Exploit the possiblities
Showing 51 - 75 of 355 RSS Feed

Files Date: 2017-10-01 to 2017-10-31

KeystoneJS 4.0.0-beta.5 Unauthenticated Stored Cross Site Scripting
Posted Oct 25, 2017
Authored by Ishaq Mohammed

KeystoneJS version 4.0.0-beta.5 suffers from an unauthenticated stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-15878
MD5 | b25bac8103481cb0935773ae248e5749
KeystoneJS 4.0.0-beta.5 Unauthenticated CSV Injection
Posted Oct 25, 2017
Authored by Ishaq Mohammed

KeystoneJS version 4.0.0-beta.5 suffers from an unauthenticated CSV injection vulnerability in admin/server/api/download.js and lib/list/getCSVData.js.

tags | exploit
advisories | CVE-2017-15879
MD5 | ed1bbf3e8a789e547a2f12819275971f
Windows NTLM Auth Hash Disclosure / Denial Of Service
Posted Oct 25, 2017
Authored by Juan Diego

Under certain circumstances a shared folder on Windows can be abused remotely to obtain the user credentials and to freeze the machine.

tags | exploit
systems | windows
MD5 | 75df1861286943e3f336ac2f00048071
Sophos UTM 9 Management Appplication Local File Inclusion
Posted Oct 25, 2017
Authored by Matthew Bergin | Site korelogic.com

Sophos UTM 9 suffers from a local file inclusion vulnerability. Version 9.410 is affected.

tags | exploit, local, file inclusion
MD5 | 9dd2a9188e82f74e56570b54972a43c5
Sophos UTM 9 loginuser Privilege Escalation Via Insecure Directory Permissions
Posted Oct 25, 2017
Authored by Matthew Bergin | Site korelogic.com

Sophos UTM 9 suffers from a loginuser privilege escalation vulnerability via insecure directory permissions. Version 9.410 is affected.

tags | exploit
MD5 | 56206e25a52b7c734995d01109f5f28c
Sonicwall WXA5000 1.3.2-10-30 Console Jail Escape / Privilege Escalation
Posted Oct 25, 2017
Authored by Matthew Bergin | Site korelogic.com

Sonicwall WXA5000 version 1.3.2-10-30 suffers from console jail escape and privilege escalation vulnerabilities.

tags | exploit, vulnerability
MD5 | 96ae20044a39b528b9cd3c1fe1e9bab9
Infoblox NetMRI VM-AD30-5C6CE Factory Reset Persistence
Posted Oct 25, 2017
Authored by Matthew Bergin | Site korelogic.com

Infoblox NetMRI version VM-AD30-5C6CE suffers from an administration shell factory reset persistence vulnerability.

tags | exploit, shell
MD5 | 3d645a515c1de250781ae9cab7fd9d5c
Infoblox NetMRI 7.1.4 Shell Escape / Privilege Escalation
Posted Oct 25, 2017
Authored by Hank Leininger, Matthew Bergin | Site korelogic.com

Infoblox NetMRI versions 7.1.2 through 7.1.4 suffer from administration shell escape and privilege escalation vulnerabilities.

tags | exploit, shell, vulnerability
MD5 | b723ed326bd04aa156050b80d0b7a39f
Ubuntu Security Notice USN-3425-2
Posted Oct 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3425-2 - USN-3425-1 fixed a vulnerability in Apache HTTP Server. This update provides the corresponding update for Ubuntu 12.04 ESM. Hanno Boeck discovered that the Apache HTTP Server incorrectly handled A Limit directives in .htaccess files. In certain configurations, a A remote attacker could possibly use this issue to read arbitrary server A memory, including sensitive information. This issue is known as A Optionsbleed. Various other issues were also addressed.

tags | advisory, remote, web, arbitrary
systems | linux, ubuntu
MD5 | 19a3c210bbf9b5883492f2f703cd9c78
Ubuntu Security Notice USN-3388-2
Posted Oct 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3388-2 - USN-3388-1 fixed several vulnerabilities in Subversion. This update provides the corresponding update for Ubuntu 12.04 ESM. Ivan Zhakov discovered that Subversion did not properly handle some requests. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2167, CVE-2016-2168, CVE-2017-9800
MD5 | e21388389183c326fdaef5767e8457ca
PHP Melody 2.6.1 SQL Injection
Posted Oct 25, 2017
Authored by Venkat Rajgor

