what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 25 of 100

Files

JSPMySQL Administrador 1 Cross Site Request Forgery / Cross Site Scripting

Posted Sep 6, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

JSPMySQL Administrador version 1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection, add administrator, csrf

advisories | CVE-2015-6944, CVE-2015-6945

SHA-256 | 4b98d4efa8a0641fc2b2ad81640cba5efe37dfc82afa6edbaf9506d3e7b1b8c5

Download | Favorite | View

Related Files

AsureForce Time 12.0 Open Redirection

Posted Feb 25, 2019

Authored by KingSkrupellos

AsureForce Time version 12.0 suffers from an open redirection vulnerability.

tags | exploit

SHA-256 | 630073fef517c8caf5522862490cf42b38ed524cf9504938d77d9b6afb5f1767

Download | Favorite | View

AddressSanitizer (ASan) SUID Executable Privilege Escalation

Posted Jan 23, 2019

Authored by Brendan Coles, infodox, Szabolcs Nagy | Site metasploit.com

This Metasploit module attempts to gain root privileges on Linux systems using setuid executables compiled with AddressSanitizer (ASan). ASan configuration related environment variables are permitted when executing setuid executables built with libasan. The log_path option can be set using the ASAN_OPTIONS environment variable, allowing clobbering of arbitrary files, with the privileges of the setuid user. This module uploads a shared object and sprays symlinks to overwrite /etc/ld.so.preload in order to create a setuid root shell.

tags | exploit, arbitrary, shell, root

systems | linux

SHA-256 | 0e6f740ce9bc200d846f84b085e1b15b388b872a85100b6499f36331dcd60d30

Download | Favorite | View

Amazon S3 Open Redirect

Posted Mar 30, 2017

Authored by Ghostman

Amazon S3 suffers from an open redirection vulnerability.

tags | exploit

SHA-256 | cc5afbb9a4b12138b7c5db47bdc0b8bb94e014dae51869e09b079aaf22a799b5

Download | Favorite | View

CF Image Host 1.6.6 Cross Site Scripting

Posted Nov 16, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

CF Image Host version 1.6.6 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

SHA-256 | 5aebca1b9f045bc969d039b5496d6960cda4b824e2248290684f290c24ab8154

Download | Favorite | View

CF Image Host 1.6.6 Command Injection

Posted Nov 16, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

CF Image Host version 1.6.6 suffers from a remote command injection vulnerability.

tags | exploit, remote

SHA-256 | 3bdd452cf772fc135e145528adbae009a496b93c527c63ea2a8b533c396898cc

Download | Favorite | View

CF Image Host 1.6.6 Cross Site Request Forgery

Posted Nov 16, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

CF Image Host version 1.6.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | 3ae3bf2225e27dc0567a1770d302662b64ef0e7cbedf10d0c07be86aa05f8bd1

Download | Favorite | View

b374k 3.2.3 2.8 CSRF / Command Injection

Posted Nov 13, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

b374k web shell versions 2.8 and 3.2.3 suffer from a cross site request forgery vulnerability that allows for remote command injection.

tags | exploit, remote, web, shell, csrf

SHA-256 | 7a3f5f494c2b27e756fd6b73c4b14796921e7612b045ce5d5b218e90626c8178

Download | Favorite | View

Microsoft .NET Framework XSS / Privilege Escalation

Posted Nov 11, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft .NET Framework suffers from cross site scripting and elevation of privilege vulnerabilities.

tags | advisory, vulnerability, xss

advisories | CVE-2015-6099

SHA-256 | 67e140fbcdfd0cfa86769915aa1660f8416cb51af113ed025468412f12623927

Download | Favorite | View

NXFilter 3.0.3 Cross Site Scripting

Posted Nov 9, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

NXFilter version 3.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 25d37f8adf5afa9c7c98764fff4c727777d4b671efb6c7a9a03dd0ec08335501

Download | Favorite | View

NXFilter 3.0.3 Cross Site Request Forgery

Posted Nov 9, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

NXFilter version 3.0.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | 7bc6dd411cd4472cf1c1681c9e4ae97ab9d2970ba375615bec05bd0f544a3f2d

Download | Favorite | View

Spetnik TCPing Utility 2.1.0 Buffer Overflow

Posted Nov 2, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

If TCPing is called with an specially crafted CL argument it will cause an exception and overwrite the pointers to next SEH record and SEH handler with our buffer and malicious shellcode. Spetnik TCPing version 2.1.0 is affected.

tags | exploit, tcp, shellcode

SHA-256 | f06cc5b1273a53dd542910fc1defe06e91902dd50c024cd10a345a30dfa1bc90

Download | Favorite | View

PHP Server Monitor 3.1.1 Privilege Escalation

Posted Oct 30, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

PHP Server Monitor version 3.1.1 suffers from a privilege escalation vulnerability.

