what you don't know can hurt you
Showing 1 - 9 of 9 RSS Feed

Files

Ektron CMS 9.10SP1 Cross Site Scripting
Posted Jun 20, 2017
Authored by Edmund Goh, Siyavash Ghasseminia

Ektron CMS version 9.10SP1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2016-6133, CVE-2016-6201
MD5 | 3902fd0794c6c9915b7128a38de21d8c

Related Files

Ektron CMS 9 Database Disclosure
Posted Apr 2, 2019
Authored by KingSkrupellos

Ektron CMS version 9 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 7091edcc8696fcbf82fd9e12557fbc44
Ektron CMS 9.20 SP2 Improper Access Restrictions
Posted Oct 10, 2018
Authored by Alt3kx

Ektron CMS version 9.20 SP2 suffers from an improper access restriction vulnerability.

tags | exploit
advisories | CVE-2018-12596
MD5 | ca4ad2f1e7feda0dfa0819e60cce4e6b
Ektron 8.5 / 8.7 / 9.0 XSLT Transform Remote Code Execution
Posted Mar 4, 2017
Authored by catatonicprime | Site metasploit.com

Ektron versions 8.5, 8.7 equal to and below sp1, and 9.0 before sp1 have vulnerabilities in various operations within the ServerControlWS.asmxweb services. These vulnerabilities allow for remote code execution without authentication and execute in the context of IIS on the remote system.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2015-0923
MD5 | b3ada4a6663d4e329938e603c267764b
Ektron CMS 9.10 SP1 Cross Site Scripting
Posted May 31, 2015
Authored by Jerold Hoong

Ektron CMS versions 9.10 SP1 build 9.1.0.184.1.102 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e32ce926956183a4821f7069cc599935
Ektron CMS 9.10 SP1 Cross Site Request Forgery
Posted May 31, 2015
Authored by Jerold Hoong

Ektron CMS versions 9.10 SP1 build 9.1.0.184.1.114 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-3624
MD5 | bdc0476b8ba9f624a4c999d3c4b9579b
Ektron CMS 8.7 Cross Site Scripting
Posted Apr 16, 2014
Authored by Joseph Zeng Xianbo

Ektron CMS version 8.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-2729
MD5 | cd75297bb41a0089c579e9b2f075afec
Ektron CMS Account Hijacking
Posted Jan 30, 2014
Authored by Mark Litchfield | Site securatary.com

This whitepaper discusses how to perform a take over of the Ektron CMS. It demonstrates how to hijack the builtin and admin accounts.

tags | exploit
MD5 | 0856fe75f96c637a28b5646229e477c2
Ektron 8.02 XSLT Transform Remote Code Execution
Posted Dec 5, 2012
Authored by unknown, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability in Ektron CMS 8.02 (before SP5). The vulnerability exists due to the insecure usage of XslCompiledTransform, using a XSLT controlled by the user. The module has been tested successfully on Ektron CMS 8.02 over Windows 2003 SP2, which allows to execute arbitrary code with NETWORK SERVICE privileges.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2012-5357
MD5 | cfc9df9eacf0965d427078f202cfc0ac
Ektron CMS 8.5.0 File Upload / XXE Injection
Posted Sep 6, 2012
Authored by Phil Taylor | Site senseofsecurity.com.au

Ektron CMS version 8.5.0 suffers from unauthenticated file upload and XXE injection vulnerabilities.

tags | exploit, vulnerability, file upload, xxe
MD5 | 96468075f98c01c987d656cd4c96072d
Page 1 of 1
Back1Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    33 Files
  • 3
    Dec 3rd
    16 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close