exploit the possibilities
Showing 1 - 25 of 480 RSS Feed

Files Date: 2020-11-01 to 2020-11-30

Rejetto HttpFileServer 2.3.x Remote Command Execution
Posted Nov 29, 2020
Authored by Oscar Andreu

Rejetto HttpFileServer version 2.3.x remote command execution exploit.

tags | exploit, remote
advisories | CVE-2014-6287
MD5 | f0b7a7e54ec676fda373df29ba788f8d
YATinyWinFTP Denial Of Service
Posted Nov 29, 2020
Authored by strider

YATinyWinFTP denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | b1aaf842deeaebd05c9022dcc446f4bc
Apache NiFi API Remote Code Execution
Posted Nov 28, 2020
Authored by Graeme Robinson | Site metasploit.com

This Metasploit module uses the NiFi API to create an ExecuteProcess processor that will execute OS commands. The API must be unsecured (or credentials provided) and the ExecuteProcess processor must be available. An ExecuteProcessor processor is created then is configured with the payload and started. The processor is then stopped and deleted.

tags | exploit
MD5 | 7f93306aa6b4030f2a6b69fe4206bed0
nfstream 6.2.5
Posted Nov 28, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Patch for minimal truncated UDP raw pcap handling.
tags | tool, python
systems | unix
MD5 | 0d6f828e5d67ceee7e7066e81c9b9078
Ubuntu Security Notice USN-4646-2
Posted Nov 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4646-2 - USN-4646-1 fixed vulnerabilities in poppler. The fix for CVE-2019-10871 introduced a regression causing certain applications linked against poppler to fail. This update backs out the fix pending further investigation. It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
MD5 | 0b505ce3fcb8bc020d54095819e940fa
Ubuntu Security Notice USN-4649-1
Posted Nov 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4649-1 - Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-27748
MD5 | 595ba1096ac8463cb7b849752a0852e7
Weaponize GhostWriting Injection - Code Injection Series Part 5
Posted Nov 28, 2020
Authored by Emeric Nasi

Whitepaper called Weaponize GhostWriting Injection. This is part 5 of a 5 part series of papers.

tags | paper
MD5 | 791ee7b58343b261e98e514c5986c656
Disable Dynamic Code Mitigation (ACG) - Code Injection Series Part 4
Posted Nov 28, 2020
Authored by Emeric Nasi

Whitepaper called Disable Dynamic Code Mitigation (ACG). This is part 4 of a 5 part series of papers.

tags | paper
MD5 | 0e3e2706f39d2d7d4d94ea738b8ad433
Exploit WNF Callback - Code Injection Series Part 3
Posted Nov 28, 2020
Authored by Emeric Nasi

Whitepaper called Exploit WNF Callback. This is part 3 of a 5 part series of papers.

tags | paper
MD5 | de2d2611ba5a65fae0e9b4d906265a18
Bypass Start Address Protection - Code Injection Series Part 2
Posted Nov 28, 2020
Authored by Emeric Nasi

Whitepaper called Bypass Start Address Protection. This is part 2 of a 5 part series of papers.

tags | paper
MD5 | 568ae61a93a997dbd2cec3b699088933
Process PE Injection Basics - Code Injection Series Part 1
Posted Nov 28, 2020
Authored by Emeric Nasi

Whitepaper called Process PE Injection Basics. This is part 1 of a 5 part series of papers.

tags | paper
MD5 | d6c3819eba87765c193f47df3826d9c2
Ubuntu Security Notice USN-4382-2
Posted Nov 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4382-2 - It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-11042, CVE-2020-11058, CVE-2020-11525, CVE-2020-13398
MD5 | 6a358e6b9c45a8fd4d61e8756172aeec
Heroic Knowledge Base 3.0.1 Cross Site Scripting
Posted Nov 27, 2020
Authored by begininvoke

Heroic Knowledge Base plugin versions 3.0.1 and below suffer from persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | df94306cb7de8bea529118f895637cc8
Ruckus IoT Controller 1.5.1.0.21 Remote Code Execution
Posted Nov 27, 2020
Authored by Emre Suren

