exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2015-06-26 to 2015-06-27

Polycom RealPresence Resource Manager (RPRM) Disclosure / Traversal
Posted Jun 26, 2015
Authored by Rene Freingruber | Site sec-consult.com

By combining all vulnerabilities documented in this advisory an unprivileged authenticated remote attacker can gain full system access (root) on the RPRM appliance. This has an impact on all conferences taking place via this RP Resource Manager. Attackers can steal all conference passcodes and join or record any conference. Versions prior to 8.4 are affected.

tags | exploit, remote, root, vulnerability
advisories | CVE-2015-4681, CVE-2015-4682, CVE-2015-4683, CVE-2015-4684, CVE-2015-4685
SHA-256 | 1d5b03ba6b9a7b0e1ff5623237c28661b4f890d43709aa901df21c57464f2cf6
EMC Unisphere For VMAX 8.0.x Remote Code Execution
Posted Jun 26, 2015
Site emc.com

EMC Unisphere for VMAX version 8.0.3.4 contains a fix for a remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions 8.0.0, 8.0.1, and 8.0.2 are affected.

tags | advisory, remote, code execution
advisories | CVE-2015-0545
SHA-256 | dd26bb1f3f1a79a0085a4c0fc0d186a5ec9968c910963ab1d6a7e4b98b20715e
Koha ILS 3.20.x CSRF / XSS / Traversal / SQL Injection
Posted Jun 26, 2015
Authored by Raschin Tavakoli

Koha ILS suffers from cross site request forgery, cross site scripting, remote SQL injection, and path traversal vulnerabilities. Versions 3.20.x less than or equal to 3.20.1, 3.18.x less than or equal to 3.18.8, and 3.16.x less than or equal to 3.16.12 are affected.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
advisories | CVE-2015-4631, CVE-2015-4632, CVE-2015-4633
SHA-256 | db2ddcd34b4c592559253b1b3c6f3e7e83b307e30c13455c3c11e7c181ea9384
NETGEAR ProSafe Cross Site Scripting / SQL Injection / Header Injection
Posted Jun 26, 2015
Authored by Juan J. Guelfo

NETGEAR ProSafe suffers from cross site scripting, header injection, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | d2cffb6c14ae7d6d75847a649433d54664550130dd5ffabcc160493696e70230
Cisco Security Advisory 20150625-ironport
Posted Jun 26, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Web Security Virtual Appliance (WSAv), Cisco Email Security Virtual Appliance (ESAv), and Cisco Security Management Virtual Appliance (SMAv) suffer from a default authorized SSH key vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds for these vulnerabilities.

tags | advisory, web, vulnerability
systems | cisco
SHA-256 | e38fb0ce7d80564472a520ad94e940659c93ba113976a0dacea062720bcd0b67
Download Zip Attachments 1.0 File Download
Posted Jun 26, 2015
Authored by Larry W. Cashdollar

Download Zip Attachments version 1.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
advisories | CVE-2015-4704
SHA-256 | 5c51fdb6e266ef3a8a35172957a3166fd6452e291e1e736475722362e05b938f
WordPress WP-Instance-Rename 1.0 File Download
Posted Jun 26, 2015
Authored by Larry W. Cashdollar

WordPress WP-Instance-Rename plugin version 1.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
advisories | CVE-2015-4703
SHA-256 | 9a24d9b6daa62347b0cb943035d61843dba740d737dd765fd6a8ca7bdea56236
ArcSight Log Poisoning
Posted Jun 26, 2015
Authored by Andrea Menin

ArcSight suffers from a log poisoning vulnerability.

tags | exploit
SHA-256 | fc2f4788f873862fc266d71b5a6c6655034f7c3ae00f59103be393d90706c07b
Htcap Analysis Tool Alpha 0.1
Posted Jun 26, 2015
Authored by Filippo Cavallarin

Htcap is a web application analysis tool for detecting communications between javascript and the server. It crawls the target application and maps ajax calls, dynamically inserted scripts, websockets calls, dynamically loaded resources and some interesting elements. The generated report is meant to be a good starting point for a manual web application security audit. Htcap is written in python and uses phantomjs to load pages injecting a probe that analyzes javascript behaviour. Once injected, the probe, overrides native javascript methods in order to intercept communications and DOM changes. It also simulates user interaction by firing all attached events and by filling html inputs.

tags | tool, web, javascript, sniffer, python
SHA-256 | 981291a5ddf50d934fe6635ef8364804c1736f0f3495311f538a582c06e131fd
Nucleus CMS 3.65 Cross Site Scripting
Posted Jun 26, 2015
Authored by Sharankumar Somana

Nucleus CMS version 3.65 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 546f34805d04034f047e4144ea4b40a6097badf77ac07bce75855a9b73741bd7
Havij OLE Automation Array Remote Code Execution
Posted Jun 26, 2015
Authored by Mohammad Reza Espargham

Havij OLE automation array remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2014-6332
SHA-256 | 0b4819a45bd6e1a62245eba921eb17566ff9e73ce344ddff448a2b0e24071756
Linux/x86 Forced rmdir Shellcode
Posted Jun 26, 2015
Authored by B3mB4m

Linux/x86 forced rmdir shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 469f7ff5f741fdd0315a04ed6f346abbcb0f53af634b84d8f389271376f8674e
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close