exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

HotExBilling Manager 73 Cross Site Scripting
Posted Apr 6, 2015
Authored by Bhadresh Patel

HotExBilling Manager version 73 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-2781
SHA-256 | f89a76503b13c1babdd6ef06c3833e86ce72585726e830aa66ce9afa10898690

Related Files

Secunia Security Advisory 49673
Posted Jun 22, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Hitachi Replication Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 5b1e9e7a3e8f89bb1a48dce07921d6e18037fb6be9209eaa64da41f92d9b9d72
Zero Day Initiative Advisory 12-100
Posted Jun 22, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-100 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Performance Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PMParamHandler component of Performance Manager, which is served via an Apache Tomcat instance that listens on TCP port 8081. The process receives a filename from a remote user and performs insufficient validation of the provided file path. Additionally, the user can specify an arbitrary extension due to premature truncation resulting from an embedded null byte. Remote unauthenticated attackers can exploit this vulnerability by sending malformed message packets to the target, which could lead to a directory traversing arbitrary file write and ultimately remote code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution
advisories | CVE-2012-0127
SHA-256 | 62fba378efa118194bf75380e1caf3bdbb3a81ca43f314376ca1627030337be8
IBM System Storage DS Storage Manager Profiler 4.8.6 XSS / SQL Injection
Posted Jun 21, 2012
Authored by LiquidWorm | Site zeroscience.mk

IBM System Storage DS Storage Manager Profiler version 4.8.6 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2012-2171, CVE-2012-2172
SHA-256 | daded698ab318a61deb05c7a6825d61635889c2fcdb4f55030bad5d05a6487ba
e107 Filemanager 1.0 Shell Upload
Posted Jun 19, 2012
Authored by Sammy FORGIT

e107 Filemanager plugin version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 1d93b23a1ed5130b4f2f0502a0ad4874fa5922b73334e7298c15b985733e50fe
Pro Clan Manager 0.4.2 Administrative Bypass / Shell Upload
Posted Jun 19, 2012
Authored by indoushka

Pro Clan Manager version 0.4.2 suffer from administrative bypass and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, bypass
SHA-256 | 91de8e3281c1f4f38ec58022b3f86bbd3170212247a3c4bcacc892b75a42aa35
WordPress Custom Content Type Manager 0.9.5.13-pl Shell Upload
Posted Jun 12, 2012
Authored by Adrien Thierry

WordPress Custom Content Type Manager version 0.9.5.13-pl suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | c9c30a46a658c4219ab65c3b457e3ed08a7b4869affd4a5832b2d6870f5ffc77
Secunia Security Advisory 49428
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Front File Manager plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 954e8ca279ea258a073c36d368592a4a4a45bf4147977cc1fd4deeed4342d44e
XoopsCube Shell Upload
Posted Jun 10, 2012
Authored by KedAns-Dz

The XoopsCube FileManager module suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | a9ac7d70fc41409ef34e23c595566b5d39812245a10314c96b4d2144cbe481ef
WordPress Front File Manager 0.1 Shell Upload
Posted Jun 8, 2012
Authored by Adrien Thierry

WordPress Front File Manager plugin version 0.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 25ed8e8b43835ced0555faedf7e4cdf42064f48711671212c46a0e026accc68f
Secunia Security Advisory 49378
Posted Jun 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Asset Manager plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | cca983faa230f44eadf44d284ddbefcb59786b1aa9755baebf736264628606b6
Secunia Security Advisory 49390
Posted Jun 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the HTML5 AV Manager plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | ecf1c5c0657a9b46b8429d3a279406119859e4347fcf6da7e51afae1af5d46ea
WordPress Asset Manager 0.2 Shell Upload
Posted Jun 5, 2012
Authored by Sammy FORGIT

WordPress Asset Manager plugin version 0.2 suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 67a7d27c6dac545194eab72a353dd9e95748a06bceda5d6f4781312dc0a3e606
WordPress HTML5 AV Manager 0.2.7 Shell Upload
Posted Jun 5, 2012
Authored by Sammy FORGIT

WordPress HTML5 AV Manager plugin version 0.2.7 suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 23c3388233d137348fb26746b77193f92136d9af9171e7dfa0a7fd56faebe515
Red Hat Security Advisory 2012-0705-01
Posted Jun 5, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0705-01 - OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer overflow flaw, leading to a buffer overflow, was found in the way OpenOffice.org processed an invalid Escher graphics records length in Microsoft Office PowerPoint documents. An attacker could provide a specially-crafted Microsoft Office PowerPoint document that, when opened, would cause OpenOffice.org to crash or, potentially, execute arbitrary code with the privileges of the user running OpenOffice.org.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-1149, CVE-2012-2334
SHA-256 | 6a657f9b42a90e909284ccc79fb9187564b90245173cbab2a1f6851f0a6a3370
Ubuntu Security Notice USN-1443-2
Posted Jun 5, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1443-2 - USN-1443-1 fixed vulnerabilities in Update Manager. The fix for CVE-2012-0949 was discovered to be incomplete. This update fixes the problem. Felix Geyer discovered that the Update Manager Apport hook incorrectly uploaded certain system state archive files to Launchpad when reporting bugs. This could possibly result in repository credentials being included in public bug reports. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-0949, CVE-2012-0950
SHA-256 | ca40d4ffaa1111eb7d818c773ab0a8c8febe32747e3c27eb46c7448579d6d480
Log1 CMS writeInfo() PHP Code Injection
Posted Jun 3, 2012
Authored by EgiX, sinn3r, Adel SBM | Site metasploit.com