Ruckus IoT Controller (Ruckus vRIoT) versions 1.5.1.0.21 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | a76ca35e7a3f8b47cc3cd57b5a659c7c
Best Support System 3.0.4 Cross Site Scripting
Posted Nov 27, 2020
Authored by Ex.Mi

Best Support System version 3.0.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | f74037429da1057feb79401fb4469a96
ZTE Blade Vantage Z839 Emode.APK android.uid.system Privilege Escalation
Posted Nov 27, 2020
Authored by Hacker Fantastic

ZTE Blade Vantage Z839 Emode.APK android.uid.system local privilege escalation exploit.

tags | exploit, local
MD5 | 2ad453e5e030521747ac204455b0066d
WonderCMS 3.1.3 Cross Site Scripting
Posted Nov 27, 2020
Authored by SunCSR

WonderCMS version 3.1.3 suffers from a persistent cross site scripting vulnerability. Original finding for persistent cross site scripting in this version of WonderCMS is attributed to Hemant Patidar.

tags | exploit, xss
MD5 | 0a86a07638c2bc4b20e96c08d1fd7f89
WordPress Accesspress Social Icons Theme 1.7.9 SQL Injection
Posted Nov 27, 2020
Authored by SunCSR

WordPress Accesspress Social Icons theme version 1.7.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d3cb5885976c55c92fedea658fd20a13
Polymorph 2.0: Advanced Manipulation Of Network Traffic In Real Time
Posted Nov 27, 2020
Authored by Santiago Hernandez Ramos

Whitepaper called Polymorph 2.0: Advanced Manipulation of Network Traffic in Real Time.

tags | paper
MD5 | 5a189432ecf01470a750aa0d2fafb9ed
WordPress Wibar Theme 1.1.8 Cross Site Scripting
Posted Nov 27, 2020
Authored by Ilca Lucian Florin

WordPress Wibar theme version 1.1.8 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | ea95dd17c0f2997fcd504f248aa1a6e2
WordPress Age Gate 2.13.4 Open Redirect
Posted Nov 27, 2020
Authored by Ilca Lucian Florin

WordPress Age Gate plugin versions 2.13.4 and below suffer fro an open redirection vulnerability.

tags | exploit
MD5 | a3548fa0a198ffdbc0c3ef0a20ea963b
Laravel Administrator 4 File Upload
Posted Nov 27, 2020
Authored by Xavi Beltran, Victor Campos

Laravel Administrator version 4 suffers from an unrestricted file upload vulnerability.

tags | exploit, file upload
advisories | CVE-2020-10963
MD5 | b32ad26683689ce39aae3cd95365fc83
Moodle 3.8 Arbitary File Upload
Posted Nov 27, 2020
Authored by Sirwan Veisi

Moodle version 3.8 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
MD5 | 4bf530ba008f828cff2639ab14956f02
Artificial Intelligence For Cybersecurity
Posted Nov 27, 2020
Authored by Mohan Santokhi, Jay Santokhi

Whitepaper called Artificial Intelligence for Cybersecurity.

tags | paper
MD5 | 1ca4923f68b9194cacc745cef5a60552
SAP Lumira 1.31 Cross Site Scripting
Posted Nov 27, 2020
Authored by Ilca Lucian Florin

SAP Lumira version 1.31 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3b83ad62cec70a0ffa3475532ddc5943
Page 1 of 20
Back12345Next

File Archive:

June 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    35 Files
  • 2
    Jun 2nd
    14 Files
  • 3
    Jun 3rd
    40 Files
  • 4
    Jun 4th
    22 Files
  • 5
    Jun 5th
    1 Files
  • 6
    Jun 6th
    1 Files
  • 7
    Jun 7th
    19 Files
  • 8
    Jun 8th
    14 Files
  • 9
    Jun 9th
    39 Files
  • 10
    Jun 10th
    20 Files
  • 11
    Jun 11th
    22 Files
  • 12
    Jun 12th
    2 Files
  • 13
    Jun 13th
    1 Files
  • 14
    Jun 14th
    32 Files
  • 15
    Jun 15th
    34 Files
  • 16
    Jun 16th
    9 Files
  • 17
    Jun 17th
    33 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close