exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 26 - 50 of 524

Files Date: 2015-12-01 to 2015-12-31

Bigware Shop 2.3.01 Local File Inclusion

Posted Dec 24, 2015

Authored by bd0rk

Bigware Shop version 2.3.01 suffers from multiple local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion

SHA-256 | 9946bd3b9e89313d99f6e1d094c69eda3ba65830a2082252c809e6d99685ebcc

Download | Favorite | View

PHP 7.0.0 Format String

Posted Dec 24, 2015

Authored by Andrew Kramer

PHP version 7.0.0 suffers from a format string vulnerability.

tags | exploit, php

SHA-256 | 19b3c5bd5a0c46292b9003e0983dc856d030ce773b0d5344e1809ac15c10246e

Download | Favorite | View

eWON XSS / CSRF / Session Management / RBAC Issues

Posted Dec 24, 2015

Authored by Karn Ganeshen

eWON routers with firmware versions prior to 10.1s0* suffer from cross site request forgery, session management, RBAC control, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf

advisories | CVE-2015-7925, CVE-2015-7926, CVE-2015-7927, CVE-2015-7928, CVE-2015-7929

SHA-256 | db44f5340110e31d8969ebbbea39b66476ba340c324579db4a0c8e86da5eb756

Download | Favorite | View

Nordex Control 2 (NC2) SCADA 16 Cross Site Scripting

Posted Dec 24, 2015

Authored by Karn Ganeshen

Nordex Control 2 (NC2) SCADA version 16 suffers from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2015-6477

SHA-256 | e4b3732da6a42937ee4a23ae9d5562bb1a69144c16f5139060d53c7ef8a341f4

Download | Favorite | View

XZERES 442SR Wind Turbine Cross Site Scripting

Posted Dec 24, 2015

Authored by Karn Ganeshen

XZERES 442SR wind turbine suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 1328aca548475d9704158e50bb0cf1d133388c98974314b228e040c479815ad9

Download | Favorite | View

Rips Scanner 0.5 Directory Listing

Posted Dec 24, 2015

Authored by Ehsan Hosseini

Rips Scanner version 0.5 suffers from a directory listing exposure vulnerability in leakscan.php.

tags | exploit, php, info disclosure

SHA-256 | ad068dfcffca395ab1149e06ca457ea7a6c6412e3f0b6f1ab9b457953e871786

Download | Favorite | View

Rips Scanner 0.5 Local File Inclusion

Posted Dec 24, 2015

Authored by Ehsan Hosseini

Rips Scanner version 0.5 suffers from multiple local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion

SHA-256 | 1aebe564cf436559ad09f5b6b02a377f73a5c9924747c953a23210a2e8e94db9

Download | Favorite | View

ATOMYMAXSITE 2.5 SQL Injection

Posted Dec 24, 2015

Authored by T3NZOG4N, Mojtaba MobhaM

ATOMYMAXSITE CMS version 2.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | e897d4605496f49476e3818fb953359fd7cc8eae02f2b5277ce3cfd07e4906c9

Download | Favorite | View

ATOMYMAXSITE 2.5 Cross Site Scripting

Posted Dec 24, 2015

Authored by T3NZOG4N, Mojtaba MobhaM

ATOMYMAXSITE CMS version 2.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 09559075dd71c90df71d283f2228f28808d1591018c9eba9064a9fcb58fd94f8

Download | Favorite | View

Fwknop Port Knocking Utility 2.6.8

Posted Dec 24, 2015

Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added a major new feature that allows fwknopd to easily integrate with third-party devices and software. Added new access.conf directives. Various other updates.

tags | tool, scanner, vulnerability

systems | unix

SHA-256 | 5999c2cffd231caf3082a5169fbac2f4a3f5db8309355c5615c98998718198ff

Download | Favorite | View

Slackware Security Advisory - blueman Updates

Posted Dec 24, 2015

Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New blueman packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory

systems | linux, slackware

advisories | CVE-2015-8612

SHA-256 | b81045c1c59f38a66a84e2269eace9046fe6f3ef352261ce1b8ae44564a998ef

Download | Favorite | View

Slackware Security Advisory - mozilla-thunderbird Updates

Posted Dec 24, 2015

Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory

systems | linux, slackware

SHA-256 | 5e3bb458b910caf3df07029b7035c054a9d5383037f88f0852d98c0852729c62

Download | Favorite | View

Debian Security Advisory 3430-1

Posted Dec 24, 2015

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3430-1 - Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or crash the application.

