what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

HotExBilling Manager 73 Cross Site Scripting
Posted Apr 6, 2015
Authored by Bhadresh Patel

HotExBilling Manager version 73 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-2781
SHA-256 | f89a76503b13c1babdd6ef06c3833e86ce72585726e830aa66ce9afa10898690

Related Files

Secunia Security Advisory 49183
Posted May 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Newsletter Manager plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | cb36a950079f83af2f475c4d4271ef181153c76a6c34d8cd8acc35dc572988f3
Secunia Security Advisory 49152
Posted May 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the Newsletter Manager plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.

tags | advisory, vulnerability, xss
SHA-256 | dab4d85853f355eb400bf752e7cb6a03c798964ddc619cf1c02b76504f1f31b3
FlexNet License Server Manager 11.9.1 Stack Overflow
Posted May 13, 2012
Authored by Luigi Auriemma | Site aluigi.org

FlexNet License Server Manager versions 11.9.1 and below suffer from a stack overflow vulnerability in lmgrd. Proof of concept included.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | e1685cec49a2c9fdbef7f2df8194086852d758d0cee891a610d91b40c7e329ac
Secunia Security Advisory 49108
Posted May 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in Tivoli Access Manager for e-business, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 3b0dea3aeb974eff62c4c99fc05efec9828bb0781b24f433a4a757b0b06c0354
Solarwinds Storage Manager 5.1.0 SQL Injection
Posted May 6, 2012
Authored by muts, r@b13$, sinn3r | Site metasploit.com

This Metasploit module exploits a SQL injection found in Solarwinds Storage Manager login interface. It will send a malicious SQL query to create a JSP file under the web root directory, and then let it download and execute our malicious executable under the context of SYSTEM.

tags | exploit, web, root, sql injection
advisories | OSVDB-81634
SHA-256 | f0082fe343289cee7851fb985c1987add9c8ebcb058523260ad6c25997867acf
Solarwinds Storage Manager 5.1.0 SQL Injection
Posted May 2, 2012
Authored by muts

Solarwinds Storage Manager version 5.1.0 remote SYSTEM SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 8721ee1a12fe6d7008415fbf1a6f1b25e326924c27b9fa0e98b01fd1e473de9f
Strato Newsletter Manager Directory Traversal
Posted May 2, 2012
Authored by Zero X

Strato Newsletter Manager suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 76f188a12bf8d09a8dc736d69a4d3d4472dc396fd4320b488e73352c25ca8f9f
Secunia Security Advisory 49035
Posted May 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness, a security issue, and multiple vulnerabilities have been reported in HP Systems Insight Manager, which can be exploited by malicious, local users to potentially gain escalated privileges and by malicious people to disclose sensitive information, conduct cross-site scripting and cross-site request forgery attacks, bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability, xss, csrf
SHA-256 | f3742b125f8fd332afbfeaf88124209b769c9fc2c36ae527b3caaa155008f4bd
Nokia CP Suite Video Manager 7.1.180.64 Denial Of Service
Posted Apr 27, 2012
Authored by Senator of Pirates

Nokia CP Suite Video Manager versions 7.1.180.64 and below denial of service exploit that creates a malicious .mp4 file.

tags | exploit, denial of service
SHA-256 | daf7b2e22b9a005980356be684ac1ed2fd5a006e4717b6e3dd0743dbd43d78a3
Secunia Security Advisory 49016
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in TwonkyManager, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 4f24c1defe0b4de613e5aa742ed4953c3aa2b686dccf2f00e5a593d675734b2e
PacketVideo TwonkyServer / TwonkyMedia Directory Traversal
Posted Apr 26, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

Multiple PacketVideo products contain a directory traversal vulnerability within the web server that is running on port 9000. These products are vulnerable to the attack regardless of having configured the "Secured Server Settings" which are available on the Advanced configuration page. Susceptible products include the Twonky 7.0 Special and the TwonkyManager 3.0.

tags | advisory, web
SHA-256 | d7cc75961c0a51603edd705eddc5a0af411e1503f0174c5d5cefe48addcd4c14
Secunia Security Advisory 48953
Posted Apr 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for SUSE Manager. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
systems | linux, suse
SHA-256 | b0c8408942d275f30e267079642d97fbf210bdc1cf8f78ddc08d167596db105c
Asterisk Project Security Advisory - AST-2012-004
Posted Apr 23, 2012
Authored by Jonathan Rose | Site asterisk.org

Asterisk Project Security Advisory - A user of the Asterisk Manager Interface can bypass a security check and execute shell commands when they lack permission to do so. Under normal conditions, a user should only be able to run shell commands if that user has System class authorization. Users could bypass this restriction by using the MixMonitor application with the originate action or by using either the GetVar or Status manager actions in combination with the SHELL and EVAL functions. The patch adds checks in each affected action to verify if a user has System class authorization. If the user does not have those authorizations, Asterisk rejects the action if it detects the use of any functions or applications that run system commands.

