exploit the possibilities
Showing 1 - 25 of 100 RSS Feed

Files

Joomla Vik Booking 1.7 SQL Injection
Posted Feb 12, 2017
Authored by Mojtaba MobhaM

Joomla Vik Booking component version 1.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1e77ce1e146e9a6915f99ca1ef1eafc7

Related Files

Adobe Flash Player 11.3 Font Parsing Code Execution
Posted Aug 17, 2012
Authored by sinn3r, Alexander Gavrun, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in the ActiveX component of Adobe Flash Player before 11.3.300.271. By supplying a corrupt Font file used by the SWF, it is possible to gain arbitrary remote code execution under the context of the user, as exploited in the wild.

tags | exploit, remote, arbitrary, code execution, activex
advisories | CVE-2012-1535, OSVDB-84607
MD5 | e01299565c3420ecbac1bfe81c71d308
Zero Day Initiative Advisory 12-140
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-140 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of McAfee SmartFilter Administration Server. Authentication is not required to exploit this vulnerability. The flaw exists within the Remote Method Invocation (RMI) component which is exposed by SFAdminSrv.exe process. This process exposes various RMI services to TCP ports 4444 (JBoss RMI HTTPInvoker), 1098 (rmiactivation), 1099 (rmiregistry). Requests to these services are not authenticated and can be used to instantiate arbitrary classes or to upload and execute arbitrary archives. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
MD5 | 54b41e33386896c2d429ebe8d1467a65
Zero Day Initiative Advisory 12-139
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-139 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. Authentication is not required to exploit this vulnerability. The flaw exists within the ebus-3-3-2-7.dll component which is used by the crystalras.exe service. This process listens on a random TCP port. When unmarshalling GIOP ORB encapsulated data the process invokes a memcpy constrained by a user controlled value. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
MD5 | 829b1268160ead9e810d221fce939e2b
Joomla Fireboard SQL Injection
Posted Aug 9, 2012
Authored by Nafsh | Site vulnerability-lab.com

The Joomla Fireboard component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 07e936fcf56842ea27e0e0c11eeaa59e
Secunia Security Advisory 50220
Posted Aug 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the En Masse component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 8f54c913af46c1354ff7b6e880f60650
Ubisoft uplay 2.0.3 Active X Control Arbitrary Code Execution
Posted Aug 7, 2012
Authored by Tavis Ormandy, Richard Hicks, phillips321, Ben Campbell | Site metasploit.com

The uplay ActiveX component allows an attacker to execute any command line action. User must sign in, unless auto-sign in is enabled and uplay is not already running. Due to the way the malicious executable is served (WebDAV), the module must be run on port 80, so please ensure you have proper privileges. Ubisoft released patch 2.04 as of Mon 20th July.

tags | exploit, activex
advisories | OSVDB-84402
MD5 | d11a8dbcc1ac1eb4891e9236623d06ea
Joomla Enmasse SQL Injection
Posted Aug 7, 2012
Authored by Daniel Barragan

Joomla Enmasse component remote SQL injection exploit.

tags | exploit, remote, sql injection
MD5 | d40266b095a569c7ae98ef4b954ac54d
Secunia Security Advisory 50181
Posted Aug 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the En Masse component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 7e692c01d073a24979e109f94d664972
Joomla Photo SQL Injection
Posted Aug 6, 2012
Authored by Chokri Ben Achor | Site vulnerability-lab.com

The Joomla Photo component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6100144f767564776562cd7eea70e761
Debian Security Advisory 2524-1
Posted Aug 6, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2524-1 - Two denial of service vulnerabilities have been discovered in the server component of OpenTTD, a free reimplementation of Transport Tycoon Deluxe.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2012-0049, CVE-2012-3436
MD5 | 423f3664cc2747b3279e2236615bbbc1
Debian Security Advisory 2523-1
Posted Aug 6, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2523-1 - It was discovered that the GridFTP component from the Globus Toolkit, a toolkit used for building Grid systems and applications performed insufficient validation of a name lookup, which could lead to privilege escalation.

tags | advisory
systems | linux, debian
advisories | CVE-2012-3292
MD5 | 25b65d162abb514141c1ba7195d4d1f5
Joomla Package SQL Injection
Posted Aug 6, 2012
Authored by Chokri Ben Achor | Site vulnerability-lab.com

