Showing 1 - 10 of 10

Files Date: 2015-06-08 to 2015-06-09

Kankun Smart Socket / Mobile App Hardcoded AES Key: Posted Jun 8, 2015; Authored by Aseem Jakhar; The Kankun Smart Socket device and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP. An attacker on the local network can use the same key to encrypt and send unsolicited commands to the device and hijack it.; tags | exploit, local, udp, info disclosure; advisories | CVE-2015-4080; SHA-256 | 9225a407cd8c8dd1c678631cb1e646a383b42ee99ca1ea8aa1e039b735e9be08; Download | Favorite | View

SilverStripe CMS 3.1.13 XSS / Open Redirect: Posted Jun 8, 2015; Authored by hyp3rlinx | Site hyp3rlinx.altervista.org; SilverStripe CMS version 3.1.13 suffers from open redirection and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2015-5063, CVE-2015-5062; SHA-256 | 701dc27fc99ae0950b14b0faf19d1fb54c6eff0e004fef057c3b3d65faef74f2; Download | Favorite | View

Apexis IP CAM Username / Password Disclosure: Posted Jun 8, 2015; Authored by Daniel Godoy; Apexis IP CAM suffers from a remote information disclosure vulnerability.; tags | exploit, remote, info disclosure; SHA-256 | 6241365038e03dc58eafa111dc2905a716e965fcb30f266cfc7b10a7e6f1c8a2; Download | Favorite | View

SanyBee Gallery 0.2.9 / 0.2.10 XSS / Add Admin: Posted Jun 8, 2015; Authored by indoushka; SanyBee Gallery versions 0.2.9 and 0.2.10 suffer from cross site scripting and add administrator vulnerabilities.; tags | exploit, vulnerability, xss, add administrator; SHA-256 | f4038f6854de17663fff4ff5953a7bfa407b053ad722c8ea52c6d9aff3a1a1b4; Download | Favorite | View

WordPress Encrypted Contact Form 1.0.4 CSRF / XSS: Posted Jun 8, 2015; Authored by Nitin Venkatesh; WordPress Encrypted Contact Form plugin version 1.0.4 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; advisories | CVE-2015-4010; SHA-256 | de168bc9ae565931b08fd16f0f2a4a87e5905225a349be79aefeabea3d4371f1; Download | Favorite | View

Expedia CruiseShipCenters Insecure Direct Object Reference: Posted Jun 8, 2015; Authored by Mike Sheward, Paul O'Neil; Expedia CruiseShipCenters suffers from an insecure direct object reference vulnerability.; tags | advisory; SHA-256 | 28c192d3eea661a3d610ef216cada7ffcea7c0c106d0340b173317c5060fbbeb; Download | Favorite | View

Tanium Arbitrary File Overwrite: Posted Jun 8, 2015; Authored by Justin Burke; Tanium suffers from an arbitrary file overwrite vulnerability.; tags | advisory, arbitrary; SHA-256 | 56f5943446298e0afd8a0f224658b545708e94496113edf450d52debd5cde2ed; Download | Favorite | View

Elitenetwork Advanced Social Network Script Shell Upload: Posted Jun 8, 2015; Authored by indoushka; Elitenetwork Advanced Social Network Script suffers from a shell upload vulnerability.; tags | exploit, shell; SHA-256 | 50d8eaf21e2c3cca0a25040ae0ed37df379733579a42427167615f41f0e488cf; Download | Favorite | View

Joomla EQ Event Calendar SQL Injection: Posted Jun 8, 2015; Authored by Manish Tanwar; Joomla EQ Event Calendar component suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 76a3371129a71f9cb4b04572956cea23364589c89e791a42bed428d1adccc645; Download | Favorite | View

Subdreamer CMS 3.7.1 Local File Inclusion / File Upload: Posted Jun 8, 2015; Authored by indoushka; Subdreamer CMS version 3.7.1 suffers from local file inclusion and remote file upload vulnerabilities.; tags | exploit, remote, local, vulnerability, file inclusion, file upload; SHA-256 | 09a0cad0e98ff9212b156a550a330370bbd8e0c81c2dabaf374161618aad8e49; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days