This Metasploit module exploits the "Ajax File and Image Manager" component that can be found in log1 CMS. In function.base.php of this component, the 'data' parameter in writeInfo() allows any malicious user to have direct control of writing data to file data.php, which results in arbitrary remote code execution.

tags | exploit, remote, arbitrary, php, code execution
advisories | CVE-2011-4825, OSVDB-76928
SHA-256 | 5f8de96e6ea32234373a0a7a5100ed196a91a7eb2302465bc03aeaa9b7bfff70
Cisco Template Manager 0.3.3
Posted Jun 1, 2012
Authored by Pavol Krigler | Site gelogic.net

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.

Changes: This release fixes parsing of globalcfg, adds parser support for "service instance", and adds ctm-check-templates.sh for checking template syntax and directory structure.
tags | tool
systems | cisco, unix
SHA-256 | 152edb03763ee98c76d695b73551a72cc662ccb33ba6124b6696182893053f2e
Wireless Manager Sony VAIO 4.0.0.0 Buffer Overflows
Posted May 30, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Wireless Manager Sony VAIO version 4.0.0.0 suffers from multiple buffer overflow vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2012-0985
SHA-256 | ae9b322b87e7af2d73ce645f54f6fb7a7ad6ae0e9c2080775aa0d7a7356dec21
FlexNet License Server Manager lmgrd Buffer Overflow
Posted May 22, 2012
Authored by Luigi Auriemma, sinn3r, Alexander Gavrun, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability in the FlexNet License Server Manager. The vulnerability is due to the insecure usage of memcpy in the lmgrd service when handling network packets, which results in a stack buffer overflow. In order to improve reliability, this module will make lots of connections to lmgrd during each attempt to maximize its success.

tags | exploit, overflow
advisories | OSVDB-81899
SHA-256 | 2d6d029945aaecc2ac0003cb91c1250f912d627ce695077b2bfbd1919c57f669
Debian Security Advisory 2477-1
Posted May 22, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2477-1 - Several vulnerabilities have been discovered in Sympa, a mailing list manager, that allow to skip the scenario-based authorization mechanisms. This vulnerability allows to display the archives management page, and download and delete the list archives by unauthorized users.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-2352
SHA-256 | 37cb6256cfe6274a5cb1a1b9b1e0069e644afac7767a82dbb30bc47bf7edabab
Secunia Security Advisory 49230
Posted May 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for update-manager. This fixes two security issues, which can potentially be exploited by malicious, local users and malicious people to disclose sensitive information.

tags | advisory, local
systems | linux, ubuntu
SHA-256 | 25b9eece6a598fb44405f30b4a9e9c6a2175e2e083f6d7fec2a7697de75460b6
Ubuntu Security Notice USN-1443-1
Posted May 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1443-1 - It was discovered that Update Manager created system state archive files with incorrect permissions when upgrading releases. A local user could possibly use this to read repository credentials. Felix Geyer discovered that the Update Manager Apport hook incorrectly uploaded certain system state archive files to Launchpad when reporting bugs. This could possibly result in repository credentials being included in public bug reports. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2012-0948, CVE-2012-0949, CVE-2012-0948, CVE-2012-0949
SHA-256 | 6404506a03e0bd2370106f34332c5a744490330dc284ffba95740f7fd563f31a
WordPress Download Manager 2.2.2 Cross Site Scripting
Posted May 15, 2012
Authored by Heine Pedersen, Torben Jensen

WordPress Download Manager plugin version 2.2.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6a8c7f4f0b0844b8f018c2725f03b854edac1e6373b0344d67832b20fe66fb05
WordPress LeagueManager 3.7 Cross Site Scripting
Posted May 15, 2012
Authored by Heine Pedersen, Torben Jensen

WordPress LeagueManager plugin version 3.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 500da4cc244d94d2ab7465b7d22166fe2c868ad58c49c7f5e79d4c96f685294f
WordPress Newsletter Manager 1.0 Cross Site Scripting
Posted May 15, 2012
Authored by Heine Pedersen, Torben Jensen

WordPress Newsletter Manager plugin version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9855db18c9a78538cc3203998f35830239811992a9331a4d779811dcf84dde3e
Page 3 of 4
Back1234Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close