The Joomla Package component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 59fbf15656ba2775a6acad898f2648e5
Zero Day Initiative Advisory 12-131
Posted Aug 3, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-131 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Microsoft .NET handling of XAML Browser Applications (XBAP) graphics components. It is possible to cause an undersized allocation for a buffer which is populated with user-supplied glyph data, resulting in memory corruption which can be leveraged to remotely execute code.

tags | advisory, remote, arbitrary
advisories | CVE-2012-0162
MD5 | fa28d73142451f1eab4aa6b9a737d9ec
Secunia Security Advisory 50154
Posted Aug 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Joomgalaxy component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | f4c823d6da4cf15c3bfa0d13d0d3f47b
Mandriva Linux Security Advisory 2012-121
Posted Aug 2, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-121 - A Heap-based buffer overflow was found in the way libjpeg-turbo decompressed certain corrupt JPEG images in which the component count was erroneously set to a large value. An attacker could create a specially-crafted JPEG image that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct this issue.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-2806
MD5 | 8b4d81ef0fc31ed3e0bd518a0fc7d05a
Joomla Joomgalaxy 1.2.0.4 Shell Upload / SQL Injection
Posted Aug 2, 2012
Authored by Daniel Barragan

Joomla Joomgalaxy component version 1.2.0.4 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
MD5 | 40f1d4f8234acfc5af5618ce2c192067
Joomla Nice Ajax Poll 1.3.0 SQL Injection
Posted Aug 1, 2012
Authored by Patrick de Brouwer

Joomla Nice Ajax Poll component versions 1.3.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1cba2e8da7f50b95d9225fad44842c3e
Secunia Security Advisory 50119
Posted Aug 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the RSGallery2 component for Joomla!, which can be exploited by malicious users to conduct script insertions attacks and by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 1d9a29cfdfe8445be5d4780f3900a178
Secunia Security Advisory 50109
Posted Aug 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Movm component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 441fe0dd21ce654b25001eb3f2d72f87
Joomla Movm 1.0 SQL Injection
Posted Aug 1, 2012
Authored by Daniel Barragan

Joomla Movm component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 942f5faf69a2bb8fa9bb4a5c2ae8ae0f
Joomla Odudeprofile 2.x SQL Injection
Posted Jul 25, 2012
Authored by Daniel Barragan

Joomla Odudeprofile component version 2.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4379a540c2a15f9c2e53beaab095500b
Red Hat Security Advisory 2012-1109-01
Posted Jul 23, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1109-01 - JBoss Application Server is the base package for JBoss Enterprise Portal Platform, providing the core server components. The Java Naming and Directory Interface Java API allows Java software clients to locate objects or services in an application server. It was found that the JBoss JNDI service allowed unauthenticated, remote write access by default. The JNDI and HA-JNDI services, and the HAJNDIFactory invoker servlet were all affected. A remote attacker able to access the JNDI service, HA-JNDI service, or the HAJNDIFactory invoker servlet on a JBoss server could use this flaw to add, delete, and modify items in the JNDI tree. This could have various, application-specific impacts.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2011-4605
MD5 | fa06b75565e160f603b4610527cfa308
Joomla Hello Local File Inclusion
Posted Jul 19, 2012
Authored by Ajax Security Team

The Joomla Hello component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 1d35476239a96b72fc222d3d60b9da25
Metasploit Framework 4.4
Posted Jul 17, 2012
Authored by H D Moore | Site metasploit.com

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

Changes: 101 modules have been added. Meterpreter has been modernized. Various other improvements.
tags | tool, ruby
systems | unix
MD5 | 674b6bf22606298c98e7735b994dec25
Joomla Web Scanner 1.4
Posted Jul 16, 2012
Authored by Pepelux | Site enye-sec.org

Joomla web scanning perl script that gets the version, components and shows possible bugs.

Changes: Version 1.4 of JoomlaScan recognizes Joomla! versions 1.x, 1.5.x, 1.7.x, and 2.5.x and shows possible bugs in core and components.
tags | tool, web, scanner, perl
systems | unix
MD5 | c6cde9954f1120b9695532553128ba47
Page 1 of 4
Back1234Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close