exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 51 RSS Feed

Files Date: 2012-08-23 to 2012-08-24

Ad Manager Pro 4 Local File Inclusion
Posted Aug 23, 2012
Authored by CorryL

Ad Manager Pro version 4 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | e3132a129e14dfce6cc2c611ec903aa79fc4e37033ab283a599a78581d7a08de
LetoDMS 3.3.6 Cross Site Request Forgery / Cross Site Scripting
Posted Aug 23, 2012
Authored by Shai rod

LetoDMS version 3.3.6 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | cc686fb290023aab67729a888697ad6f9f571447f91ee8c435efc2afc092c18c
Snagit 11.0.1 DLL Hijack
Posted Aug 23, 2012
Authored by coolkaveh

Snagit version 11.0.1 build 93 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 16b09cd499bd9fd97ead91bc50d2c3d9bf3d58a8fa4b5def003e90ab02cdfc7e
Adobe Pixel Bender Toolkit2 11.0.422584 DLL Hijack
Posted Aug 23, 2012
Authored by coolkaveh

Adobe Pixel Bender Toolkit2 version 11.0.422584 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 12daacd8112519e870d3653d89f3be93620660d3bc4db6904ec7e996c5a5d6ae
Foxit Reader 5.3.1.0606 DLL Hijack
Posted Aug 23, 2012
Authored by coolkaveh

Foxit Reader version 5.3.1.0606 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | c85b0765d2b2902e1401814916c29896723fc5742cd70eacb7c4bf0d88c582e0
Secunia Security Advisory 50374
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gjoko Krstic has discovered a vulnerability in Monstra CMS, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | 8c99ca9cb5e2f646d98df968102fe0021af71b072c8b0106eb080d5dacb3dce3
Secunia Security Advisory 50378
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gjoko Krstic has discovered a vulnerability in SiNG CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | f9913dc1090ac164558aea9b01931d3af66d72e73673709bd255af0eb8e302cc
Secunia Security Advisory 50400
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for libapache2-mod-rpaf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the module.

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 377baa3eb315086675a963b7f17769d21153011fc6150dba2415ff7722016f34
Secunia Security Advisory 50401
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Ipswitch WhatsUp Gold, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 03e350efe31e3ba5362f5b9f538d24925893ded5aea50f3a755eac5017e6143a
Secunia Security Advisory 50339
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VamCart, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 0d08790563db0d40bc8473c4aea9beccf9e86ba2dd89ceebbae906bcf3c21967
Secunia Security Advisory 50327
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Mesa, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
SHA-256 | 7c914038782e8c2dde99d8b16d0c81e2701875f0d3dc227fd57db67c5ffe56a5
Secunia Security Advisory 50325
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP LoadRunner, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | e8236cca198030dba56b53cdb0ba1ec6fc0eeb9990dea761f2fc6db5a97ee256
Secunia Security Advisory 50404
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for SUSE Manager. This fixes multiple vulnerabilities, which can be exploited by malicious users to manipulate certain data, conduct SQL injection attacks, cause a DoS (Denial of Service), and compromise a vulnerable system and by malicious people to conduct HTTP response splitting attacks and compromise a vulnerable system.

