exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

FTP Rush 2.1.8 X.509 Validation
Posted May 21, 2014
Authored by Micha Borrmann | Site syss.de

FTP Rush version 2.1.8 fails to validate X.509 certificates.

tags | advisory
SHA-256 | 08db1ca6e7f0ad3753320343d94123a3e0682c3ebd85684834dbf71b50e8349d

Related Files

Page2Flip 2.5 Denial Of Service
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten | Site syss.de

Page2Flip version 2.5 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | d605475e023fd099f6ae5991a6c9dc8b5175e3d6115f0f5e24bdef720b8b65c0
Netop Remote Control 11.52 / 12.11 Credential Issue
Posted Aug 25, 2015
Authored by Matthias Deeg | Site syss.de

Netop Remote Control versions 11.52 and 12.11 suffer from hard-coded cryptographic key and insufficiently protected credential issues.

tags | exploit, remote
SHA-256 | bd92784b38a1c301a6674b12b72e327934aa4b895b78f8ea87bbefcaaebfb4a3
OpenText Secure MFT 2014 R2 SP4 Cross Site Scripting
Posted Aug 18, 2015
Authored by Dr. Adrian Vollmer, Alexander Strassheim | Site syss.de

OpenText Secure MFT version 2014 R2 SP4 and some prior versions suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0ca2f8ce2ac1e8fd0292e44455cd17e0bc3afed80f5f026aa383e3aa9639351c
Novell GroupWise 2014 Cross Site Scripting
Posted Jul 17, 2015
Authored by Dr. Adrian Vollmer | Site syss.de

Novell GroupWise 2014 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4c4c6296fd8b81448615d8372109d7607ccf6820ff46fc08d334d2f7a8f513c2
sysPass 1.0.9 SQL Injection
Posted Jul 14, 2015
Authored by Daniele Salaris | Site syss.de

sysPass versions 1.0.9 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6b3b7dbe62538e63e5bf0114ba91c34d647ba966aa039a58a9ad1fad1a067add
ZENWorks Mobile Management 3.1.0 Cross Site Scripting
Posted Jun 12, 2015
Authored by Ludwig Stage | Site syss.de

ZENWorks Mobile Management version 3.1.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 4bbde26ce7965cf1887a851e3e9618d8219aa196922007ddf099b40bc39424d9
BullGuard Antivirus 15.0.297 Authentication Bypass
Posted May 7, 2015
Authored by Matthias Deeg | Site syss.de

BullGuard Antivirus version 15.0.297 suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | 5112dee77c43095b3a49dcb2330e479154fb9f8936b7496f27a233d75f4262a3
BullGuard Premium Protection 15.0.297 Authentication Bypass
Posted May 7, 2015
Authored by Matthias Deeg | Site syss.de

BullGuard Premium Protection version 15.0.297 suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | e518b0247ad14e6664301878be74b7d5aa34d98c7e9b836f279738abe34a4d3b
BullGuard Internet Security 15.0.297 Authentication Bypass
Posted May 7, 2015
Authored by Matthias Deeg | Site syss.de

BullGuard Internet Security version 15.0.297 suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | 624206bd9c6a51e8ad271d67e4899a42171ca6df98a67470b32466dea534dd22
FrontRange DSM 7.2.1.2020 / 7.2.2.2331 Insecure Storage
Posted Apr 30, 2015
Authored by Matthias Deeg | Site syss.de

The client management solution FrontRange Desktop and Server Management (DSM) stores and uses sensitive user credentials for required user accounts in an insecure manner which enables an attacker or malware with file system access to a managed client, for example with the privileges of a limited Windows domain user account, to recover the cleartext passwords. The recovered passwords can be used for privilege escalation attacks and for gaining unauthorized access to other client and/or server systems within the corporate network as at least one FrontRange DSM user account needs local administrative privileges on managed systems. Versions 7.2.1.2020 and 7.2.2.2331 are affected.

tags | advisory, local
systems | windows
SHA-256 | 6dceda4b06fd7f28ead2853794061c22f60742ebcc1960711543fd9e45abc6aa
Panda Gold Protection 2015 15.1.0 Authentication Bypass
Posted Apr 15, 2015
Authored by Matthias Deeg | Site syss.de

Panda Gold Protection 2015 version 15.1.0 suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | 8279b24bbe87319af019d92f5fa713ba33bc5b2f819599f5d4bde53a1a8c3d70
Panda Global Protection 2015 15.1.0 Authentication Bypass
Posted Apr 15, 2015
Authored by Matthias Deeg | Site syss.de

Panda Global Protection 2015 version 15.1.0 suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | b0ce784ce3941c3e2211727da49529f55f628d6bc53a8a07e077f4926fefc997
Panda Antivirus Pro 2015 15.1.0 Authentication Bypass
Posted Apr 15, 2015
Authored by Matthias Deeg | Site syss.de

Panda Antivirus Pro 2015 version 15.1.0 suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | 78e5eb24225a62312d8ad8f761249bc6322d0fa2d403267061a8cea8d3736af3
Panda Internet Security 2015 15.0.1 Authentication Bypass
Posted Apr 15, 2015
Authored by Matthias Deeg | Site syss.de

