exploit the possibilities
Showing 1 - 25 of 100 RSS Feed

Files

PG All Share Video 1.0 SQL Injection
Posted Sep 29, 2017
Authored by Ihsan Sencan

PG All Share Video version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-15969
MD5 | 0555e699e6ff3efa0de5b44eacce2989

Related Files

YT-Videos Script SQL Injection
Posted Aug 6, 2012
Authored by 3spi0n

YT-Videos Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 69bf67f0fb116cf8f65b2e283f273f5e
Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow
Posted Aug 3, 2012
Authored by Carsten Eiram, juan | Site metasploit.com

This Metasploit module exploits a vulnerability found in Cisco Linksys PlayerPT 1.0.0.15 as the installed with the web interface of Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera. The vulnerability, due to the insecure usage of sprintf in the SetSource method, when handling a specially crafted sURL argument, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page.

tags | exploit, web, overflow, code execution
systems | cisco
advisories | CVE-2012-0284
MD5 | ecab8e56ceac6dddbd1e6960e3f65b68
Secunia Security Advisory 50016
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the Simple Video Flash Player for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | c294ec6173670b473f1ed15585a9cca0
JW Player / SVFP / Poodll / RokBox Cross Site Scripting
Posted Jul 29, 2012
Authored by MustLive

Various flash players, such as JWPlayer for MODx, Simple video flash player for Joomla, Poodll for Moodle, RokBox for Joomla, and RokBox for WordPress all suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b24214fa12493f0853af80eb6dfeec32
Cisco Linksys PlayerPT ActiveX Control Buffer Overflow
Posted Jul 27, 2012
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Cisco Linksys PlayerPT 1.0.0.15 as the installed with the web interface of Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera. The vulnerability, due to the insecure usage of sprintf in the SetSource method, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page.

tags | exploit, web, overflow, code execution
systems | cisco
advisories | OSVDB-80297
MD5 | acdba609d7271195f26d8234afdc02d7
CVE-2012-1889: Security Update Analysis
Posted Jul 23, 2012
Authored by Brian Mariani, High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

Since the 30th of May 2012 hackers were abusing the Microsoft XML core services vulnerability. The 10th of July 2012 Microsoft finally published a security advisory which fixes this issue. The present document and video explains the details about this fix. As a lab test they used a Windows XP workstation with Service Pack 3. The Internet explorer version is 6.0.

tags | paper
systems | windows, xp
advisories | CVE-2012-1889
MD5 | a0d1c207cb55892da09387080f48352a
Ubuntu Security Notice USN-1500-1
Posted Jul 9, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1500-1 - Evgeny Boger discovered that Pidgin incorrectly handled buddy list messages in the AIM and ICQ protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10. Thijs Alkemade discovered that Pidgin incorrectly handled malformed voice and video chat requests in the XMPP protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, protocol
systems | linux, ubuntu
advisories | CVE-2011-4601, CVE-2011-4602, CVE-2011-4603, CVE-2011-4922, CVE-2011-4939, CVE-2012-1178, CVE-2012-2214, CVE-2012-2318, CVE-2012-3374, CVE-2011-4601, CVE-2011-4602, CVE-2011-4603, CVE-2011-4922, CVE-2011-4939, CVE-2012-1178, CVE-2012-2214, CVE-2012-2318, CVE-2012-3374
MD5 | 422fcc2933191191cceade8eaab9a688
Total Video Player 1.31 Proof Of Concept
Posted Jun 18, 2012
Authored by 0dem

Total Video Player version 1.31 crash proof of concept denial of service exploit that creates malicious files.

tags | exploit, denial of service, proof of concept
MD5 | 3503b7e865c243e96bcb8c4d05dd8d6f
Joomla hwdVideoShare Shell Upload
Posted Jun 17, 2012
Authored by Sammy FORGIT

Joomla hwdVideoShare version r805 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 89784b5f55b0da569c0ae21ea015a54f
Secunia Security Advisory 49494
Posted Jun 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Contus Video Gallery plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 30cb386515f558120bef4c8a2c979488
WordPress Video Gallery 1.3 Shell Upload
Posted Jun 12, 2012
Authored by Sammy FORGIT

WordPress Video Gallery plugin version 1.3 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | c708e0988c01c73a1f0a869e3098772f
Joomla DentroVideo 1.2 Shell Upload
Posted Jun 12, 2012
Authored by Sammy FORGIT

Joomla DentroVideo component version 1.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | b0e43089c8e9ad26a21a27769129ffd5
WordPress VideoWhisper Video Conference 4.51 Shell Upload
Posted Jun 12, 2012
Authored by Sammy FORGIT

