Exploit the possiblities
Showing 26 - 50 of 495 RSS Feed

Files Date: 2017-01-01 to 2017-01-31

MySQL OOB Hacking
Posted Jan 29, 2017
Authored by Osanda Malith

This is a paper that discussing MySQL OOB hacking techniques under Windows.

tags | paper
systems | windows
MD5 | f927be9e4e0c76f1ea9267c22544c206
Adapt CMS 3.0.3 File Upload
Posted Jan 29, 2017
Authored by Amir.ght

Adapt CMS version 3.0.3 suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | e2e1068a2f24118cf38553e5bd14d304
Alternative For Information_Schema.Tables In MySQL
Posted Jan 29, 2017
Authored by Osanda Malith

Brief paper discussing an alternative technique to use instead of 'information_schema.tables' when extracting table names in SQL injections.

tags | paper, sql injection
MD5 | 8e6048a99360f0516cf7cb6a2eae3e08
Oracle Outside In VSDX 8.4.0 / 8.5.1 / 8.5.2 / 8.5.3 Use-After-Free
Posted Jan 28, 2017
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Oracle Outside In, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a use-after-free error within the vsvsdx.dll when processing PageHeight and PageWidth values of VSDX file, which can be exploited to corrupt memory via a specially crafted VSDX file. Successful exploitation may allow execution of arbitrary code. Versions 8.4.0, 8.5.1, 8.5.2, and 8.5.3 are affected.

tags | advisory, arbitrary
advisories | CVE-2017-3266
MD5 | 0711c13af8883e1a872439ce7381167c
CA Common Services casrvc Privilege Escalation
Posted Jan 28, 2017
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies support is alerting customers about a medium risk vulnerability that may allow a local attacker to gain additional privileges with products using CA Common Services running on the AIX, HP-UX, Linux, and Solaris platforms. The vulnerability, CVE-2016-9795, occurs due to insufficient validation by the casrvc program. A local unprivileged user can exploit the vulnerability to modify arbitrary files, which can potentially allow a local attacker to gain root level access.

tags | advisory, arbitrary, local, root
systems | linux, solaris, aix, hpux
advisories | CVE-2016-9795
MD5 | c33651df09a1bf032369d8e33acf84d5
WordPress FormBuilder 1.05 Cross Site Request Forgery
Posted Jan 28, 2017
Authored by Securify B.V., Burak Kelebek

WordPress FormBuilder plugin version 1.05 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | a69e1aad24d87f905f2b72d15d87e252
VirtualBox Privilege Escalation
Posted Jan 28, 2017
Authored by Wolfgang Hotwagner

VirtualBox versions prior to 5.0.32 and prior to 5.1.14 suffer from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-3316
MD5 | efabf266fc1bfe3166c49dc0824e8238
Joomla Store Locator 2.3.1.0 Cross Site Scripting
Posted Jan 28, 2017
Authored by Mojtaba MobhaM

Joomla Store Locator component version 2.3.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 46dcac4e2fe71bd9125b9385a9132691
EMC Data Protection Advisor Path 6.x Path Traversal
Posted Jan 28, 2017
Site emc.com

EMC Data Protection Advisor contains a fix for a path traversal vulnerability that may potentially be exploited by malicious users to compromise the affected system. Versions 6.1.x, 6.2, 6.2.1, 6.2.2, and 6.2.3 prior to patch 446 are affected.

tags | advisory
advisories | CVE-2016-8211
MD5 | 42a898251359bd4f741b8be745ec77f9
Cordova-Android 6.1.1 Insecure Transport
Posted Jan 28, 2017
Authored by Alon Galili

Cordova-Android versions 6.1.1 and below suffer from an insecure transport vulnerability due to the Gradle Distribution URL not using HTTPS by default.

tags | advisory, web
advisories | CVE-2017-3160
MD5 | 510d02c3b4e2726449fe217324969975
EMC Documentum D2 4.5 / 4.6 DQL Injection / Cross Site Scripting
Posted Jan 28, 2017
Site emc.com

EMC Documentum versions 4.5 and 4.6 suffer from DQL injection and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2016-9872, CVE-2016-9873
MD5 | 98f1c7c4d8b3563daf6f6d13fcb0e828
EMC Data Domain DD 5.x OS Command Injection
Posted Jan 28, 2017
Site emc.com

EMC Data Domain DD OS has been updated to fix a command injection vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions 5.4, 5.5 family all versions prior to 5.5.5.0, 5.6 family all versions prior to 5.6.2.0, 5.7 family all versions prior to 5.7.2.10 are affected.