Panda Internet Security 2015 version 15.0.1 suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | 07f2adae46a6c1ae746b474e2de638331124c2f7f405eef6cd9b27bda87dcdff
CrushFTP 7.2.0 Cross Site Request Forgery / Cross Site Scripting
Posted Feb 18, 2015
Authored by Rehan Ahmed

CrushFTP version 7.2.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 4bb993b2b20fd12f0eb42e87af375dd1fd75bb61d47f7f5e88e9fb9dadf58213
FancyFon FAMOC 3.16.5 Cross Site Scripting
Posted Jan 27, 2015
Authored by Matthias Deeg | Site syss.de

FancyFon FAMOC version 3.16.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | efa9652e44569c33fc4fee812a69f383c8001fe4f217c3d71994dbc05b3b72c3
FancyFon FAMOC 3.16.5 SQL Injection
Posted Jan 27, 2015
Authored by Matthias Deeg, Sebastian Nerz | Site syss.de

FancyFon FAMOC version 3.16.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3a671192f0facf33bd6129a2886a8ff9396192343746c6b576a400840ee63a00
FancyFon FAMOC 3.16.5 Session Fixation
Posted Jan 27, 2015
Authored by Matthias Deeg | Site syss.de

FancyFon FAMOC version 3.16.5 suffers from a session fixation vulnerability.

tags | exploit
SHA-256 | d9ed306cd69939777d43977859a23d2b0d269c3652c90899c8652bcdeb2459ce
FancyFon FAMOC 3.16.5 Missing Salt
Posted Jan 27, 2015
Authored by Matthias Deeg | Site syss.de

FancyFon FAMOC version 3.16.5 fails to mint one-way hashes without use of a salt.

tags | exploit
SHA-256 | b1d0a56de5c177ff2044a5a97d03ce257e2444febf937112e175e2fe8e4765a8
McAfee EEFF / FRP Predictable Salt
Posted Oct 31, 2014
Authored by Matthias Deeg | Site syss.de

The software encryption tool McAfee Endpoint Encryption for Removable Media (EERM) which is part of the data protection software McAfee Endpoint Encryption for Files and Folders (EEFF) uses a static and thus predictable salt for generating password hashes using the password-based key derivation function 2 (PBKDF2). Due to the use of a predictable, hard-coded salt, it is possible for an attacker to precompute password candidates and thus to perform more efficient dictionary attacks against the password-based authentication with the use of rainbow tables (time-memory trade-off).

tags | exploit
advisories | CVE-2014-8565
SHA-256 | 8261951c34c305270d9eea3e7893a1426d99695fcb894956108ffdb81005bff3
Cyberduck 4.4.3 (14140 Windows) X.509 Validation Failure
Posted May 6, 2014
Authored by Micha Borrmann | Site syss.de

Cyberduck version 4.4.3 (14140) for Windows fails to properly validate X.509 certificates.

tags | exploit
systems | windows
advisories | CVE-2014-2845
SHA-256 | 541b5bb49a5ff4999d477790815626466bd8ac777fd0984dec1f956c46e55a27
WinSCP 5.5.2.4130 Missing X.509 Validation
Posted Apr 16, 2014
Authored by Micha Borrmann | Site syss.de

WinSCP version 5.5.2.4130 does not checking the "Common Name" of an X.509 certificate when FTP with TLS is used.

tags | advisory
advisories | CVE-2014-2735
SHA-256 | c02e58412a1d791bba874a01d9d7de079487428a4d6386a5000a3a88f7464688
Netgear D6300B Command Injection / Misconfiguration
Posted Feb 5, 2014
Authored by Daniel Sauder, Pascal Uter | Site syss.de

Netgear D6300B routers suffer from remote command injection, root shell spawning, UPnP issues, credentials being submitted in the clear, and additional vulnerabilities.

tags | exploit, remote, shell, root, vulnerability
SHA-256 | 896c086babecbfe246ba805c87d9f85d74b7f8d36859c8eca2c8d15b625be9c7
Drupal Drush Debian Packaging 7.x Information Disclosure
Posted Feb 1, 2013
Authored by jiri-catalyst | Site drupal.org

Drupal Drush Debian Packaging third party module version 7.x suffers from an information disclosure vulnerability.

tags | advisory, info disclosure
systems | linux, debian
SHA-256 | 1015e0e169a63db65a92dde56297d650742c8bc7274ed4640cf9b4f20cd7af6e
Adobe Photoshop Elements 8.0 Code Execution
Posted Oct 1, 2011
Authored by LiquidWorm | Site zeroscience.mk

Adobe Photoshop Elements 8 suffers from a buffer overflow vulnerability when dealing with .ABR (brushes) and .GRD (gradients) format files. The application fails to sanitize the user input resulting in a memory corruption, overwriting several memory registers which can aid the attacker to gain the power of executing arbitrary code on the affected system or denial of service scenario.

tags | exploit, denial of service, overflow, arbitrary
systems | linux
advisories | CVE-2011-2443
SHA-256 | de231a932c681e757853f9b30b26ba630e5371c0793ff22cac8c46c88a5791d2
Page 3 of 4
Back1234Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close