tags | advisory, remote, vulnerability

systems | linux, debian

advisories | CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317

SHA-256 | 1cd62addcbd83058fe474f7cc4169937181e259f8c04cc1d6b1f8215dd00b999

Download | Favorite | View

Arastta 1.1.5 SQL Injection

Posted Dec 23, 2015

Authored by Tim Coen | Site curesec.com

Arastta version 1.1.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | a96ee37a4db7e1befbf19eb7d7f342c5c6fa9f7c663bb2748b71b725e0ceca18

Download | Favorite | View

Grawlix 1.0.3 Code Execution

Posted Dec 23, 2015

Authored by Tim Coen | Site curesec.com

Grawlix version 1.0.3 suffers from a code execution vulnerability.

tags | exploit, code execution

SHA-256 | 363b7ff20db9ddc5d5233b65e44b777cc8e3829aae7618e1660bad9b327bdb49

Download | Favorite | View

Grawlix 1.0.3 Cross Site Request Forgery

Posted Dec 23, 2015

Authored by Tim Coen | Site curesec.com

Grawlix version 1.0.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | ef412181b9b3dd5790ac81fc22ce2ac18733073e60034781eeb53a0520645847

Download | Favorite | View

Grawlix 1.0.3 Cross Site Scripting

Posted Dec 23, 2015

Authored by Tim Coen | Site curesec.com

Grawlix version 1.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 3b4aa692a1f17caf9de47151b8cf19655c5f853ceb415f9da5d53e024088b9f9

Download | Favorite | View

CouchCMS 1.4.5 Cross Site Scripting / Open Redirect

Posted Dec 23, 2015

Authored by Tim Coen | Site curesec.com

CouchCMS version 1.4.5 suffers from open redirect and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

SHA-256 | 9cd5281847c6eceb81027be1a1120aaf31724f033c8790bc902a8d5357c4cba6

Download | Favorite | View

PhpSocial 2.0.0304_20222226 Cross Site Request Forgery

Posted Dec 23, 2015

Authored by Tim Coen | Site curesec.com

PhpSocial version 2.0.0304_20222226 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | a680f869e08b247516440678c3c9d1a9c4386cd402f7565238483d9beefed02d

Download | Favorite | View

Arastta 1.1.5 Cross Site Scripting

Posted Dec 23, 2015

Authored by Tim Coen | Site curesec.com

Arastta version 1.1.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 8d6f81664b36368e3a01d83719c2535268f2dd3fa1b262e9edf34eaa3f4722e9

Download | Favorite | View

PhpSocial 2.0.0304_20222226 Cross Site Scripting / Open Redirect

Posted Dec 23, 2015

Authored by Tim Coen | Site curesec.com

PhpSocial version 2.0.0304_20222226 suffers from cross site scripting and open redirection vulnerabilities.

tags | exploit, vulnerability, xss

SHA-256 | d1a79ba705887ef6b104cc7209599e56af19b3ab6e79a5a35ba7829310f43dd6

Download | Favorite | View

CouchCMS 1.4.5 Code Execution

Posted Dec 23, 2015

Authored by Tim Coen | Site curesec.com

CouchCMS version 1.4.5 suffers from a code execution vulnerability.

tags | exploit, code execution

SHA-256 | 28d0f428eb7f71c36e4128702b98dd743ecc11dd774a398ce7faff3b5ac8e79f

Download | Favorite | View

PHPDevShell 3.2.0 Cross Site Scripting

Posted Dec 23, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

PHPDevShell version 3.2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 44b3c53d766210199ba7fe1fce79f5092cde11f6cdefdabfc6d94527be235545

Download | Favorite | View

esoTalk 1.0.0g4 Cross Site Scripting

Posted Dec 23, 2015

Authored by Tim Coen | Site curesec.com

esoTalk version 1.0.0g4 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 0d438e2f670b427b57f680da042b5dc5c28ca50cf1c0ea64d52d117414e42aec

Download | Favorite | View

WordPress NextGEN Gallery 2.1.10 Shell Upload

Posted Dec 23, 2015

Authored by CSW Research Lab

WordPress NextGEN Gallery plugin version 2.1.10 suffers from a remote shell upload vulnerability.

tags | advisory, remote, shell, file upload

SHA-256 | c71fb2b79645cdc5f4d38e414f680173ec0b97d1f60ef3fde3e35e7b1d5b1dcf

Download | Favorite | View