tags | advisory
advisories | CVE-2016-8216
MD5 | 83e4e0371a971a7d003990024b3ffa02
Joomla JTAG Calendar 6.2.4 SQL Injection
Posted Jan 28, 2017
Authored by Mojtaba MobhaM

Joomla JTAG Calendar component version 6.2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ffde45784cd9748849d80109f5f65780
RSA BSAFE Crypto-J Cryptography Failure
Posted Jan 28, 2017
Site emc.com

RSA BSAFE Crypto-J versions prior to 6.2.2 suffer from improper OCSP validation and PKCS#12 timing attack vulnerabilities.

tags | advisory, crypto, vulnerability
advisories | CVE-2016-8212, CVE-2016-8217
MD5 | 49ddf75098380770f8fc8cd1d9e75886
MRF Web Panel 9.0.1 OS Command Injection
Posted Jan 28, 2017
Authored by Filippos Mastrogiannis, Dimitrios Maragkos, Loukas Alkis

MRF Web Administration Panel (SWMS) version 9.0.1 is vulnerable to OS command injection attacks.

tags | exploit, web
advisories | CVE-2016-10043
MD5 | 84c6a68b3068ef25bd399b3da1f75f26
EMC PowerPath Management Appliance Information Disclosure
Posted Jan 28, 2017
Site emc.com

EMC PowerPath Virtual Appliance is affected by a sensitive information disclosure vulnerability that may potentially be exploited by malicious users to compromise the affected system. Versions 2.0 and 2.0 SP1 are affected.

tags | advisory, info disclosure
advisories | CVE-2016-0890
MD5 | b58e787b2dfeb6ee4acce02b96b3f55a
EMC RecoverPoint Information Disclosure / Command Injection
Posted Jan 28, 2017
Site emc.com

EMC RecoverPoint versions prior to 4.4.1.1 and 5.0 suffer from information disclosure and command injection vulnerabilities.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2016-6648, CVE-2016-6649
MD5 | a67a0f8d704b8202518dce7f2e69954f
RSA Web Threat Detection 5.x Cross Site Scripting
Posted Jan 28, 2017
Site emc.com

RSA Web Threat Detection contains fixes for a cross site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions 5.0, 5.1, and 5.1.2 are affected.

tags | advisory, web, xss
advisories | CVE-2016-0919
MD5 | 11fcceb4fd415308eda84b5a6013a9e3
TM RG4332 2.7.0 Arbitrary File Disclosure
Posted Jan 27, 2017
Authored by Saeid Atabaki

TM RG4332 wireless router version 2.7.0 suffers from an arbitrary file disclosure vulnerability.

tags | exploit, arbitrary, info disclosure
MD5 | 18c75d68451914a8b99b21aff4960ee8
GNU Screen 4.5.0 Local Root Privilege Escalation
Posted Jan 27, 2017
Authored by Xiphos Research Ltd.

GNU Screen version 4.5.0 local root privilege escalation exploit.

tags | exploit, local, root
MD5 | 2dd241aabca8c8979c09cff279b2d7b5
Systemd 228 Privilege Escalation
Posted Jan 27, 2017
Authored by Sebastian Krahmer

Systemd 228 privilege escalation proof of concept exploit.

tags | exploit, proof of concept
advisories | CVE-2016-10156
MD5 | 456f8298b5491aa165da8bc7d93c25f0
OpenSSH 6.8 / 6.9 PTY Privilege Escalation
Posted Jan 27, 2017
Authored by Federico Bento

OpenSSH versions 6.8 and 6.9 suffer from a PTY privilege escalation vulnerability.

tags | exploit
advisories | CVE-2015-6565
MD5 | 08e7d4bdbebeaea8f3911d3f0872cb26
KB Affiliate Referral PHP Script 1.0 SQL Injection
Posted Jan 27, 2017
Authored by Ihsan Sencan

KB Affiliate Referral PHP Script version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, php, sql injection
MD5 | 9499f119c353fb3106ba7abf37ae7ae3
KB Login Authentication Script 1.1 SQL Injection
Posted Jan 27, 2017
Authored by Ihsan Sencan

KB Login Authentication Script version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 93a12c616af2719b0231670fe505b41d
KB Messages PHP Script 1.0 SQL Injection
Posted Jan 27, 2017
Authored by Ihsan Sencan

KB Messages PHP Script version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, php, sql injection
MD5 | b4ec7f6c03ec6953f93f24ee7f9db62d
Page 2 of 20
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    10 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close