exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files Date: 2022-12-15

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Unauthenticated Factory Reset
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an unauthenticated factory reset vulnerability in restorefactory.cgi.

tags | exploit, cgi
SHA-256 | 1a0c507a2c0f666f15e332c7934c5598e8049b69d4e09f06340c0fbb87d33517
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x upload.cgi Code Execution
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an unauthenticated remote code execution vulnerability in upload.cgi.

tags | exploit, remote, cgi, code execution
SHA-256 | 3c3c6d279fd591ebe7b26f14524ac53bdce85b020d4fd8b0674e18a3fd734b58
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x traceroute.php Conditional Command Injection
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a conditional command injection vulnerability in traceroute.php.

tags | exploit, php
SHA-256 | 493fb94bb96a88e40abd33e5eccebbff52f80b0de903d6bad482c12681edc5d7
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x username Command Injection
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a username related unauthenticated command injection vulnerability.

tags | exploit
SHA-256 | 2a1af0e2d214afa5a71f6409fc8b889a191a4e4d6f778f1364c588cf61c2226b
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x password Command Injection
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a password related unauthenticated command injection vulnerability.

tags | exploit
SHA-256 | 87e9bc33ec95ac9d66ff2caa9f5d4d61dc4d76eb1934816979fa04a477330ee1
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x services Command Injection
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a services related authenticated command injection vulnerability.

tags | exploit
SHA-256 | eabf1351cb8311b07b8d38944e52c0f4bf4ac3fe1c2b689f78f5b11f2d93e684
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Unauthenticated File Disclosure
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x and below suffer from an unauthenticated file disclosure vulnerability.

tags | exploit
SHA-256 | 7704f2528e64a6579efda9376329311cb012f4d49f395092704e4f19b6d37559
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x ping.php Command Injection
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x and below suffer from a conditional command injection vulnerability in ping.php.

tags | exploit, php
SHA-256 | ade832b5db9e3a83e1ab939037cf7ceb6613442fdf7944335ad9f3f638d97f84
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Radio Steam Disclosure
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an unauthenticated radio stream disclosure vulnerability.

tags | exploit
SHA-256 | a313ea09e9877322d75ec4247416a055ed39d1c82bf035cde8f0bae23fb0995b
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x dns.php Command Injection
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x and below suffer from a conditional command injection vulnerability in dns.php.

tags | exploit, php
SHA-256 | 29a3f77080209e96ce853753006ab37df305d0ac4c6d034a7504f2376215c2ba
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Information Disclosure
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 008dfa5273043e47d602b15d8b45f577f0efeb0830579239c807aae59d59f1b3
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Persistent Cross Site Scripting
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a username persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 379a2eb9b0acd18a7331a425186d83e32dc1d0d61a8581a459514c544f78c49e
Adversary3 3.0
Posted Dec 15, 2022
Authored by malvuln | Site malvuln.com

Adversary3 is a tool to navigate the vast www.malvuln.com malware vulnerability dataset.

Changes: Dozens of new malware vulnerabilities added. New category of Logic Flaw was added.
tags | tool
systems | unix
SHA-256 | 9b13bea6b5b0bded8397b049cc552bc744cf3d67513c8059ab448bf8e9242f5a
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Directory Traversal / File Write
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an unauthenticated directory traversal file write vulnerability.

tags | exploit
SHA-256 | ad43cb010a75d501644d98cc356e5a1773a27450473ecc223ae22abfadcf5f56
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Hardcoded Credentials
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a hardcoded credential vulnerability.

tags | exploit
SHA-256 | 7dd7f164ff19a003d130c7f05a19965ba2b4b13c87933a6e3767ae2d3e587969
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x ICMP Flood Attack
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below allow an unauthenticated attacker to send network signals to an arbitrary target host that can be abused in an ICMP flooding attack. This includes the utilization of the ping, traceroute and nslookup commands through ping.php, traceroute.php and dns.php respectively.

tags | exploit, arbitrary, php
SHA-256 | 81c669280d4737e923eb0b0a5259214bbdd51f21c8109143eeadbef36025d06c
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x username SQL Injection
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a username SQL injection vulnerability that allows for authentication bypass.

tags | exploit, sql injection
SHA-256 | ebd0817677a6a623ce0af3acaebf98d3a0395b2b1e5640dddf877c40914c1350
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x password SQL Injection
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a password SQL injection vulnerability that allows for authentication bypass.

tags | exploit, sql injection
SHA-256 | 570c92684bee96b2173b72286ae8616f4c83d4410e62a0cd97cfd31cc7c71510
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Disconnect Webmonitor User Denial Of Service
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below allows an unauthenticated attacker to disconnect the current monitoring user from listening/monitoring and takeover the radio stream on a specific channel.

tags | exploit
SHA-256 | 51023384825dc840abd709ddec900a91de151bef787b63c5fbd8b007ce3c013d
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Insufficient Session Expiration
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffers from an insufficient session expiration vulnerability.

tags | exploit
SHA-256 | ff2a1471eedafd1bd1327cc46f0166d284f2485f09142cda34a6ae43f1ffe502
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Authorization Bypass
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an authorization bypass due to an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | ce9688c04a33c6f06d9e76e91a40f2fbf1a32abfe28f22584c0ab6856f158e6d
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Cross Site Request Forgery
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 7ad82d8bc844cdfb8173406cc8e5fa3c2feccd6228cf610d090321bbbbac18b5
SOUND4 Server Service 4.1.102 Local Privilege Escalation
Posted Dec 15, 2022
Authored by LiquidWorm | Site zeroscience.mk

SOUND4 Server Service version 4.1.102 suffers from an unquoted search path issue impacting the service SOUND4 Server for Windows. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.

tags | exploit, arbitrary, local, root
systems | windows
SHA-256 | 0d1f43d038e2cabb1630fddce016ccf758ccc883097f7d7cdbcec19bc4cf8178
BSides SF 2023 Call For Papers
Posted Dec 15, 2022
Site bsidessf.org

BSidesSF is soliciting presentations, workshops, and villages for the 2023 annual BSidesSF conference. It will be located at City View at the Metreon in downtown San Francisco April 22nd through the 23rd, 2023.

tags | paper, conference
SHA-256 | 155076340b81d26d3d2bd8aa8310d074feff7f8a583b03a687abd01754152f90
Acronis TrueImage XPC Privilege Escalation
Posted Dec 15, 2022
Authored by Csaba Fitzl, Shelby Pace | Site metasploit.com

Acronis TrueImage versions 2019 update 1 through 2021 update 1 are vulnerable to privilege escalation. The com.acronis.trueimagehelper helper tool does not perform any validation on connecting clients, which gives arbitrary clients the ability to execute functions provided by the helper tool with root privileges.

tags | exploit, arbitrary, root
advisories | CVE-2020-25736
SHA-256 | 64e516f7e243343a09b0c147d3a167346d6cd74cc8c16dba1cb067a60cd06847
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close