exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-12-31 to 2014-12-31

Symantec Web Gateway 5.2.1 OS Command Injection
Posted Dec 31, 2014
Authored by EgiX

Symantec Web Gateway versions 5.2.1 and below suffer from a remote OS command injection vulnerability.

tags | exploit, remote, web
advisories | CVE-2014-7285
SHA-256 | 80e097e61c3144721b95a38213e7b0f3f782bac6d90fcd41c8baf29fdbab0249
GetSimple CMS 3.3.4 XML External Entity Injection
Posted Dec 31, 2014
Authored by EgiX

GetSimple CMS versions 3.1.1 through 3.3.4 suffer from an XML external entity injection vulnerability.

tags | exploit, xxe
advisories | CVE-2014-8790
SHA-256 | 08abfc94e71de2ed8b547ff31a3d88150accaa5198692c3c78a8a9486fd32308
Absolut Engine 1.73 Cross Site Scripting / SQL Injection
Posted Dec 31, 2014
Authored by Steffen Roesemann

CMS Absolute Engine version 1.73 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | ad2e88836b90afa4afe10d894720956e6cd6782a14871da5af8c8721c7ef2f3d
i-FTP 2.20 Schedule Buffer Overflow
Posted Dec 31, 2014
Authored by Gabor Seljan, metacom | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in i-Ftp version 2.20, caused by a long time value set for scheduled download. By persuading the victim to place a specially-crafted Schedule.xml file in the i-FTP folder, a remote attacker could execute arbitrary code on the system or cause the application to crash. This Metasploit module has been tested successfully on Windows XP SP3.

tags | exploit, remote, overflow, arbitrary
systems | windows
SHA-256 | 94c5ffd4bba7cde5bb23f726de24dc0fd0c729b7a0fbb63bb8f2f94583c88279
Debian Security Advisory 3116-1
Posted Dec 31, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3116-1 - It was discovered that a memory leak in parsing X.509 certificates may result in denial of service.

tags | advisory, denial of service, memory leak
systems | linux, debian
advisories | CVE-2014-8628
SHA-256 | 716f00de140643e903111e8a49c5906ac4dc2315c7a5c2ff83b4b5f09bf2b093
Mantis Bug Tracker 1.2.17 PHP Code Injection
Posted Dec 31, 2014
Authored by EgiX

Mantis Bug Tracker versions 1.2.0 through 1.2.17 suffer from a PHP code injection vulnerability.

tags | exploit, php
advisories | CVE-2014-7146
SHA-256 | 5123adecd54a72a557dfcb5fa13fb9a040dc8f7303ed28a65d028c74cd29df24
Osclass 3.4.2 Local File Inclusion
Posted Dec 31, 2014
Authored by EgiX

Osclass versions 3.4.2 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2014-8084
SHA-256 | 540c5a7d1919e55e0e1b5450e86af76917b39fa680c1edfea9aecdb3e4c5c065
EMC Replication Manager / AppSync Path Enumeration
Posted Dec 31, 2014
Site emc.com

EMC Replication Manager and EMC AppSync may contain unquoted entries in the Windows registry service path that could potentially be exploited by an attacker to execute malicious programs. EMC Replication Manager versions prior to 5.5.2 and EMC AppSync versions prior to 2.1.0 are affected.

tags | advisory, registry
systems | windows
advisories | CVE-2014-4634
SHA-256 | 085263f786a21f962439f7e0b2485d5c2b8b4c228b270b346a074cd80a39f6bd
Osclass 3.4.2 Shell Upload
Posted Dec 31, 2014
Authored by EgiX

Osclass versions 3.4.2 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2014-8085
SHA-256 | 825d51702a5b5cff864eca84c0ff288307cf0918b165529a013cccb1666471cd
RSA BSAFE Micro Edition Suite / SSL-J Triple Handshake
Posted Dec 31, 2014
Authored by Karthikeyan Bhargavan, Alfredo Pironti, Antoine Delignat-Lavaud | Site emc.com

RSA BSAFE Micro Edition Suite and SSL-J contain updates designed to prevent Triple Handshake attacks. There is a known potential vulnerability in the TLS protocol where it is possible for a malicious server to impersonate a client to another server using the client's credentials and successfully perform a man-in-the-middle attack on the third handshake.

tags | advisory, protocol
advisories | CVE-2014-4630
SHA-256 | 93be08d4c4e239ceb09c2ed267dbf8165470862f35b663be64f889d55c4e97e5
Osclass 3.4.2 SQL Injection
Posted Dec 31, 2014
Authored by EgiX

Osclass versions 3.4.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-8083
SHA-256 | feb708538ef7cc58e421b2def7ebaeb3f6f71a708040f56f501d7b1cde85fc88
Desktop Central Add Administrator
Posted Dec 31, 2014
Authored by Pedro Ribeiro

Desktop Central versions 7 and forward suffer from an add administrator vulnerability.

tags | exploit, add administrator
advisories | CVE-2014-7862
SHA-256 | c2e77377429f0005eda7b7e387bc4d53931aff42d4cb2b99620c29f7791151c0
Debian Security Advisory 3115-1
Posted Dec 31, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3115-1 - Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in Python-YAML, a YAML parser and emitter for Python. An attacker able to load specially crafted YAML input into an application using python-yaml could cause the application to crash.

tags | advisory, python
systems | linux, debian
advisories | CVE-2014-9130
SHA-256 | 49ad22f3dd836f0d44e1d28a7e4a30bff012d8ec8e5bbb52b850fe99bc1e870b
Gentoo Linux Security Advisory 201412-53
Posted Dec 31, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-53 - A vulnerability has been found in MIT Kerberos 5, possibly resulting in arbitrary code execution or a Denial of Service condition. Versions less than 1.13 are affected.

tags | advisory, denial of service, arbitrary, code execution
systems | linux, gentoo
advisories | CVE-2014-4341, CVE-2014-4343, CVE-2014-4345, CVE-2014-5351
SHA-256 | 5cde42d374ab870f36dc359940e34aa0c1990a9800b99bca9fe88696b4e98ae5
UCell Software For ZTE Modems DLL Hijacking
Posted Dec 31, 2014
Authored by Hadji Samir

UCell Software for ZTE Modems suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 0e24a72da1d26722ab921c8a7e01a34c4923fc932c51d571a3e8cc8dc5da3259
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close