exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 898 RSS Feed

Files Date: 2012-04-01 to 2012-04-30

Debian Security Advisory 2462-1
Posted Apr 29, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2462-1 - Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2012-0259, CVE-2012-0260, CVE-2012-1185, CVE-2012-1186, CVE-2012-1610, CVE-2012-1798
SHA-256 | 132c0a8aab05698e43ed93ac17041bec1f40bc314bb4d4da66317818ef77adc3
Opial CMS 2.0 XSS / SQL Injection / Shell Upload
Posted Apr 29, 2012
Authored by the_storm, Vulnerability Laboratory | Site vulnerability-lab.com

Opial CMS version 2.0 suffers from cross site scripting, shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
SHA-256 | b715a5d501c76b72681966b20da82857d1bfe2b30fa888e030a30457fc23c59a
Croogo CMS 1.3.4 Cross Site Scripting
Posted Apr 29, 2012
Authored by Chokri Ben Achor, Vulnerability Laboratory | Site vulnerability-lab.com

Croogo CMS version 1.3.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d52edbae3dcbd904127baa83996273ebf95e0a131a2429e7ffdc398dc3e73ca1
Soco CMS Local File Inclusion
Posted Apr 29, 2012
Authored by BHG Security Center

Soco CMS suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | b262c4bad8a0db244172d85bc17ec280f51cd55643f5503b5357848448ff6548
China Pujiang Government SQL Injection
Posted Apr 29, 2012
Authored by Chokri Ben Achor, Vulnerability Laboratory | Site vulnerability-lab.com

The Chinese Pujiang government suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7328c5b2dad92a77a5427450b574a00da3c7225dc0e5259414b1b575dec3bd6d
WordPress Bruteforce Script
Posted Apr 29, 2012
Authored by CorryL

This is a simple bash script for bruteforcing WordPress.

tags | cracker, bash
SHA-256 | a04595fb1fae7483302800dc402320dae1656bd040d010c93927bb2d7e92208a
Secunia Security Advisory 48991
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the Zingiri Web Shop plugin for WordPress, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, vulnerability, xss
SHA-256 | 9a703d7b33d8ce708c6ed5044605ab1953fc8bf0b87a5a7929f5b9ae3961f1dc
Secunia Security Advisory 49004
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the nBill component for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 9116c188a9768e937e2cace1b8948477e94ff899fbfc784bb8abf1812af1e8a5
Secunia Security Advisory 48663
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a security issue in Quest Toad for Data Analysts, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | 7b29ec9436a73582515b18edf5ed09ae4f79daa4f6445d05887070b8f048dfb2
Secunia Security Advisory 48988
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - G13 has discovered two vulnerabilities in PHP Volunteer Management, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, php, vulnerability, xss, sql injection
SHA-256 | 91c92cc81f3bf02dfce9d2dd852560cfcf9c637d3da8ef29bc5a7824eca04fec
Secunia Security Advisory 48981
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for jetty. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | 2a4a62d6a2d6daab66a9a3b9d760815a0e113e1996f14546141dc211b050560f
Varzesh3.com Cross Site Scripting
Posted Apr 29, 2012
Authored by l20ot

Varzesh3.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | df5d8a0d6bef7441b14a9a4211f200846a0aefb650d668cd3db8a04164fb8921
Phrack Magazine Issue 68
Posted Apr 28, 2012
Authored by phrack | Site phrack.org

Phrack Magazine Issue 68 - Articles include Phrack Prophile on FX, Android Linux Kernel Rootkit, Practical cracking of white-box implementations, and much more.

tags | kernel, magazine
systems | linux, unix
SHA-256 | 0e6e91b633186a03cce894e76d747bff9d43ed5f2c1621cb00a4f2ca9b469a49
CMS GratingPeru S.A.C Cross Site Scripting / SQL Injection
Posted Apr 28, 2012
Authored by the_cyber_nuxbie

CMS GratingPeru S.A.C suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | cd880ae80f357995e86aa35da84af90210c858d7b132f4c0e19a1425b0225847
Actuality Of SMBRelay In Modern Windows Networks
Posted Apr 28, 2012
Authored by Ares

Whitepaper called Actuality of SMBRelay in Modern Windows Networks.

tags | paper
systems | windows
SHA-256 | f87fc888c4e56b21d8c099e4f1faceacf01f9e809547979686a603d553e4449e
MySQLDumper 1.24.4 LFI / XSS / CSRF / Code Execution / Traversal
Posted Apr 27, 2012
Authored by Akastep

