what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

Microsoft Exchange Open Redirect
Posted Mar 28, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Exchange suffers from an open redirect vulnerability.

tags | exploit
advisories | CVE-2016-3378
MD5 | 50d79a092d794c779a0fa7f12fdb4853

Related Files

Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 XML Injection
Posted Oct 11, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft SQL Server Management Studio versions 17.9 and 18.0 Preview 4 suffer from an xmla filetype XML external entity injection vulnerability.

tags | exploit, sql injection
advisories | CVE-2018-8532
MD5 | f8fb22312550cc368dc913351a5406a8
Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 XML Injection
Posted Oct 11, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft SQL Server Management Studio versions 17.9 and 18.0 Preview 4 suffer from a xel filetype XML external entity injection vulnerability.

tags | exploit, sql injection
advisories | CVE-2018-8527
MD5 | 0fb594060e86354cefaa3a12ba2181d5
Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 XML Injection
Posted Oct 11, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft SQL Server Management Studio versions 17.9 and 18.0 Preview 4 suffer from a REGSRVR filehandling XML external entity injection vulnerability.

tags | exploit, sql injection
advisories | CVE-2018-8533
MD5 | bc7e26312d98457aeac3779548aee6d7
Rollup 18 For Microsoft Exchange Server 2010 SP3 Server-Side Request Forgery
Posted Sep 18, 2018
Authored by Alphan Yavas

Rollup 18 for Microsoft Exchange Server 2010 SP3 suffers from a server-side request forgery vulnerability.

tags | advisory
advisories | CVE-2018-16793
MD5 | de9cfc08b86ceb9f798df8ea03404c6d
Microsoft Baseline Security Analyzer 2.3 XML Injection
Posted Sep 10, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Baseline Security Analyzer version 2.3 suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | 7224f7e70a591fdfca03428610d0453c
Microsoft .NET Framework CVE-2015-6099 Analysis
Posted Sep 3, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

This whitepaper analyzes a privilege escalation vulnerability in the Microsoft .NET framework as noted in MS15-118.

tags | exploit, paper
advisories | CVE-2015-6099
MD5 | 4a014224fc35bfb528ae5d4ebe710d2d
Microsoft DirectX SDK (June 2010) Xact3.exe DLL Hijacking
Posted Aug 11, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The Microsoft DirectX SDK "Xact3.exe" cross-platform tool allows for arbitrary code execution via a trojan horse file "xbdm.dll" in the current working directory, upon opening a ".xap" project file from the same location.

tags | exploit, arbitrary, trojan, code execution
MD5 | d7f1056ce3aa140ad0e115c7bf50b3c0
Microsoft dnslint.exe DNS Tool Forced Drive-By Download
Posted Jul 20, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft's dnslint.exe tool does not verify domain names when parsing DNS text-files using the "/ql" switch making it prone to forced drive-by downloads, providing an end user is tricked into using a server text-file containing a script/binary reference instead of a normally expected domain name.

tags | exploit
MD5 | eb14060a0091ba68f6b96c6e9ef2fb25
Microsoft Windows Enterprise Mode Site List 1/2 XML Injection
Posted Jul 16, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows Enterprise Mode Site List Manager versions 1 and 2 suffer from an XML external entity injection vulnerability.

tags | exploit
systems | windows
MD5 | adb95485a2175dc841aa24d2a530ed72
Microsoft Windows .library-ms Information Disclosure
Posted Jul 16, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Library description files are XML files that define libraries. Libraries aggregate items from local and remote storage locations into a single view in Windows Explorer. Library description files follow the Library Description schema and are saved as *.library-ms files. The .library-ms filetype triggers forced authentication when a user/client accesses a remote share that houses an attacker supplied ".library-ms" file, disclosing credential hashes and other identifiable computer informations.

tags | exploit, remote, local
systems | windows
MD5 | 3efbbbe3394fffedf1bbcf55f304effb
Enhanced Mitigation Experience Toolkit (EMET) XML Injection
Posted Jun 30, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Enhanced Mitigation Experience Toolkit (EMET) suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | da2c5fe7a5b5d3b441f02c18e2d7ca7a
Microsoft Open Redirect
Posted Jun 5, 2018
Authored by Ismail Tasdelen

dpa-fwl.microsoft.com suffers from an open redirection vulnerability.

