exploit the possibilities
Showing 101 - 125 of 429 RSS Feed

Files Date: 2018-10-01 to 2018-10-31

Microsoft Data Sharing Local Privilege Escalation
Posted Oct 24, 2018
Authored by SandboxEscaper

Microsoft Data Sharing local privilege escalation proof of concept exploit.

tags | exploit, local, proof of concept
MD5 | 19b3b9b54f750224bfd2143dfd869414
SG ERP 1.0 SQL Injection
Posted Oct 24, 2018
Authored by Ihsan Sencan

SG ERP version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f0c203b3d06ac27007ad2ec6136191e4
Exim 4.90 Remote Code Execution
Posted Oct 24, 2018
Authored by hackk.gr

Exim version 4.90 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2018-6789
MD5 | 01c5629b664738de293238917077574d
WordPress Question Answer 1.2.30 Cross Site Scripting
Posted Oct 24, 2018
Authored by Socket_0x03

WordPress Question Answer plugin version 1.2.30 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 89d920b301ef30c8a49564082e7c34f3
WordPress Pie Register 3.0.17 Cross Site Scripting
Posted Oct 24, 2018
Authored by Socket_0x03

WordPress Pie Register plugin version 3.0.17 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8e5c5b3a53378f14911c41e8c2fcd258
LANGO Codeigniter Multilingual Script 1.0 Cross Site Scripting
Posted Oct 24, 2018
Authored by Ismail Tasdelen

LANGO Codeigniter Multilingual Script version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18416
MD5 | 3d79dc36216f7b57f8bfb18599f34c62
Apache OFBiz 16.11.04 XML Injection
Posted Oct 24, 2018
Authored by Jamie Parfet

Apache OFBiz version 16.11.04 suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | a88b221f2ca2e7c605f98af851140409
Linux/x86 execve(/bin/cat /etc/ssh/sshd_config) Shellcode
Posted Oct 24, 2018
Authored by Goutham Madhwaraj

44 bytes small Linux/x86 execve(/bin/cat /etc/ssh/sshd_config) shellcode.

tags | x86, shellcode
systems | linux
MD5 | 08e75ccaebbd0e64a304144280cd18e9
PHPTPoint Hospital Management System 1 SQL Injection
Posted Oct 24, 2018
Authored by Boumediene Kaddour

PHPTPoint Hospital Management System version 1 suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2018-18705
MD5 | 21487e5413eadd6846a0ca329be0ce54
Adult Filter 1.0 Denial Of Service
Posted Oct 24, 2018
Authored by Beren Kuday Gorun

Adult Filter version 1.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 9f21d60e5dc90631d8602911bda5c2f4
Faraday 3.2
Posted Oct 23, 2018
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added logical operator AND to status report search. Restkit dependency removed. Improvement on manage.py change-password. Added feature to show only unconfirmed vulns. Added ssl information to manage.py status-check. Updated wpscan plugin to support latest version. Allowed workspace names starting with numbers.
tags | tool, rootkit
systems | unix
MD5 | bead7cdf3cee4c80785604d35f1dbbcc
Ansvif 1.11a
Posted Oct 23, 2018
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This is an initial Android pre-release.
tags | tool, fuzzer
systems | unix
MD5 | 510eb1ca8408cfd8bd44114a6eab915c
Ubuntu Security Notice USN-3799-1
Posted Oct 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3799-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.62 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10 have been updated to MySQL 5.7.24. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-3133, CVE-2018-3156, CVE-2018-3173, CVE-2018-3200, CVE-2018-3277, CVE-2018-3284
MD5 | 9c6341ba7441c72524dd926ae636d826
ServersCheck Monitoring Software 14.3.3 SQL Injection
Posted Oct 23, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

ServersCheck Monitoring Software versions up through 14.3.3 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-18550
MD5 | 5f20210cc21e2f7f7eeba3f2bed4a0d4
Citrix NetScaler SD-WAN SQL Injection / Traversal / Command Injection
Posted Oct 23, 2018
Authored by Sergey Gordeychik, Denis Kolegov, Nikita Oleksov, Nikolay Tkachenko, Oleg Broslavsky

