exploit the possibilities
Showing 1 - 25 of 76 RSS Feed

Files

WebPA 1.1.0.1 File Upload / Add Administrator
Posted Aug 24, 2012
Authored by dun

WebPA versions 1.1.0.1 and below suffers from add administrator and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, vulnerability, bypass, file upload
MD5 | 3c213bf9e0a7f33fc0e2999108c7fdc6

Related Files

pfSense 2.4.1 CSRF Error Page Clickjacking
Posted Dec 13, 2017
Authored by Yorick Koster | Site metasploit.com

This Metasploit module exploits a Clickjacking vulnerability in pfSense versions 2.4.1 and below. pfSense is a free and open source firewall and router. It was found that the pfSense WebGUI is vulnerable to Clickjacking. By tricking an authenticated admin into interacting with a specially crafted webpage it is possible for an attacker to execute arbitrary code in the WebGUI. Since the WebGUI runs as the root user, this will result in a full compromise of the pfSense instance.

tags | exploit, arbitrary, root
MD5 | 88144d72abf1d2945664621d86be2cbc
Subsonic 6.1.1 Persistent XSS
Posted Jun 3, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Remote attackers can abuse the "Subscribe to Podcast" feature of Subsonic 6.1.1 to store persistent XSS payloadsif an authenticated user clicks a malicious link or visits an attacker controlled webpage.

tags | exploit, remote, csrf
advisories | CVE-2017-9414
MD5 | 75781fa859d6d75c6a7786692df6ec8c
Subsonic 6.1.1 Server Side Request Forgery
Posted Jun 3, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Remote attackers can abuse the Podcast feature of subsonic to launch Server Side Request Forgery attacks from the subsonic server if an authenticated user clicks a malicious link or visits an attacker controlled webpage.

tags | exploit, remote, csrf
advisories | CVE-2017-9413
MD5 | a2b09d2527ad59b05aab04f9625f9618
Splunk Enterprise Multiple Version Information Disclosure
Posted Apr 1, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Attackers can siphon information from Splunk Enterprise if an authenticated Splunk user visits a malicious webpage. Some useful data gained is the currently logged in username and if remote user setting is enabled. After, the username can be use to Phish or Brute Force Splunk Enterprise login. Additional information stolen may aid in furthering attacks.

tags | exploit, remote
advisories | CVE-2017-5607
MD5 | 67dd540b44719dc4bc4d71daeee40aa4
Microsoft Internet Explorer 9 MSHTML CAttrArray Use-After-Free
Posted Nov 1, 2016
Authored by SkyLined

A specially crafted webpage can cause Microsoft Internet Explorer to reallocate a memory buffer in order to grow it in size. The original buffer will be copied to newly allocated memory and then freed. The code continues to use the freed copy of the buffer.

tags | advisory
advisories | CVE-2014-4141
MD5 | 09b2495023bdc7060e75bfd244f53410
Exagate WEBPack Management System SQL Injection / Information Disclosure
Posted Oct 7, 2016
Authored by Halil Dalabasmaz

Exagate WEBPack Management System suffers from remote SQL injection and information disclosure vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
MD5 | 8b270d56c85879ccbe22bbddd19c4826
Keeper UI Injection
Posted Aug 28, 2016
Authored by Tavis Ormandy, Google Security Research

Keeper suffers from an issue where a trusted UI is injected into an untrusted webpage.

tags | exploit
MD5 | 094f53c1f2d3b75115d565669dfaa9d0
op5 7.1.9 Remote Command Execution
Posted Apr 6, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

op5 has a cross site request forgery entry point that can be used to execute arbitrary remote commands on op5 system sent via HTTP GET requests, allowing attackers to completely takeover the affected host. To be victimized a user must be authenticated and visit a malicious webpage or click an infected link. Version 7.1.9 is affected.

tags | exploit, remote, web, arbitrary, csrf
MD5 | 3ce89091c241e1ab2d751468d413f0bd
Trend Micro Deep Discovery Inspector 3.7 / 3.8 CSRF
Posted Mar 28, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Deep Discovery versions 3.7 and 3.8 suffer from multiple cross site request forgery vectors. If an authenticated user visits a malicious webpage attackers will have ability to modify many settings of the Deep Discovery application to that of the attackers choosing.

tags | exploit, csrf
MD5 | e23ee45e653c4c95887729642781b660
Innovative WebPAC Pro 2.0 Open Redirect
Posted Mar 15, 2015
Authored by Wang Jing

Innovative WebPAC Pro version 2.0 suffers from non-validated redirects and forwards.

tags | exploit
MD5 | 69a036fab183c6f845e0dcd090f48fbc
Samsung Galaxy KNOX Android Browser Remote Code Execution
Posted Nov 18, 2014
Authored by joev, Andre Moulu | Site metasploit.com

This Metasploit module exploits a vulnerability that exists in the KNOX security component of the Samsung Galaxy firmware that allows a remote webpage to install an APK with arbitrary permissions by abusing the 'smdm://' protocol handler registered by the KNOX component. The vulnerability has been confirmed in the Samsung Galaxy S4, S5, Note 3, and Ace 4.

tags | exploit, remote, arbitrary, protocol
MD5 | 9f057a9c3dab36565bdf001f5df0f7d1
HandsomeWeb SOS Webpages 1.1.11 Backup / Hash Disclosure
Posted May 29, 2014
Authored by Freakyclown | Site portcullis-security.com

HandsomeWeb SOS Webpages versions 1.1.11 and below suffer from backup and password hash disclosure vulnerabilities.

tags | exploit, vulnerability, bypass, info disclosure
advisories | CVE-2014-3445
MD5 | fd8cd8f15a81a745ed992423fe484425
Microsoft Windows Help / Support Center DoS / Overflow
Posted Apr 7, 2014
Authored by Eduardo Braun Prado

