exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 379 RSS Feed

Files Date: 2015-06-01 to 2015-06-30

ABH WORLD SQL Injection
Posted Jun 20, 2015
Authored by Shelesh Rauthan

Sites developed by ABH WORLD suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7d74be9e4c70472522a55e0a720c378823e7179bf0cb17b2fd7bd46bff03c5cb
WordPress Google Analyticator 6.4.9.3 CSRF
Posted Jun 20, 2015
Authored by Nitin Venkatesh

WordPress Google Analyticator plugin version 6.4.9.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | ebaceb86894099326e1aa5fe9de4c7e7b1f814c930696d719e744ca31cddce01
Adobe Flash Player ShaderJob Buffer Overflow
Posted Jun 19, 2015
Authored by Chris Evans, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability related to the ShaderJob workings on Adobe Flash Player. The vulnerability happens when trying to apply a Shader setting up the same Bitmap object as src and destination of the ShaderJob. Modifying the "width" attribute of the ShaderJob after starting the job it's possible to create a buffer overflow condition where the size of the destination buffer and the length of the copy are controlled.

tags | exploit, overflow
advisories | CVE-2015-3090
SHA-256 | 85ac61cf4df86a48ba3ebb5575fe809cd20d6d403d015526e3943526ed3262d0
Debian Security Advisory 3292-1
Posted Jun 19, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3292-1 - Bastian Blank from credativ discovered that cinder, a storage-as-a-service system for the OpenStack cloud computing suite, contained a bug that would allow an authenticated user to read any file from the cinder server.

tags | advisory
systems | linux, debian
advisories | CVE-2015-1851
SHA-256 | 9b66ae4edb170f5a91d3494b9e622d7c412e83ebfeeb4f301dd56c81b5a97e05
ManageEngine SupportCenter Plus 7.90 XSS / Traversal / Password Disclosure
Posted Jun 19, 2015
Authored by Vulnerability Laboratory, Alain Homewood | Site vulnerability-lab.com

ManageEngine SupportCenter Plus version 7.90 suffers from cross site scripting, password disclosure, and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 081617d3dcebc550fd4c6ab2540542547ed2a017511f52416250152c2586b2c8
Duo Push Timing Attack
Posted Jun 19, 2015
Authored by Josh Stone, Patrick Fussell

Duo push authentications are susceptible to a low-profile timing-based attack that permits an intruder to steal an authenticated session from an end-user accessing Duo-protected resources. Specifically, when multiple push notifications arrive simultaneously (or nearly so), only the final one is shown to the user. When the user authenticates that notification, only the corresponding session will actually be authenticated. If an attacker can initiate an equivalent connection slightly after the client?s session, then the user will typically authorize the malicious session rather than his or her own. Configurations affected include Duo Security Authentication Proxy version 2.4.8 and Duo Win Login version 1.1.8.

tags | advisory
SHA-256 | 103eb43f4540ebf657dd6624630bfe6d9cf75eb31d994d75465d0101fe86aa75
Tango FTP 1.0 Active-X Heap Spray
Posted Jun 19, 2015
Authored by metacom

Tango FTP active-x heap spray exploit that leverages a vulnerability in the COM component used eSellerateControl350.dll (3.6.5.0) method of the GetWebStoreURL member. Affects version 1.0 build 136.

tags | exploit, activex
SHA-256 | 7c5d287b7285d97c773bd521ba096c6d7155b06570a00ffc57b3294319a812a1
Tango DropBox 3.1.5 Active-X Heap Spray
Posted Jun 19, 2015
Authored by metacom

Tango DropBox active-x heap spray exploit that leverages a vulnerability in the COM component used eSellerateControl350.dll (3.6.5.0) method of the GetWebStoreURL member. Affects versions 3.1.5 and PRO.

tags | exploit, activex
SHA-256 | 3c8dfe4be4054d363a2c7bf83cffe6bedd810b2e267d01f52bc1df31959e5112
OpenEMR 4.2.0 Authentication Bypass
Posted Jun 19, 2015
Authored by Brian D. Hysell

