what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 799 RSS Feed

Files Date: 2012-05-01 to 2012-05-31

Santilga CMS 1.2.6.3 Cross Site Request Forgery / SQL Injection
Posted May 27, 2012
Authored by Akastep

Santilga CMS version 1.2.6.3 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
SHA-256 | 8a0563560c5278232bee426b67531c717a2f791ad068e36e4a01e78a1f3d99fa
AzDGDatingMedium 1.9.3 XSS / CSRF / SQL Injection / Directory Traversal
Posted May 27, 2012
Authored by Akastep

AzDGDatingMedium version 1.9.3 suffers from cross site request forgery, cross site scripting, php code execution, remote SQL injection, and directory traversal vulnerabilities.

tags | exploit, remote, php, vulnerability, code execution, xss, sql injection, csrf
SHA-256 | fca95caa0dc8e622b5578c80db1cc25787bae0c338499f4de51aa6149b181c7b
iOS 5.1.1 Safari Browser Denial Of Service
Posted May 26, 2012
Authored by Alberto Ortega

iOS versions 5.1.1 and below Safari Browser JS match(), search() crash proof of concept exploit.

tags | exploit, proof of concept
systems | cisco
SHA-256 | 88bf13ee6936fd4a41664c0ccb5fe91fdf90eb621dae78246483afea0a274ca3
Hyperion Runtime Encrypter 1.0
Posted May 26, 2012
Authored by belial | Site nullsecurity.net

Hyperion is a runtime encrypter for 32-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter".

tags | tool, encryption
SHA-256 | c66e6ff1b37e64fba12f60f561cdd9e8055b39f03c9995e6b21f14088f779c52
PHP List 2.10.9 PHP Code Injection
Posted May 26, 2012
Authored by L3b-r1'z

PHP List version 2.10.9 suffers from a remote PHP code injection vulnerability.

tags | exploit, remote, php
SHA-256 | c0cd3d38f573e33e53f01d69feeb8194bc1884cbe78a7bafd51ad3ccfed51be8
Small CMS PHP Code Injection
Posted May 26, 2012
Authored by L3b-r1'z

Small CMS suffers from a remote PHP code injection vulnerability.

tags | exploit, remote, php
SHA-256 | 0e3a9859ea3125d9c006d7cd5165bb3dd6f354ff5d19ecf1a7e15e8aadc18427
Symantec Web Gateway 5.0.2 Local File Inclusion
Posted May 26, 2012
Authored by muts

Symantec Web Gateway version 5.0.2 remote local file inclusion root exploit.

tags | exploit, remote, web, local, root, file inclusion
advisories | CVE-2012-0297
SHA-256 | 1f988ae10011c9e9527aa54aee6542a4e4f221f26948b02c388b89c3b9e6db66
Secunia Security Advisory 49302
Posted May 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in EMC AutoStart, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | a6e381260040ed30c8fe34feebca489b5d64771aefe757a03e8daf27724f1500
Secunia Security Advisory 49275
Posted May 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for request-tracker3.8. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, conduct SQL injection attacks, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, and compromise a vulnerable system.

tags | advisory, vulnerability, xss, sql injection, csrf
systems | linux, debian
SHA-256 | 239897c56ebc22b5d44a1b1e9fb213c1589f2c4216471e4f440ee9ec7dc0d4a6
Secunia Security Advisory 49293
Posted May 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for openssl. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service) of the application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
SHA-256 | 3df54d4ab9c228f2348a011b682aa98a3ebef7a3a1a8d4c5a6abf6b27f0cca98
Secunia Security Advisory 49287
Posted May 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in RSSOwl, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 992e85a248c2293e75f89318e50500beed8e0b9fcb1b6abd091e2467009369eb
Secunia Security Advisory 49267
Posted May 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Walied Assar has discovered two vulnerabilities in ResEdit, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 3b3949a10be20b754836c1b9797ee5defc961186fbea1ba0e79660f407dcf5c7
Secunia Security Advisory 49289
Posted May 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Logitec LAN-W300N/R, LAN-W300N/RS, and LAN-W300N/RU2, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | f9d56eee8b724d15b8c7efac14f151b0179305f5089c72f08e59bb9a31cc91f5
Ubuntu Security Notice USN-1454-1
Posted May 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1454-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4086
SHA-256 | f28320f5538e98298ed28cf4be19ea1c9e1808d3f2e263ff05dd1b27f77c788d
WeBid converter.php Remote PHP Code Injection
Posted May 25, 2012
Authored by EgiX, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in WeBid version 1.0.2. By abusing the converter.php file, a malicious user can inject PHP code in the includes/currencies.php script without any authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
advisories | OSVDB-73609
SHA-256 | 80a84c00e66900b12e9cef081970706d89671fdd6de08048a29a545f296cfe05
RabidHamster R4 Log Entry sprintf() Buffer Overflow
Posted May 25, 2012
Authored by Luigi Auriemma, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in RabidHamster R4's web server. By supplying a malformed HTTP request, it is possible to trigger a stack-based buffer overflow when generating a log, which may result in arbitrary code execution under the context of the user.

