Twenty Year Anniversary
Showing 101 - 125 of 104,250 RSS Feed

Files

CuteFTP Mac 3.1 Denial Of Service
Posted Nov 13, 2018
Authored by Yair Rodriguez Aparicio

CuteFTP Mac version 3.1 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | f3f40dad0d7e66644372dd7e345a952c
xorg-x11-server Local Privilege Escalation
Posted Nov 13, 2018
Authored by bolonobolo

xorg-x11-server versions prior to 1.20.1 local privilege escalation exploit.

tags | exploit, local
advisories | CVE-2018-14665
MD5 | ce4740c7124e0487c7d13eb8e1491e28
Tina4 Stack 1.0.3 Cross Site Request Forgery
Posted Nov 13, 2018
Authored by Ihsan Sencan

Tina4 Stack version 1.0.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 474b889f3294d6135cae90781755b977
Tina4 Stack 1.0.3 SQL Injection
Posted Nov 13, 2018
Authored by Ihsan Sencan

Tina4 Stack version 1.0.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection, info disclosure
MD5 | ddc080dfaca6281eb694835a41776d8f
Data Center Audit 2.6.2 Cross Site Request Forgery
Posted Nov 13, 2018
Authored by Ihsan Sencan

Data Center Audit version 2.6.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | faded8e0b62699eaed16a6dd13fa1ab7
Musicco 2.0.0 Arbitrary Directory Download
Posted Nov 13, 2018
Authored by Ihsan Sencan

Musicco version 2.0.0 suffers from an arbitrary directory download vulnerability.

tags | exploit, arbitrary
MD5 | e56f47f463a07a13651b8074482cce73
Alienor Web Libre 2.0 SQL Injection
Posted Nov 13, 2018
Authored by Ihsan Sencan

Alienor Web Libre version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | 693dcc4d311b5270b6a8004e70f1fa86
Surreal ToDo 0.6.1.2 Local File Inclusion
Posted Nov 13, 2018
Authored by Ihsan Sencan

Surreal ToDo version 0.6.1.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 4544bbb63c826c4b3fdfc2422dc06211
Surreal ToDo 0.6.1.2 SQL Injection
Posted Nov 13, 2018
Authored by Ihsan Sencan

Surreal ToDo version 0.6.1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 265992952bc4e252b41f04b8a6586d21
Linux/x86 Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode
Posted Nov 13, 2018
Authored by Javier Tello

58 bytes small Linux/x86 bind (99999/TCP) netcat traditional (/bin/nc) shell (/bin/bash) shellcode.

tags | shell, x86, tcp, shellcode, bash
systems | linux
MD5 | f4b8522201682477a5e1e7f645023f22
XAMPP Control Panel 3.2.2 Buffer Overflow
Posted Nov 13, 2018
Authored by Gionathan Reale, Semen Alexandrovich Lyhin

XAMPP Control Panel version 3.2.2 SEH unicode buffer overflow exploit.

tags | exploit, overflow
MD5 | fc81a31ec51873be9f0185f023efc416
Cisco Prime Infrastructure Unauthenticated Remote Code Execution
Posted Nov 13, 2018
Authored by Pedro Ribeiro | Site metasploit.com

Cisco Prime Infrastructure (CPI) contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege escalation to root by bypassing execution restrictions in a SUID binary. This Metasploit module exploits these vulnerabilities to achieve unauthenticated remote code execution as root on the CPI default installation. This Metasploit module has been tested with CPI 3.2.0.0.258 and 3.4.0.0.348. Earlier and later versions might also be affected, although 3.4.0.0.348 is the latest at the time of writing. The file upload vulnerability should have been fixed in versions 3.4.1 and 3.3.1 Update 02.

tags | exploit, remote, root, vulnerability, code execution, file upload
systems | cisco
advisories | CVE-2018-15379
MD5 | 2c9170145359581c4c8d1c13f564bce3
Ubuntu Security Notice USN-3816-1
Posted Nov 13, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3816-1 - Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. Jann Horn discovered a race condition in chown_one. A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. Various other issues were also addressed.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2018-15686, CVE-2018-15687, CVE-2018-6954
MD5 | 0d1d149d094bc787a61b8d9a8420e7bb
Android RSSI Broadcast Information Disclosure
Posted Nov 13, 2018
Authored by Yakov Shafranovich, Vilius Kraujutis | Site wwws.nightwatchcybersecurity.com

Android OS suffers from a sensitive data exposure vulnerability in its RSSI broadcasts.

tags | exploit, info disclosure
advisories | CVE-2018-9581
MD5 | a26217d9d0c12d9ab358f22208fabe78
Android 5.0 Battery Information Broadcast Information Disclosure
Posted Nov 13, 2018
Authored by Yakov Shafranovich, Vilius Kraujutis | Site wwws.nightwatchcybersecurity.com

Android OS version 5.0 suffers from a sensitive data exposure vulnerability in its battery information broadcasts.

tags | exploit, info disclosure
advisories | CVE-2018-15835
MD5 | 1662a0811657c2af60dfcefe19ec6d2f
TufinOS 2.1.7 Build 1193 XML Injection
Posted Nov 12, 2018
Authored by Konstantinos Alexiou

TufinOS version 2.1.7 build 1193 suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | ccd2c04ce995ab3a02c0fb45eeb538aa
The Don 1.0.1 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

The Don version 1.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a6151d20387a2fb7f431a9064d670d29
Mongoose Web Server 6.9 Denial Of Service
Posted Nov 12, 2018
Authored by Ihsan Sencan

Mongoose Web Server version 6.9 suffers from a denial of service vulnerability.

tags | exploit, web, denial of service
MD5 | 0bfc59fbbe8fc8dce5ff5ee4bf59679b
Nominas 0.27 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

Nominas version 0.27 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 035d880db5eccd94dd115104f910b017
ServerZilla 1.0 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

ServerZilla version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7b2b67def4a643fdfd3f2c493c0fa519
GPS Tracking System 2.12 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

GPS Tracking System version 2.12 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b3d47b43dcee7925d466c114f0441523
Easyndexer 1.0 Cross Site Request Forgery
Posted Nov 12, 2018
Authored by Ihsan Sencan

Easyndexer version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 5cddd718e27c0e3419a973f5446a7e5d
Facturation System 1.0 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

Facturation System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | cc739da9b1dce4e69acec65524f7f8ed
Paroiciel 11.20 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

Paroiciel version 11.20 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2cef56992e3bde78149d1a2a712ab38b
Data Center Audit 2.6.2 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

Data Center Audit version 2.6.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 50743004a9d872e2e1324206cc8fb52a
Page 5 of 4,170
Back34567Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    1 Files
  • 18
    Nov 18th
    1 Files
  • 19
    Nov 19th
    3 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close