The management interfaces of Citrix NetScaler SD-WAN physical appliances and virtual appliances suffer from command injection, information exposure, incorrect access control, IP spoofing, remote SQL injection, and directory traversal vulnerabilities.

tags | advisory, remote, spoof, vulnerability, sql injection, file inclusion
advisories | CVE-2012-2104, CVE-2016-4793, CVE-2018-17444, CVE-2018-17445, CVE-2018-17446, CVE-2018-17447, CVE-2018-17448
MD5 | b27e1af5d9f4b9be4c08566bac90e203
Ubuntu Security Notice USN-3788-2
Posted Oct 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3788-2 - USN-3788-1 fixed vulnerabilities in Tex Live. This update provides the corresponding update for Ubuntu 18.10 It was discovered that Tex Live incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-17407
MD5 | 399e1f0d7ad56afe1ef3189f6bf7a64b
Ubuntu Security Notice USN-3777-3
Posted Oct 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3777-3 - USN-3777-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 %LTS. This update provides the corresponding updates for the Linux kernel for Azure Cloud systems. Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2018-14633, CVE-2018-15572, CVE-2018-15594, CVE-2018-17182, CVE-2018-3639, CVE-2018-6554, CVE-2018-6555
MD5 | 9d5422023e24d370d36309f152f01b10
CommuniGatePro Pronto Webmail 6.2 Cross Site Scripting
Posted Oct 23, 2018
Authored by Boumediene Kaddour

CommuniGatePro Pronto webmail version 6.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18621
MD5 | 99b80f0c277ceaafb643eb8d2aeb218b
Ubuntu Security Notice USN-3798-2
Posted Oct 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3798-2 - USN-3798-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the key management subsystem in the Linux kernel did not properly restrict adding a key that already exists but is negatively instantiated. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8539, CVE-2016-7913, CVE-2017-0794, CVE-2017-15299, CVE-2017-18216, CVE-2018-1000004, CVE-2018-7566, CVE-2018-9518
MD5 | bfdc7594d98be96ce72f6fbcd1096bfb
ServersCheck Monitoring Software 14.3.3 Cross Site Scripting
Posted Oct 23, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

ServersCheck Monitoring Software versions up through 14.3.3 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18551
MD5 | 2073e0a7bf80bbfb06368b74de78f83f
MGB OpenSource Guestbook 0.7.0.2 SQL Injection
Posted Oct 23, 2018
Authored by Ihsan Sencan

MGB OpenSource Guestbook version 0.7.0.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 843fcf17a6baad7b6180a019acb2efab
Microsoft Active Directory Federated Services (ADFS) User Enumeration
Posted Oct 23, 2018
Authored by Joshua Platz

Microsoft Active Directory Federated Services (ADFS) suffers from a time-based user enumeration vulnerability.

tags | exploit
MD5 | 3c4bec5bac1f0d1cdaef48fbaafa3459
Ubuntu Security Notice USN-3798-1
Posted Oct 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3798-1 - Dmitry Vyukov discovered that the key management subsystem in the Linux kernel did not properly restrict adding a key that already exists but is negatively instantiated. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a use-after-free vulnerability existed in the device driver for XCeive xc2028/xc3028 tuners in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-8539, CVE-2016-7913, CVE-2017-0794, CVE-2017-15299, CVE-2017-18216, CVE-2018-1000004, CVE-2018-7566, CVE-2018-9518
MD5 | bec3cbcb9fd27fc7ef0ed57a2e374431
Appsource School Management System 1.0 SQL Injection
Posted Oct 23, 2018
Authored by Ihsan Sencan

Appsource School Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 22a52ccf83f81c78fd2d7797c5f69108
SIPPTS 1.2.2
Posted Oct 23, 2018
Authored by Pepelux

SIPPTS is a set of tools to audit VoIP servers and devices using the SIP protocol. It is a set of perl scripts that allow you to identify extensions, remotely crack passwords, check for missing authentication to make phone calls, and more.

tags | tool, perl, telephony, protocol
MD5 | 04a6889548bba8328cf1f425eb681298
Page 5 of 18
Back34567Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close