tags | exploit, web, overflow, arbitrary, code execution
advisories | OSVDB-79007
SHA-256 | 9bd2fe133907afe8dae3b0872be07135e15c6152fbb081eaf7b8fefe328ad0a3
GreHack 2012 Call For Papers
Posted May 25, 2012
Site ensiwiki.ensimag.fr

The GreHack 2012 Call For Papers has been announced. It will be held in Grenoble, France on October 19th, 2012.

tags | paper, conference
SHA-256 | 6e421da4cd6b7010e65487f7a52f69e401e8bb337e0877e8a18abd3df844ccff
ResEdit 1.5.11-win32 Buffer Overflow
Posted May 25, 2012
Authored by Walied Assar

ResEdit version 1.5.11-win32 suffers from a buffer overflow. Proof of concept denial of service exploits included.

tags | exploit, denial of service, overflow, proof of concept
systems | linux, windows
SHA-256 | b262a9976e97dcbc6e64df36a7f4ee9302668979e3d09d6cc91825b139dcfede
Kolkata Web Application Fingerprinting
Posted May 25, 2012
Authored by ErrProne | Site blackhatacademy.org

Kolkata is a tool for IDS evading web application fingerprinting. It is written in perl and uses LibWhisker.

tags | tool, web, scanner, perl
systems | linux, unix
SHA-256 | 51799f93b27c4bf9963d9bb0be06a9c97f9292d2a95f88350b3c19c6dc197876
DornCMS 1.4 (add_page.php) Arbitrary File Upload
Posted May 25, 2012
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a vulnerability found in Dorn Content Management Script (CMS), version 1.4. By abusing the add_page.php file, the attacker can upload/add a new file (.php) to the /cms/pages/ directory without any authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
SHA-256 | d9e8467b701cbfb9bbe903c58d26bef4b2a9541424f51ceb8b51542282f6f250
Hacktivity 2012 Call For Papers
Posted May 25, 2012
Site hacktivity.com

The Hacktivity 2012 Call For Papers has been announced. It will be held from October 12th through the 13th, 2012 in Budapest, Hungary.

tags | paper, conference
SHA-256 | a163595c09a95340653cd554ab451e60125bc5eac1cd39d4800f8efeb1c8b86f
LogAnalyzer 3.4.2 Cross Site Scripting / SQL Injection / File Read
Posted May 25, 2012
Authored by Filippo Cavallarin

LogAnalyzer version 3.4.2 suffers from cross site scripting, arbitrary file reading, and remote SQL injection vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, xss, sql injection
SHA-256 | 20e0cd6da8ae12e950d981ee3947ff25853bdc8fedef7053293f570dfee099d1
Pligg CMS 1.2.1 Cross Site Scripting / Local File Inclusion
Posted May 25, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Pligg CMS version 1.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
advisories | CVE-2012-2435, CVE-2012-2436
SHA-256 | a7d8c229d604afce14ad7a8fb8d44e7b7cc72c937a69259550169bc098531f63
pragmaMx 1.12.1 Cross Site Scripting
Posted May 25, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

pragmaMx version 1.12.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2452
SHA-256 | cff5f8ae37aa417115fc3dcd726341dfa6ed0e74700583b162c5da31739d0fdb
Ubuntu Security Notice USN-1453-1
Posted May 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1453-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4086, CVE-2012-1601, CVE-2012-2123, CVE-2011-4086, CVE-2012-1601, CVE-2012-2123
SHA-256 | 0ce91b7b629cfee8a757c0aaf95f5ab728dc7c0c8392a5ba774db361dc1f15e3
Page 4 of 32
Back23456Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    47 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close