tags | advisory, shell
SHA-256 | 98ea67fda37608ee4b744ee6c51c819b2fd3cdd1838c33bc4c08c48b26462701
Mega File Manager 1.0 File Download
Posted Apr 23, 2012
Authored by i2sec-Min Gi Jo

Mega File Manager version 1.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
SHA-256 | 82d8be8c8a197aff6162ca8c6654d71c3bbc7be6d45c8e286a8be96f62d01204
Secunia Security Advisory 48927
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Download Manager plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 21c5c47de8c72653177f65ab6af5cc82467a8b1be235930dff2d4911ca3bb43c
Secunia Security Advisory 48858
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Identity Manager Connector for Database User Management, which can be exploited by malicious users to manipulate certain data.

tags | advisory
SHA-256 | 5d4de1b8bdc2499c7b5da4f6ca7e8e1bd88337b6b5bc4484cffdd204af8ee9a3
Oracle Enterprise Manager Session Fixation
Posted Apr 19, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 10.2.0.5 and 11.1.0.7 (and previous patchsets) suffer from a session fixation vulnerability.

tags | advisory
advisories | CVE-2012-0528
SHA-256 | b23814439d636e11ed6a260aec8c598ed350de8a5024e6065430fd9b1b3534e8
Oracle Enterprise Manager prevPage HTTP Response Splitting
Posted Apr 19, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 10.2.0.5, 11.1.0.7 and 11.2.0.3 (and previous patchsets) along with Oracle Enterprise Manager Grid Control version 10.2.0.5 (and previous patchsets) suffer from an HTTP response splitting vulnerability in the prevPage parameter.

tags | advisory, web
advisories | CVE-2012-0526
SHA-256 | 8181e024c40eda634dec94eeab4606fb3db63b7568215c373cb8f48ead738da1
Oracle Enterprise Manager pageName HTTP Response Splitting
Posted Apr 19, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 10.2.0.5, 11.1.0.7, and 11.2.0.3 (and previous patchsets) along with Oracle Enterprise Manager Grid Control version 10.2.0.5 (and previous patchsets) suffer from an HTTP response splitting vulnerability in the pageName parameter.

tags | advisory, web
advisories | CVE-2012-0527
SHA-256 | 4a9392fef4e6e9384b1634a3dd07200e175b383fcc4c1b78ec8e889706f4392d
Oracle Enterprise Manager searchPage SQL Injection
Posted Apr 19, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 11.1.0.7 and 11.2.0.3 (and previous patchsets) along with Oracle Enterprise Manager Grid Control versions 10.2.0.5 and 11.1.0.1 (and previous patchsets) suffer from a remote SQL injection vulnerability in the searchPage web page.

tags | exploit, remote, web, sql injection
advisories | CVE-2012-0525
SHA-256 | 238c4c370d27fbb4af33c31d9b6b3c6a70be3e90074b5802d357dae06c3c99a4
Oracle Enterprise Manager compareWizFirstConfig SQL injection
Posted Apr 19, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 11.1.0.7 and 11.2.0.2 (and previous patchsets) along with Oracle Enterprise Manager Grid Control version 10.2.0.4 (and previous patchsets) suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2012-0512
SHA-256 | aaf728d372e18f22b5e25311a5a3f620eec0564baa23a4ceed2f9a4ee870f4c0
Secunia Security Advisory 48870
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Enterprise Manager Grid Control, which can be exploited by malicious users and malicious people to disclose potentially sensitive information and manipulate certain data.

tags | advisory, vulnerability
SHA-256 | a582ae23e10997c0d9b4daf76b0e8efb1bd46136ec1043d0fe26db13b10bf615
Secunia Security Advisory 48861
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Identity Manager, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.

tags | advisory
SHA-256 | a50837c4ca1aaebf48c86cbbecf6a448857ef1e17b53afb4ec81cd50b6406837
IBM Tivoli Provisioning Manager Express Overflow
Posted Apr 10, 2012
Authored by rgod, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability in the Isig.isigCtl.1 ActiveX installed with IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1. The vulnerability is found in the "RunAndUploadFile" method where the "OtherFields" parameter with user controlled data is used to build a "Content-Disposition" header and attach contents in a insecure way which allows to overflow a buffer in the stack.

tags | exploit, overflow, activex
advisories | CVE-2012-0198, OSVDB-79735
SHA-256 | cc74382e2035afca25b92161a9b63460e74741bb7ded9bd96d66e5da0d29eb86
Secunia Security Advisory 48776
Posted Apr 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Cloudera has acknowledged a vulnerability in Cloudera Manager, which can be exploited by malicious users to impersonate other users.

tags | advisory
SHA-256 | 606469c93bbd2fecb2b7480ae32edaf9b0aa669a8d02dcea2be0bdb04c51702f
Page 4 of 4
Back1234Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close