exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2020-12-04

Super Backup 2.0.5 Directory Traversal
Posted Dec 4, 2020
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Super Backup version 2.0.5 for iOS suffers from a directory traversal vulnerability.

tags | exploit
systems | ios
SHA-256 | c0e31c3ea1d16f43baa877403a277582dd25962a118dc0f4f94b5cfc6e309e47
CCt99 Chichen Tech CMS 1.0 SQL Injection
Posted Dec 4, 2020
Authored by Vulnerability Laboratory, Mostafa Farzaneh | Site vulnerability-lab.com

CCt99 Chichen Tech CMS version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5ac71860224746508c38cc4fe66850ab71b70aa4295c0c292fddd06a4661c6d1
Perfex CRM 2.4.4 Cross Site Scripting
Posted Dec 4, 2020
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Perfex CRM version 2.4.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8f0a4080d778d603ed274d8c59e1cef54395fec462cebdeaf55a7ae9f99437d2
VestaCP 0.9.8-26 Token Session
Posted Dec 4, 2020
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

A session token vulnerability has been discovered in VestaCP version 0.9.8-26. The vulnerability allows remote attackers to gain unauthenticated or unauthorized access by client-side token manipulation.

tags | exploit, remote, web, local, info disclosure
SHA-256 | ae8c5b4a8baf982ebb05cc9040ccbf5c1f924332927510d492c559caddbab251
VestaCP 0.9.8-26 Session Validation
Posted Dec 4, 2020
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

VestaCP version 0.9.8-26 suffers from an insufficient session validation vulnerability.

tags | exploit
SHA-256 | 6159b79ee1c4557d55f413617ee3f2dcdd0659e7afec203a8cd037f6b89243be
VestaCP 0.9.8-26 Cross Site Scripting
Posted Dec 4, 2020
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

VestaCP version 0.9.8-26 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7e70fa744d9b07edcbfc4a161a26c921eb4218063ebaa6d7a2d8da58ea7d7db7
Huawei HedEx Lite (DM) Path Traversal
Posted Dec 4, 2020
Authored by Vulnerability Laboratory, S.AbenMassaoud | Site vulnerability-lab.com

Huawei HedEx Lite (DM) suffers from a path traversal vulnerability.

tags | exploit
SHA-256 | 92d8a7b71d563caa017b64ebf1440f3f2ff49b7fd6607d831e9146d3dfc9c038
Suricata IDPE 6.0.1
Posted Dec 4, 2020
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: A couple features were added and many bugs were addressed.
tags | tool, intrusion detection
systems | unix
SHA-256 | e7a1798fe59c1d213f752feefbf8bb54168f9fa56235cf3380347c696ecdb1ae
MiniCMS 1.10 Cross Site Scripting
Posted Dec 4, 2020
Authored by yudp

MiniCMS version 1.10 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 580397233fb61a4bef10a59c12712f1a1c36d9f40ccb8106594b5836e6026920
Encrypted Linux x86-64 Loadable Kernel Modules (ELKM)
Posted Dec 4, 2020
Authored by cenobyte

Whitepaper called Encrypted Linux x86-64 Loadable Kernel Modules (ELKM). The aim is to protect kernel-based rootkits and implants against observation by EndpointDetection and Response (EDR) software and to neutralize the effects of recovery by disk forensics tooling.

tags | paper, x86, kernel
systems | linux
SHA-256 | 8c1624c7c34043b6adcf6bf8d40dacba0d70f69ac41bf3bb91c707f4c800f332
Zabbix 5.0.0 Cross Site Scripting
Posted Dec 4, 2020
Authored by Shwetabh Vishnoi

Zabbix version 5.0.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8cbbd0ee6d1c5466ee0d2a22b6ce95d10e75cde127c24a38cda3d57746478eb6
CMS Made Simple 2.2.15 Cross Site Scripting
Posted Dec 4, 2020
Authored by Eshan Singh

CMS Made Simple version 2.2.15 suffers from a persistent cross site scripting vulnerability via an authenticated SVG file upload.

tags | exploit, xss, file upload
SHA-256 | 3a70bea3ff018f2a3e3bc5cb413b9c3da9210a7c1832fd27589baa34aaef8e17
Laravel Nova 3.7.0 Denial Of Service
Posted Dec 4, 2020
Authored by iqzer0

Laravel Nova version 3.7.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 9eb495324041230df1778bdc6d24f4736918454a3a493572ff1e36fb62cb7360
Phpscript SGH 0.1.0 SQL Injection
Posted Dec 4, 2020
Authored by KeopssGroup0day Inc

Phpscript SGH version 0.1.0 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9552feef216e1c89c849008c2df8fe88e75923abfd09fd89fc5208c549d78bfc
WordPress Canto 1.3.0 Server-Side Request Forgery
Posted Dec 4, 2020
Authored by Pankaj Verma

WordPress Canto plugin version 1.3.0 suffers from an unauthenticated server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2020-28976, CVE-2020-28977, CVE-2020-28978
SHA-256 | df36bda8f802a55dc16c72320588c7ff56d412c1a0df5bcede5830be8b9a99bb
Composr CMS 10.0.34 Cross Site Scripting
Posted Dec 4, 2020
Authored by Parshwa Bhavsar

Composr CMS version 10.0.34 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e7d2e8be323e31438d8c6135158686adcc8b25caf9961d6908189f3e587d1de2
Forma LMS 2.3 Cross Site Scripting
Posted Dec 4, 2020
Authored by Hemant Patidar

Forma LMS version 2.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c3b32ba0ed652c87a51348c77103da0e6513fb3a39a22adafaa74c0def20e6cb
Savsoft Quiz 5 Cross Site Scripting
Posted Dec 4, 2020
Authored by Dhruv Patel

Savsoft Quiz version 5 suffers from a persistent cross site scripting vulnerability. This finding differs from the original discovery of persistent cross site scripting in this version found originally by th3d1gger.

tags | exploit, xss
SHA-256 | 37a4ba9345fee8f31b67fb0c4f6ca6b6aa2be75811fe815c6a724f4d964c77c1
Chromium 83 CSP Bypass
Posted Dec 4, 2020
Authored by Gal Weizman

Proof of concept code that demonstrates a full CSP bypass in Chromium 83.

tags | exploit, proof of concept, bypass
advisories | CVE-2020-6519
SHA-256 | f665b840e23447dd1db0bb7901be7ece20f08967d72f818e8e49bee711e616b2
Testa Online Test Management System 3.4.7 SQL Injection
Posted Dec 4, 2020
Authored by Ultra Security Team

Testa Online Test Management System version 3.4.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5d36d395ec6df5d4aeefadf263ea5607493679029513bbeeac6c0d602e5c6dfc
Firmware Analysis And Simulation
Posted Dec 4, 2020
Authored by Prabhankar Tripathi

Whitepaper called Firmware Analysis and Simulation.

tags | paper
SHA-256 | a6e26ecb9c1f523eef69a5364c1d8daca757b45fcd1216c25c2210a54fc4b2de
IDT PC Audio 1.0.6499.0 Unquoted Service Path
Posted Dec 4, 2020
Authored by Diego Canada

IDT PC Audio version 1.0.6499.0 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 7aeae44f16818c527d9c14de026bd5926cc5a403e2a052ebb00bcc06a54decfc
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close