OpenEMR versions 4.2.0 and 4.2.0 patch 1 suffer from an authentication bypass vulnerability.

tags | advisory, bypass
advisories | CVE-2015-4453
SHA-256 | a589315de279dd22ee99c036b36a4cfd6f70531f2f25bab5afeaec7ef31766f6
ZTE ZXV10 W300 3.1.0c_DR0 UI Session Delete
Posted Jun 19, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

ZTE ZXV10 W300 version 3.1.0c_DR0 suffers from a session vulnerability that allows a remote attacker to delete network settings and more.

tags | exploit, remote
SHA-256 | e6b4753445eecdc540f323caf6ddd8959dc3d0dc105d4e6952e16e30eb542b98
eBay Magento Cross Site Request Forgery
Posted Jun 19, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

eBay Magento suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | b3c0c736ffb72d43d1fe671c55dffcbc1392deeada1261b19a1a3ef5cb7b4d6c
Red Hat Security Advisory 2015-1127-02
Posted Jun 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1127-02 - In accordance with the Red Hat Enterprise Linux OpenStack Platform Support Policy, the life cycle of Production Support for version 4 will end on June 19, 2015. On June 20, 2015, Red Hat Enterprise Linux OpenStack Platform version 4 will enter an inactive state and will no longer receive updated packages, including Critical-impact security patches or urgent-priority bug fixes. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date.

tags | advisory
systems | linux, redhat
SHA-256 | 71fc3ccc8a75ebf651126029495fe0d0bed9e150ed78b62c21f07ec3f910ae05
eBay Magento Persistent Script Insertion
Posted Jun 19, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

A persistent input validation web vulnerability has been discovered in the official Magento xCommerce web-application. The vulnerability allows remote attackers to inject own script code to the application-side of the affected service module. The vulnerability is located in the filename value of the image upload module. The attacker needs to create a New Message with upload to change the filename to a malicious payload. The attack vector of the issue is located on the application-side and the request method to inject the script code is POST.

tags | exploit, remote, web
SHA-256 | 2d046bdbb2f5dbd96eb46e550a4e42059c43e67f2b94273651e0cdfbf7805252
ApPHP Hotel Site 3.x.x SQL Injection
Posted Jun 19, 2015
Authored by wishnusakti

ApPHP Hotel Site version 3.x.x suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 890ce1d4ffe628ac729ca8d7e542f34a6085bef5d2b10be9540e4c255325d05c
eBay Magento Cross Site Scripting
Posted Jun 19, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

A client-side cross site scripting web vulnerability has been discovered in the official Magento Commerce Premium Theme front-end web-application. The non-persistent xss vulnerability allows remote attackers to inject own script code to the application-side of the vulnerable online-service module.

tags | exploit, remote, web, xss
SHA-256 | 93f9dd7fd63830ad50de3dc317332c7a3e7b19e91c8f617f35ef178a5970df46
WinylPlayer 3.0.3 Memory Corruption
Posted Jun 19, 2015
Authored by Rajganesh Pandurangan

WinylPlayer version 3.0.3 memory corruption proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 788887d72aeca51f9c07a787f09f5f2b971d388afc67b75f0eaa8a3c94812388
Linux/x86 chmod('/etc/passwd','777') Shellcode
Posted Jun 19, 2015
Authored by Mohammad Reza Espargham

42 bytes small Linux/x86 chmod('/etc/passwd','777') shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | d1e5b6edf4696268f8430598de8b8cf66df50aa768578351bac4ee7c5a1c6f83
HansoPlayer 3.4.0 Memory Corruption
Posted Jun 19, 2015
Authored by Rajganesh Pandurangan

HansoPlayer version 3.4.0 memory corruption proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 20b9090c4b132b0b60d1f278ce6a8efb8bcfa0d4a1e0123be1f206ac25da0171
SAP Mobile Platform 3.0 XXE Injection
Posted Jun 19, 2015
Authored by Vahagn Vardanyan, Vahagn Vardanyan (ERPScan)