PHP Melody version 2.6.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | d1030b2d22474e4e4a43dd856b933af5
FS OLX Clone SQL Injection
Posted Oct 25, 2017
Authored by 8bitsec

FS OLX Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d46e51ac954106773fea3d0072046553
FS Ebay Clone SQL Injection
Posted Oct 25, 2017
Authored by 8bitsec

FS Ebay Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6f69b0fdf4cfdead1803fba20658b40d
Debian Security Advisory 4006-1
Posted Oct 25, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4006-1 - Multiple vulnerabilities have been found in MuPDF, a PDF file viewer, which may result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-14685, CVE-2017-14686, CVE-2017-14687, CVE-2017-15587
MD5 | f7a8a034d503f31208c5424904f91dc2
Ubuntu Security Notice USN-3411-2
Posted Oct 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3411-2 - USN-3411-1 fixed a vulnerability in Bazaar. This update provides the corresponding update for Ubuntu 12.04 ESM. A Adam Collard discovered that Bazaar did not properly handle host names A in 'bzr+ssh://' URLs. A remote attacker could use this to construct A a bazaar repository URL that when accessed could run arbitrary code A with the privileges of the user. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
MD5 | 7b2bd881261c68b439626b33760a7b22
Ayukov NFTP FTP Client Buffer Overflow
Posted Oct 25, 2017
Authored by Berk Cem Goksel

Ayukov NFTP FTP Client versions prior to 2.0 suffer from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-15222
MD5 | 03910c936abe35c794bca6b0a841495e
FS Book Store Script SQL Injection
Posted Oct 25, 2017
Authored by 8bitsec

FS Book Store Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 28b6fb5bc29e3def8570411bacb04031
FS Amazon Clone SQL Injection
Posted Oct 25, 2017
Authored by 8bitsec

FS Amazon Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 67639fabdc9c90c7a47494811ddc4c1f
CometChat Local File Inclusion
Posted Oct 25, 2017
Authored by Luke Paris

CometChat versions prior to 6.2.0 BETA 1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 581727ce83f6335ab8ce9ade243546d8
FS Food Delivery Script SQL Injection
Posted Oct 25, 2017
Authored by 8bitsec

FS Food Delivery Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c513ff3feadfaa581a109cd01627594d
Netgear DGN1000 Setup.cgi Remote Command Execution
Posted Oct 25, 2017
Authored by Roberto Paleari | Site metasploit.com

This Metasploit module exploits an unauthenticated OS command execution vulnerability in the setup.cgi file in Netgear DGN1000 firmware versions up to 1.1.00.48, and DGN2000v1 models.

tags | exploit, cgi
MD5 | ca19c9ae7f1297c6b3244ef66e8bdb35
osTicket 1.10.1 Shell Upload
Posted Oct 25, 2017
Authored by Rajwinder Singh

osTicket version 1.10.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2017-15580
MD5 | 91d3007b10106697abc4881dc25ab268
Easy MPEG/AVI/DIVX/WMV/RM To DVD Buffer Overflow
Posted Oct 25, 2017
Authored by Venkat Rajgor

Easy MPEG/AVI/DIVX/WMV/RM to DVD buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
MD5 | eb38712a65a4d2609d36bab4451b164b
ArGoSoft Mini Mail Server 1.0.0.2 Denial Of Service
Posted Oct 25, 2017
Authored by Berk Cem Goksel

ArGoSoft Mini Mail Server version 1.0.0.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-15223
MD5 | 34472fd20763ce05610659d5cf4a34ff
Linux Kernel 4.14.0-rc4+ waitid() Privilege Escalation
Posted Oct 25, 2017
Authored by XeR_0x2A, chaign_c

Linux Kernel version 4.14.0-rc4+ waitid() privilege escalation exploit.

tags | exploit, kernel
systems | linux
advisories | CVE-2017-5123
MD5 | 08b767305ac7dce3da2855e8002abe80
Page 3 of 15
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    33 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close