tags | exploit
MD5 | 9a992791db71dab2fd3cb6f1e0559793
Microsoft Internet Explorer 11.371.16299.0 Denial Of Service
Posted Apr 20, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Internet Explorer version 11.371.16299.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | b95fe4c66578b78c338a2d385f6635b6
Windows DVD Maker 6.1.7 XXE Injection
Posted Mar 16, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Windows DVD Maker version 6.1.7 suffers from an XML external entity injection vulnerability.

tags | exploit, xxe
systems | windows
advisories | CVE-2017-0045
MD5 | 2633411dcb609dcaaf80a71090998e85
Microsoft PowerShell XXE Injection
Posted Dec 6, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft PowerShell suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

tags | exploit, xxe
MD5 | 06fe56f18d81ef806aed4773f1517228
Microsoft Authorization Manager 6.1.7601 XXE Injection
Posted Dec 5, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Authorization Manager version 6.1.7601 suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

tags | exploit, xxe
MD5 | 982c09b54dae36f9b5ae432e6c1d0409
Microsoft Event Viewer 1.0 XXE Injection
Posted Dec 5, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Event Viewer version 1.0 suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

tags | exploit, xxe
MD5 | c7a519a9ce4acb64b45e6199d6ff5ae3
Windows System Information 6.1.7601 XXE Injection
Posted Dec 5, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Windows System Information MSINFO32.exe version 6.1.7601 suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

tags | exploit, xxe
systems | windows
MD5 | a3e8668872972b93951845a9522c667a
Microsoft Excel Starter 2010 XXE Injection
Posted Dec 4, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Excel Starter 2010 suffers from an XML eXternal Entity vulnerability that allows for remote file disclosure.

tags | exploit, remote, xxe
MD5 | 20178a697a7d8e0bdfa592af023e1815
Windows Media Center 6.1.7600 XXE Injection
Posted Dec 4, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Windows Media Center "ehshell.exe" is vulnerable to an XML External Entity attack allowing remote access to any files on a victim's computer, if they open an XXE laden ".mcl" file via a remote share / USB or from a malicious "windowsmediacenterweb" web link.

tags | exploit, remote, web, xxe
systems | windows
MD5 | c9be1776890abf5bb75684418ba687cc
Sophos Mobile Control 3.5.0.3 Open Reverse Proxy
Posted Aug 5, 2016
Authored by Tim Kretschmann

Sophos EAS Proxy is part of the Enterprise Mobility Management (EMM) platform Sophos Mobile Control, which allows control of mail access for managed mobile devices. Anonymous attackers can access any web-resources of the backend mail system like Microsoft Exchange or IBM Domino, if Lotus Traveler option is enabled. Brute force attacks against users in the backend mail system are also possible. Version 3.5.0.3 is affected.

tags | exploit, web
advisories | CVE-2016-6597
MD5 | 24977ef9b66d45a0e285add435dd4ef1
Microsoft Visio DLL Hijacking
Posted Jun 15, 2016
Authored by Yorick Koster, Securify B.V.

Microsoft Visio suffers from a DLL hijacking vulnerability.

tags | advisory
systems | windows
advisories | CVE-2016-3235
MD5 | 72f90bf45267f4baa3971413f07d2b96
Microsoft Visual C++ DLL Hijacking
Posted May 17, 2016
Authored by rugk

Microsoft Visual C++ 2010 Redistributable Package and Visual C++ Redistributable for Visual Studio 2015 suffer from multiple dll hijacking vulnerabilities.

tags | exploit, vulnerability
systems | windows
MD5 | e6906434cb499de8310b345ea39b21d5
Microsoft PowerPoint Viewer 12.0.6600.1000 DLL Hijacking
Posted Mar 1, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft PowerPoint Viewer version 12.0.6600.1000 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 2a755f926620d3e0ed78fe4c04d77b9a
Outlook Web App (OWA) / Client Access Server (CAS) IIS HTTP Internal IP Disclosure
Posted Sep 29, 2014
Authored by Nate Power | Site metasploit.com

This Metasploit module tests vulnerable IIS HTTP header file paths on Microsoft Exchange OWA 2003, CAS 2007, 2010, 2013 servers.

tags | exploit, web, info disclosure
MD5 | eafa43771f313779174c92917d0efc66
Page 1 of 4
Back1234Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close