SAP Mobile Platform version 3.0 suffers from an XXE injection vulnerability. The problem is caused by a program error due to the incorrect use of an XML parser (/mobiliser servlet). By default, the parser opens external entities referenced within an XML input, which can then lead to malicious content being parsed. This malicious content can reference internal resources, such as files. These internal resources can be disclosed in the response to the request, or can be used to perform a denial of service attack on the parsing system, rendering the application content temporarily unavailable.

tags | advisory, denial of service, xxe
SHA-256 | e89aaed13c5a2c5ac4e974c044a080f19bad90ce384d9fca4ba8d2c791e1c274
SYBASE SQL Anywhere 12 / 16 Denial Of Service
Posted Jun 19, 2015
Authored by Vahagn Vardanyan

SYBASE SQL Anywhere versions 12 and 16 suffer from a denial of service vulnerability. An attacker can trigger a condition in which the process ceases to run. This condition can be intentionally provoked by an attacker to cause denial of service.

tags | advisory, denial of service
advisories | CVE-2015-2819
SHA-256 | ef63dab3201ae56b98a3747344e684a2c732c5d74e07e8556040954ed9c8255f
SAP Afaria 7 Missing Authorization Check
Posted Jun 18, 2015
Authored by Vahagn Vardanyan

SAP Afaria version 7 suffers from a missing authorization check vulnerability. An attacker can use a missing authorization check to access the service without any authorization procedures and use service functionality that has restricted access. This can lead to information disclosure, privilege escalation, and other attacks.

tags | advisory, info disclosure
advisories | CVE-2015-2816
SHA-256 | c31ed536e135ffd5dbbb2b9995e77c71bf0e3b40facee2e84ca09d91541fb8f9
SAP Afaria 7 Denial Of Service
Posted Jun 18, 2015
Authored by Vahagn Vardanyan

SAP Afaria version 7 suffers from a denial of service vulnerability in the XcListener module XeClient.Dll.

tags | advisory, denial of service
advisories | CVE-2015-2820
SHA-256 | 4503c9ec3011161fd5c3290385f680e3e08aa75980cccaccad5ba5c7f657478f
SAP Management Console Information Disclosure
Posted Jun 18, 2015
Authored by Dmitry Chastukhin

The management console of SAP NW version 7.4 suffers from an information disclosure vulnerability. It is possible to get some information from the web interface of CCMS without authentication. An attacker can use the information for subsequent attacks which will lead to illegal access to business-critical information.

tags | advisory, web, info disclosure
advisories | CVE-2015-2817
SHA-256 | 73f02099e08e2e93992dacd4aa1f75a2d6f6808869ba2d42d24272d2af5847e5
SAP NetWeaver Portal 7.31 XXE Injection
Posted Jun 18, 2015
Authored by Vahagn Vardanyan

SAP NetWeaver Portal version 7.31 suffers from an XXE injection vulnerability. By default, the parser opens external entities referenced within an XML input, which can then lead to malicious content being parsed. This malicious content can reference internal resources, such as files. These internal resources can be disclosed in the response to the request, or can be used to perform a denial of service attack on the parsing system, rendering the application content temporarily unavailable.

tags | advisory, denial of service, xxe
advisories | CVE-2015-2811
SHA-256 | b46458ceeb29478ddffbd1e176b6e2695088708178f75445d879b1a591dbce9f
SAP Mobile Platform 2.3 XXE Injection
Posted Jun 18, 2015
Authored by Dmitry Chastukhin

SAP Mobile Platform version 2.3 suffers from an XXE injection vulnerability. An attacker can read an arbitrary file on the server by sending a correct XML request with a crafted DTD to/scc/messagebroker/http and reading the reply from the service. An attacker can perform a DoS attack (for example, an XML Entity Expansion attack). A SMB Relay attack is a type of Man-in-the-Middle attack where the attacker asks the victim to authenticate into a machine controlled by the attacker, then relays the credentials to the target. The attacker forwards the authentication information both ways, giving them access.

tags | advisory, web, arbitrary, xxe
advisories | CVE-2015-2813
SHA-256 | af39f3b02d6f59a59ac9adee1be7f700f929d9f74faaf58a79ef76213342f7ab
Page 5 of 16
Back34567Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close