tags | advisory, web, denial of service, vulnerability, sql injection
systems | linux, suse
SHA-256 | 83820c98867e932b06029cacc62ed9fe88505fe4beede6424f3d4fab74ac1d14
Secunia Security Advisory 50398
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for imagemagick. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | ed36af2c9df62936b48b18942f2d3475271542d96290144465c30f130a71683f
Secunia Security Advisory 50341
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP StorageWorks P4000 Virtual SAN Appliance Software, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 0f3495f54cf3bac0dff3472b1c86daf10dc107bd9af40f5f446bc0b5b23b60d5
Secunia Security Advisory 50348
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - coolkaveh has discovered a vulnerability in Foxit Reader, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 0cea057569f3290ec4b28dad1064d6c58311465956eed7d9a41dfb363a554c37
Secunia Security Advisory 50334
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in OpenDocMan, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 95845483a9d46c2f6b3db7da052bc814fa34ded47607ad33d825435b1da0e9f0
Secunia Security Advisory 50328
Posted Aug 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in HP Intelligent Management Center, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | fcc10f7d81da423cded34341268f36e47ae9bc2b5f4b9ad8def098974f1b2807
Zero Day Initiative Advisory 12-166
Posted Aug 23, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-166 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LeftHand Virtual SAN Appliance. Authentication is not required to exploit this vulnerability. The flaw exists within the hydra component which listens by default on 13841/tcp. The hydra daemon is responsible for management remote operations such as user creation, snapshots, etc. Insufficient authentication is performed prior to performing administrative level tasks. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.

tags | advisory, remote, arbitrary, tcp
SHA-256 | ebd8aaa775cd9bb7488f743b842891dd03d78160d2b826c879bee4ac1a80836a
E-Mail Security Virtual Appliance learn-msg.cgi Command Injection
Posted Aug 23, 2012
Authored by juan vazquez, iJoo | Site metasploit.com

This Metasploit module exploits a command injection vulnerability found in E-Mail Security Virtual Appliance. This Metasploit module abuses the learn-msg.cgi file to execute arbitrary OS commands without authentication. This Metasploit module has been successfully tested on the ESVA_2057 appliance.

tags | exploit, arbitrary, cgi
SHA-256 | 35a10b92773107d05af690f3a81504b9b0560cbd38a7ba0f7b3acd17dac63729
XODA 0.4.5 Arbitrary PHP File Upload
Posted Aug 23, 2012
Authored by juan vazquez, Shai rod | Site metasploit.com

This Metasploit module exploits a file upload vulnerability found in XODA 0.4.5. Attackers can abuse the "upload" command in order to upload a malicious PHP file without any authentication, which results in arbitrary code execution. The module has been tested successfully on XODA 0.4.5 and Ubuntu 10.04.

tags | exploit, arbitrary, php, code execution, file upload
systems | linux, ubuntu
SHA-256 | 4946a84183062b1d9abffb6b439d5931f024409a5402b78aa7244159e2a59c5b
Zero Day Initiative Advisory 12-165
Posted Aug 23, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-165 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Operations Agent for NonStop Server. User interaction is required to exploit this vulnerability in that the target must check the status of an existing node on the network. The specific flaw exists within ELinkService process which listens on TCP ports 7771 and 8976 by default. The process performs insufficient bounds checking on user-supplied data within in a HEALTH packet prior to copying it into a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed message packets to the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution
SHA-256 | 82992fd6b39a99d2005a2de029763ce391ec0ae965ed26d99e51f2baae93dbaa
Zero Day Initiative Advisory 12-164
Posted Aug 23, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-164 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the img.exe component, which listens by default on TCP port 8800. When handling message packets, the process performs arithmetic on an unvalidated user-supplied values used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. By sending a specially crafted packet, an attacker can leverage this vulnerability to execute code under the context of the user.

tags | advisory, remote, overflow, arbitrary, tcp
SHA-256 | 976d02d40ee3ff9f4206db1e3fb0504e426cfd3f216867ea30fd9f0d006e7bf9
xt:Commerce VEYTON 4.0.15 Cross Site Scripting
Posted Aug 23, 2012
Authored by LiquidWorm | Site zeroscience.mk

xt:Commerce VEYTON version 4.0.15 suffers from stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 08c8e8a11902fb9b872d82a1af2e69daab378a1dfcdd896ad76c304ecf53238e
Monstra 1.2.1 Cross Site Scripting
Posted Aug 23, 2012
Authored by LiquidWorm | Site zeroscience.mk

Monstra version 1.2.1 suffers from cross site scripting and html injection vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | a66092fdb607aa67e0feb81a2603defafc3a93caf5e02090e529ccb0f8f6b1ad
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close