd0ea03
Thrive Smart Home 1.1 Cross Site Scripting
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

Thrive Smart Home version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 46cea7a8c0bef7c0a74a6327c76ab35c819eb35ee2af2b41e2ed9ae4714f203f
HomeAutomation 3.3.2 Open Redirect
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 6c400fc7be48ccc34237bf098de7c74f775e8fb6b620c32b76e8751964726b9f
HomeAutomation 3.3.2 CSRF / Code Execution
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 suffers from a cross site request forgery vulnerability that allows for remote command execution.

tags | exploit, remote, csrf
SHA-256 | cca8b334de34777125e8f2a0950a8442c54a2c5b0d8651006ecec4b614ce177e
HomeAutomation 3.3.2 Cross Site Request Forgery
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | f23c1aa99af5634149ccf36f6901f15700735c2a52845ce2a65186b287a4ac7b
Debian Security Advisory 4596-1
Posted Dec 30, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4596-1 - Several issues were discovered in the Tomcat servlet and JSP engine, which could result in session fixation attacks, information disclosure, cross- site scripting, denial of service via resource exhaustion and insecure redirects.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2018-11784, CVE-2018-8014, CVE-2019-0199, CVE-2019-0221, CVE-2019-12418, CVE-2019-17563
SHA-256 | 6ebceaf0d89b2cfd7371e7b66dc4d0a44198b1bc2430ecc38e1dec0541185915
FreeBSD fd Privilege Escalation
Posted Dec 30, 2019
Authored by Karsten Konig

Local root exploit for the FreeBSD fd vulnerability as disclosed in FreeBSD-SA-19:02.fd.

tags | exploit, local, root
systems | freebsd, bsd
advisories | CVE-2019-5596
SHA-256 | 05adfc97defa9b66032601dddbc7174d89d7c42893b3449bce122d3043b86df0
HomeAutomation 3.3.2 Authentication Bypass
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 authentication bypass exploit.

tags | exploit
SHA-256 | 32faefa048892c60f350fd14fb7b3dfb9d5189bfa825f6509603127552d92716
FreeBSD mqueuefs Privilege Escalation
Posted Dec 30, 2019
Authored by Karsten Konig

Local root exploit for the FreeBSD mqueuefs vulnerability as disclosed in FreeBSD-SA-19:15.mqueuefs.

tags | exploit, local, root
systems | freebsd, bsd
SHA-256 | 90adbf6571ee419b5720c2c77c09ae73c0b991d5356d6bf9cdef1949b5a67b6d
MyDomoAtHome (MDAH) REST API Domoticz ISS Gateway 0.2.40 Information Disclosure
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

MyDomoAtHome REST API is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this, via a specially crafted request to gain access to sensitive information.

tags | exploit, remote, info disclosure
SHA-256 | 357776a2d5aa47ac656833d53b8602fbc35b3aa0ce805316d286d7e1b1dfd90d
HomeAutomation 3.3.2 Cross Site Scripting
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 suffers from persistent and reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 5bea197f9f58eb7871adf024f5cfc3eba64f2d6e110ef8855ccd8cf44af9dd25
WEMS BEMS 21.3.1 Undocumented Backdoor Account
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

WEMS BEMS version 21.3.1 has an undocumented backdoor account that is Base64 encoded. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the controller thru the RMI.

tags | exploit
SHA-256 | a5fa2ebe403b9dae6b9fd7464ecc1dbb0eb48cace1ac5d8e6e0170f2583f4c0f
Debian Security Advisory 4595-1
Posted Dec 30, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4595-1 - It was discovered that debian-lan-config, a FAI config space for the Debian-LAN system, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other user principals.

tags | advisory
systems | linux, debian
advisories | CVE-2019-3467
SHA-256 | 82061cfc85edebc357e70e88bef1a28092a77d75e58404c34d56e60eb1d2f284
Debian Security Advisory 4594-1
Posted Dec 30, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4594-1 - Guido Vranken discovered an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2019-1551
SHA-256 | a39d0cc9a81c74129e5f00871afb245984b1984fc1e3bd6c3edaaa4475432379
WEMS Enterprise Manager 2.58 Cross Site Scripting
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

WEMS Enterprise Manager version 2.58 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 808838c8fe62218d13ec462ebceceec14d3c27579ab0faedf0c2ab8a91a904a1
Heatmiser Netmonitor 3.03 Hardcoded Credentials
Posted Dec 30, 2019
Authored by Ismail Tasdelen

Heatmiser Netmonitor version 3.03 suffers from a hardcoded credential vulnerability.

tags | exploit
SHA-256 | 4660a59d519385d8cbe9b5ff59c605844c85e61e300d5e806ea6da2939b58d03
Wing FTP Server 6.0.7 Unquoted Service Path
Posted Dec 30, 2019
Authored by Nawaf Alkeraithe

Wing FTP Server version 6.0.7 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 559fc39363ebeac4e49dba17e94eff68b828a2fdd812f22ec437c92d997c5bf7
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close