WordPress VideoWhisper Video Conference plugin version 4.51 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 33bd379964a70e6e37a68c0a45ab64c7
Secunia Security Advisory 49410
Posted Jun 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the VideoWhisper Video Presentation plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 60b40861644df3a5b4373c57b348640f
WordPress VideoWhisper Video Presentation 3.17 Shell Upload
Posted Jun 7, 2012
Authored by Sammy FORGIT

WordPress VideoWhisper Video Presentation plugin version 3.17 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | a1240f2665df74c55451cd6a7fda0b76
Zero Day Initiative Advisory 12-075
Posted Jun 6, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-075 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application decodes video samples encoded with the RLE codec. When decompressing the sample, the application will fail to accommodate for the canvas the sample is rendered into. This can cause a buffer overflow and thus can be taken advantage of in order to gain code execution under the context of the application.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2012-0668
MD5 | e56d5ff2b2fdb50359810d4cc109ccd1
Security Vulnerabilities Of Digital Video Broadcast Chipsets
Posted May 28, 2012
Authored by Adam Gowdiak | Site security-explorations.com

This is a presentation called Security Vulnerabilities of Digital Video Broadcast Chipsets. It is from a talk given at the Hack In The Box security conference in Amsterdam in 2012.

tags | paper, vulnerability
MD5 | 478d5959b9948cc0084eb5c89c353dec
Mandriva Linux Security Advisory 2012-081
Posted May 24, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-081 - Security issues were identified and fixed in mozilla firefox. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. Security research firm iDefense reported that researcher wushi of team509 discovered a memory corruption on Windows Vista and Windows 7 systems with hardware acceleration disabled or using incompatible video drivers. Various other issues have also been addressed.

tags | advisory
systems | linux, windows, mandriva, vista, 7
advisories | CVE-2012-0468, CVE-2012-0467, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0472, CVE-2012-0473, CVE-2012-0474, CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2012-0479
MD5 | 1b834a8034e8e9eb2a5c612ce032d3ce
Mandriva Linux Security Advisory 2012-076
Posted May 15, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-076 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues have also been addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2011-3362, CVE-2011-3504, CVE-2011-3892, CVE-2011-3893, CVE-2011-3895, CVE-2011-3929, CVE-2011-3936, CVE-2011-3937, CVE-2011-3940, CVE-2011-3945, CVE-2011-3947, CVE-2011-3973, CVE-2011-3974, CVE-2011-4351, CVE-2011-4352, CVE-2011-4353, CVE-2011-4364, CVE-2011-4579, CVE-2012-0853, CVE-2012-0858
MD5 | a0a820ff84a7a248cfefc432cc727cf8
Mandriva Linux Security Advisory 2012-075
Posted May 15, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-075 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2011-3362, CVE-2011-3504, CVE-2011-3973, CVE-2011-3974, CVE-2011-3892, CVE-2011-3893, CVE-2011-3895, CVE-2011-4351, CVE-2011-4352, CVE-2011-4353, CVE-2011-4364, CVE-2011-4579
MD5 | fc5eba5a7a28a4d9bf7025b44c58def1
Mandriva Linux Security Advisory 2012-074
Posted May 15, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-074 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues have also been addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2011-3362, CVE-2011-3504, CVE-2011-3973, CVE-2011-3974, CVE-2011-3893, CVE-2011-3895, CVE-2011-4351, CVE-2011-4352, CVE-2011-4353, CVE-2011-4364, CVE-2011-4579
MD5 | 5ec43a309faf00d74d116213f06d1c65
AnvSoft Any Video Conveter 4.3.6 Unicode Buffer Overflow
Posted May 12, 2012
Authored by h1ch4m

AnvSoft Any Video Converter version 4.3.6 unicode buffer overflow exploit that creates a malicious .reg file.

tags | exploit, overflow
MD5 | e243bb08e975e3a7c339c48cd5024b26
Video Entropyd 2.0
Posted May 10, 2012
Authored by Folkert van Heusden | Site vanheusden.com

video-entropyd is a program to add entropy data from video4linux devices to the kernel random driver.

Changes: This version is now compatible with recent kernels (kernels that export the video4linux2 API).
tags | kernel, encryption
systems | linux
MD5 | dab5bb2687bc43ed7e51962de904fd4e
AnvSoft Any Video Converter 4.3.6 Stack Overflow
Posted May 3, 2012
Authored by cikumel, y0k

AnvSoft Any Video Converter version 4.3.6 suffers from a stack overflow vulnerability.

tags | exploit, overflow
MD5 | a6631c0580f81378935cad46510f0989
Nokia CP Suite Video Manager 7.1.180.64 Denial Of Service
Posted Apr 27, 2012
Authored by Senator of Pirates

Nokia CP Suite Video Manager versions 7.1.180.64 and below denial of service exploit that creates a malicious .mp4 file.

tags | exploit, denial of service
MD5 | 866e1ef009262c65b362fe86846ad9be
Page 1 of 4
Back1234Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    18 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close