Microsoft Windows Help and Support Center contains multiple vulnerabilities that can be exploited by attackers to run arbitrary code when a drag and drop operation is performed on a webpage, cause a buffer overrun condition, and Denial of Service (DOS). Proof of concept code included.

tags | exploit, denial of service, overflow, arbitrary, vulnerability, proof of concept
systems | windows
MD5 | f1afbabc3b40c5647ffc10552fe483e5
WebPagetest 2.7 Local File Disclosure
Posted Dec 24, 2013
Authored by TUNISIAN CYBER

WebPagetest version 2.7 suffers from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | a11536cf040315778b31bad6d106a6c0
Bluelog Bluetooth Scanner/Logger 1.1.2
Posted Nov 4, 2013
Authored by Tom Nardi | Site digifail.com

Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.

Changes: This minor release primarily dealt with visual and functional improvements to Bluelog Live mode. Bluelog Live now has a new default theme, as well as a novelty theme for fun, and there is improved support for more complex themes. README.LIVE was updated with more information. There was also documentation improvement and pruning across the board, a new target for the Pwnie Express Pwn Pad, and a fix for a critical bug with the obfuscate (-x) function.
tags | tool, web, wireless
systems | unix
MD5 | 614d0fe65bae68acff1d33d9f86e4805
SIEMENS Solid Edge ST4 WebPartHelper Command Execution
Posted May 27, 2013
Authored by rgod | Site retrogod.altervista.org

SIEMENS Solid Edge ST4 WebPartHelper active-x control RFMSsvs!JShellExecuteEx suffers from a remote command execution vulnerability. Proof of concept included.

tags | exploit, remote, activex, proof of concept
systems | linux
MD5 | bdd9cbfc1d8fd0e77ab4e70228ce55c6
ERS Viewer 2011 ERS File Handling Buffer Overflow
Posted May 7, 2013
Authored by Parvez Anwar, juan vazquez | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability found in ERS Viewer 2011 (version 11.04). The vulnerability exists in the module ermapper_u.dll where the function ERM_convert_to_correct_webpath handles user provided data in an insecure way. It results in arbitrary code execution under the context of the user viewing a specially crafted .ers file. This Metasploit module has been tested successfully with ERS Viewer 2011 (version 11.04) on Windows XP SP3 and Windows 7 SP1.

tags | exploit, overflow, arbitrary, code execution
systems | windows, xp, 7
advisories | CVE-2013-0726, OSVDB-92694
MD5 | ce4d2a58b86067ed152bb01baa094029
Bluelog Bluetooth Scanner/Logger 1.1.1
Posted Apr 1, 2013
Authored by Tom Nardi | Site digifail.com

Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.

Changes: This release features improved memory management, the ability to log device manufacturers to a file, and the option to encode detected MAC addresses with CRC32.
tags | tool, web, wireless
systems | unix
MD5 | 5a8bb5f397f9bbc224d1d37bf5a8ab6b
Bluelog Bluetooth Scanner/Logger 1.1.0
Posted Dec 29, 2012
Authored by Tom Nardi | Site digifail.com

Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.

Changes: This is a stable release intended for general use. It adds many internal improvements, cleanups, and bugfixes, and is a suggested upgrade for all users.
tags | tool, web, wireless
systems | unix
MD5 | a5327d64731cd45debb57ab1edbe6e43
WebPageTest Arbitrary PHP File Upload
Posted Aug 1, 2012
Authored by dun, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in WebPageTest's Upload Feature. By default, the resultimage.php file does not verify the user-supplied item before saving it to disk, and then places this item in the web directory accessable by remote users. This flaw can be abused to gain remote code execution.

tags | exploit, remote, web, php, code execution
advisories | OSVDB-83822
MD5 | c1b226b0a2afb2c37bcc29968221e367
Secunia Security Advisory 49899
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in WebPagetest, which can be exploited by malicious people to disclose potentially sensitive and system information and compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | de5345a1ce07a2e6d9e983f7a031b218
WebPageTest 2.6 Shell Upload / File Disclosure / File Deletion
Posted Jul 13, 2012
Authored by dun

WebPageTest versions 2.6 and below suffer from local file inclusion, shell upload, file disclosure, and file deletion vulnerabilities.

tags | exploit, shell, local, vulnerability, file inclusion
MD5 | 6fe7fd922ccfc07bdf20f4269f11c32e
Bluelog Bluetooth Scanner/Logger 1.0.4
Posted Jun 20, 2012
Authored by Tom Nardi | Site digifail.com

Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.

Changes: This large update features many internal improvements and a completely new Bluelog Live CGI module. Performance on OpenWRT and the Pwnie Express Pwn Plug was improved.
tags | tool, web, wireless
systems | unix
MD5 | 2791fbb0333b0b414a4d2230c1e9e8e6
Bluelog Bluetooth Scanner/Logger 1.0.3
Posted May 15, 2012
Authored by Tom Nardi | Site digifail.com

Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.

Changes: This release focuses on improving support for non-PC targets, including initial support for the Pwnie Express Pwn Plug. Other improvements include syslog-only mode and timestamped log filenames.
tags | tool, web, wireless
systems | unix
MD5 | cbbb5a7d04ac7160f3f7389e05cd4257
Promise WebPAM 2.2.0.13 Cross Site Scripting / SQL Injection
Posted Mar 8, 2012
Authored by LiquidWorm | Site zeroscience.mk

Promise WebPAM version 2.2.0.13 suffers from cross site scripting, header injection, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | a3ac27fcd21bbdfcf93b8d4b22c9f913
Page 1 of 4
Back1234Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close