MySQLDumper version 1.24.4 suffers from code execution, cross site request forgery, cross site scripting, local file inclusion, and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, code execution, xss, file inclusion, csrf
SHA-256 | e6b0a6d0eb5642150f170e010552ff83ed91020020af670d6d374c55c6a6add5
IPA-IAC.org Cross Site Scripting
Posted Apr 27, 2012
Authored by Atmon3r

IPA-IAC.org suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 77a9e2f310258d1940bc0fe562fc77d876b8fef7e84ca4cef9c39a6d6b387064
ClamSAP Libraries 0.9.7.4
Posted Apr 27, 2012
Authored by Markus Strehle | Site clamsap.sourceforge.net

ClamSAP consists of two C shared libraries that link between ClamAV and the Virus Scan Interface (VSI) of SAP (official name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads, for example.

Changes: This release includes an adaption for ClamAV 0.97.4 and support for remote clamd scans.
tags | web, virus
systems | unix
SHA-256 | 4cc0cb65a43b084856fe6c79649ded144d8b596d567a16eaa32c9ede9bc42ab4
Mandriva Linux Security Advisory 2012-066
Posted Apr 27, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-066 - Security issues were identified and fixed in Mozilla Firefox and Thunderbird. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found a heap corruption in gfxImageSurface which allows for invalid frees and possible remote code execution. Anne van Kesteren of Opera Software found a multi-octet encoding issue where certain octets will destroy the following octets in the processing of some multibyte character sets. Various other issues were also addressed.

tags | advisory, remote, code execution
systems | linux, mandriva
advisories | CVE-2012-0468, CVE-2012-0467, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0472, CVE-2012-0473, CVE-2012-0474, CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2012-0479
SHA-256 | 52c7580faddde89c8ddd93ee504f0bd91f907d7b0db98c6e88c400c8de82300c
VMware Security Advisory 2012-0008
Posted Apr 27, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0008 - VMware ESX updates have been created for the ESX Service Console. The ESX Service Console Operating System (COS) kernel is updated which addresses several security issues in the COS kernel. The ESX Console Operating System (COS) libxml2 rpms are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2 and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several security issues. Various other issues have also been addressed.

tags | advisory, kernel, python
advisories | CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3191, CVE-2011-3905, CVE-2011-3919, CVE-2011-4348, CVE-2012-0028
SHA-256 | 27151f1e6ac2161133d87031a0879739a1b47509b25590993f62b5efcc45c458
HP Security Bulletin HPSBPV02754 SSRT100803 2
Posted Apr 27, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPV02754 SSRT100803 2 - A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches using a compact flash card which may contain malware content that is a PC trojan executable. The ProCurve switch operating system is not infected with the malware and the content on the compact flash card has no impact on the operation of the switch. Reuse of the compact flash card in a personal computer and manual execution of the malware content could result in a compromise of that system's integrity. Revision 2 of this advisory.

tags | advisory, trojan
advisories | CVE-2012-0133
SHA-256 | ce91c089270db6db060c9c1d7c9215979ae30446e5abfbcc9e91e77982f91126
eRealty Shop SQL Injection
Posted Apr 27, 2012
Authored by BHG Security Center

eRealty Shop suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2c251560027262d87f3e58becdb1eb1ef90c4a4ac1aea433394fd3f03b13a30d
Mandriva Linux Security Advisory 2012-065
Posted Apr 27, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-065 - The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server. The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c. Insufficient validating of upload name leading to corrupted $_FILES indices. Various other issues have also been addressed.

tags | advisory, remote, web, denial of service, arbitrary, cgi, php, sql injection
systems | linux, mandriva
advisories | CVE-2012-0788, CVE-2012-0807, CVE-2012-0830, CVE-2012-0831, CVE-2012-1172
SHA-256 | a018be1990be06d135afc8ee885fd862474162711692134a45a97fbfa7ed502c
Maxxweb CMS Cross Site Scripting
Posted Apr 27, 2012
Authored by Farbod Mahini

Maxxweb CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 38c469861a4a9cf8469dd60047951e878965800747f1740ea27f2c4ac072974c
Uiga Personal Portal SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

Uiga Personal Portal suffers from a remote SQL injection vulnerability in index2.php.

tags | exploit, remote, php, sql injection
SHA-256 | b9152582b0c4f0b77c7e1db220fcefc393f21d4e2076d4a38a60087190e6ac5d
Page 1 of 36
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close