Showing 1 - 9 of 9

Files Date: 2017-12-28 to 2017-12-29

pfSense 2.1.3-RELEASE (amd64) Remote Command Execution: Posted Dec 28, 2017; Authored by wetw0rk, Jared Stephens | Site metasploit.com; pfSense, a free BSD based open source firewall distribution, versions 2.2.6 and below contain a remote command execution vulnerability post authentication in the _rrd_graph_img.php page. The vulnerability occurs via the graph GET parameter. A non-administrative authenticated attacker can inject arbitrary operating system commands and execute them as the root user. Verified against 2.1.3.; tags | exploit, remote, arbitrary, root, php; systems | bsd; SHA-256 | 356649d9c2f36292416d035a36aa1b87ba078c2559b4b41b29fff647aca29fbd; Download | Favorite | View

Xerox DC260 EFI Fiery Controller Webtools 2.0 Arbitrary File Disclosure: Posted Dec 28, 2017; Authored by LiquidWorm | Site zeroscience.mk; Xerox DC260 EFI Fiery Controller Webtools version 2.0 suffers from an arbitrary file disclosure vulnerability.; tags | exploit, arbitrary; SHA-256 | 232f0949b47771d8a400247b6898412dc0cdee0443eb991fe9aca3e5e6feaf6e; Download | Favorite | View

NetTransport Download Manager 2.96L Buffer Overflow: Posted Dec 28, 2017; Authored by Aloyce J. Makalanga; NetTransport Download Manager version 2.96L suffers from a buffer overflow vulnerability.; tags | exploit, overflow; advisories | CVE-2017-17968; SHA-256 | 28848aef819ba5185a0dd108f0a97ed3dfa29c5c39a3c8702b523fe708f4b285; Download | Favorite | View

NetWin SurgeFTP 23f2 Cross Site Scripting: Posted Dec 28, 2017; Authored by Aloyce J. Makalanga; NetWin SurgeFTP version 23f2 suffers from multiple persistent cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2017-17933; SHA-256 | cb86e442ff84f5e815cc2692af37acce6e30fbd8973d937b161b7cbe34ca12bb; Download | Favorite | View

Easy!Appointments 1.2.1 Cross Site Scripting: Posted Dec 28, 2017; Authored by LiquidWorm | Site zeroscience.mk; Easy!Appointments version 1.2.1 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | ce28d66cade69cacbae2d0aa77efad6ce35b84246bb3a51d6cf1db25de6af0a3; Download | Favorite | View

ALLMediaServer 0.95 Buffer Overflow: Posted Dec 28, 2017; Authored by Anurag Srivastava | Site metasploit.com; This Metasploit module exploits a stack buffer overflow in ALLMediaServer 0.95. The vulnerability is caused due to a boundary error within the handling of HTTP request.; tags | exploit, web, overflow; SHA-256 | 0aeb690c29587f9a0c63a6668b87a74d40a7e016b5c7c1bd296f108aa1a7986d; Download | Favorite | View

HP Insight Control For VMware vCenter Server 7.3 Insecure Permissions: Posted Dec 28, 2017; Authored by Glafkos Charalambous; HP Insight Control for VMware vCenter Server version 7.3 allows a low privileged attacker to read sensitive information files, decrypt all configuration server passwords, and gain access to the systems which in turn leads to the compromise of the whole infrastructure.; tags | exploit; SHA-256 | 171a6632cc48d498cc993433e0e5d051881555de1c0cff708aef0055cc0d4f1c; Download | Favorite | View

GoodTravel Travel And Locations 1.0 Cross Site Scripting: Posted Dec 28, 2017; Authored by ShanoWeb; GoodTravel Travel and Locations PHP script and mobile application version 1.0 suffers from a cross site scripting vulnerability.; tags | exploit, php, xss; SHA-256 | 2dcd01f32ff2105c17880d9ad49ee4861236c484ebe4474ef48cde826c7d7440; Download | Favorite | View

Tripbuddy Travel, Locations, And Events 1.0 Cross Site Scripting: Posted Dec 28, 2017; Authored by ShanoWeb; Tripbuddy Travel, Locations, and Events version 1.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 8283b8e4e07e4e98f5710efc7b3cc551e82f7df72361b652a27798bc223c53b2; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days