tags | exploit, php

SHA-256 | aafa69a15ff0e3770a96c5012d8cb850bdb3fda9ba48a991cb0678d1cb2b0ff6

Download | Favorite | View

PHP Server Monitor 3.1.1 Cross Site Request Forgery

Posted Oct 30, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

PHP Server Monitor version 3.1.1 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf

SHA-256 | c6dd900ebf2986cd3b5ad60ba13c81ef576d594f7507b637176981a3472236fa

Download | Favorite | View

Blat 2.7.6 Buffer Overflow

Posted Oct 14, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Blat version 2.7.6 suffers from a stack buffer overflow vulnerability.

tags | exploit, overflow

SHA-256 | 21911e93027d280e190872f956f0eb12482a0f9573adbf3e42f6c5e7e8327a60

Download | Favorite | View

AdobeWorkgroupHelper.exe 2.8.3.3 Buffer Overflow

Posted Oct 12, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

If AdobeWorkgroupHelper.exe is called with an overly long command line argument it is vulnerable to a stack based buffer overflow exploit. Version 2.8.3.3 is affected.

tags | exploit, overflow

SHA-256 | ef450a73a8d6362812ddab4a5aa611d7e0c3cdb0cf7886a183004492328ce245

Download | Favorite | View

Zope Management Interface 4.3.7 Cross Site Request Forgery

Posted Oct 7, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Zope Management Interface version 4.3.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2015-7293

SHA-256 | 4a44c59001f1f7565864d480e019a3a4fd024ae8fa91414db943f1b82c6bccf1

Download | Favorite | View

LanWhoIs.exe 1.0.1.120 Buffer Overflow

Posted Oct 7, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

LanWhoIs.exe version 1.0.1.120 suffers from a buffer overflow vulnerability.

tags | exploit, overflow

SHA-256 | 7574eb8ce3b4e579f9b7bdfda42d4551f13c05418bf0b8426310d33e3bde8949

Download | Favorite | View

LanSpy 2.0.0.155 Buffer Overflow

Posted Oct 6, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

LanSpy version 2.0.0.155 suffers from a buffer overflow vulnerability.

tags | exploit, overflow

SHA-256 | 2e17ea86e3b7e6207891ab7629ef137a4bc24466fafb4299bf5316035b1c6609

Download | Favorite | View

FTGate 2009 SR3 Cross Site Scripting

Posted Oct 2, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

FTGate 2009 SR3 May 13 2010 Build 6.4.000 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

SHA-256 | 99a355c0ad599328abceaf0fae609ea435adbf8015e3bff1bf74e184f3f138db

Download | Favorite | View

FTGate 7 Cross Site Request Forgery

Posted Oct 2, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

FTGate version 7 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf

SHA-256 | fd79666db0bf16b4789a4b47b07c05cca8adffccf0476cac004649e4884f28ce

Download | Favorite | View

FTGate 2009 SR3 Denial Of Service

Posted Oct 2, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

FTGate 2009 SR3 May 13 2010 Build 6.4.000 suffers from multiple denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability

SHA-256 | e6e80901955db70c66f85b1993add77b2f95a830c53fd9a14093f98da5087ebe

Download | Favorite | View

FTGate 2009 SR3 Cross Site Request Forgery

Posted Oct 2, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

FTGate 2009 SR3 May 13 2010 Build 6.4.00 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf

SHA-256 | 6e925b84a783858a7d7e6b12219a361993b2ff36e6cac576b107f6ef30aea172

Download | Favorite | View

MakeSFX.exe 1.44 Stack Buffer Overflow

Posted Oct 1, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

MakeSFX.exe version 1.44 suffers from stack-based buffer overflow vulnerability.

tags | exploit, overflow

SHA-256 | f489b59bc2b43a739615a86a6ca5f4d1753468a1e8f19242aaa24ff346527e0b

Download | Favorite | View

Git 1.9.5 Buffer Overflow

Posted Sep 26, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

ssh-agent.exe in Git version 1.9.5 suffers from a buffer overflow vulnerability.

tags | exploit, overflow

SHA-256 | ce634473f825d0f57046db4dc9958352e6697eedb52ff14a9efa1297a55a6652

Download | Favorite | View

FortiManager 5.2.2 Cross Site Scripting

Posted Sep 25, 2015

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

FortiManager version 5.2.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

advisories | CVE-2015-8037, CVE-2015-8038

SHA-256 | b71a9650569b9edc2d13b4e02474212f0456beb9b05798f1f01f8a68e014b2b7

Download | Favorite | View