what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

CentOS Web Panel 0.9.8.740 Root Account Takeover / Command Execution
Posted Nov 5, 2018
Authored by Numan OZDEMIR

CentOS Web Panel versions 0.9.8.740 and below suffer from cross site request forgery and cross site scripting vulnerabilities that can be leveraged to achieve remote root command execution.

tags | exploit, remote, web, vulnerability, code execution, xss, csrf
systems | linux, centos
advisories | CVE-2018-18772, CVE-2018-18773, CVE-2018-18774
SHA-256 | 5a8b5c22b6f88d4b23b7a0d7443350b170fd00adeeb921e879705dd19fe1cdd5

Related Files

Nike+ Panel / Mobile App Cross Site Scripting
Posted Aug 17, 2012
Authored by Benjamin Kunz Mejri, Dhillon Kannabhiran, Vulnerability Laboratory | Site vulnerability-lab.com

Nike+ Panel and Mobile App suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 318952fc36f8ecd15a627349d8609286daecfc86c7dc03596b132349ec1fbeed
Joomla Admin Panel Bruteforcer
Posted Jul 28, 2012
Authored by miyachung

This is a php script that takes a list of sites and password possibilities and runs as a cracker against Joomla administrative panels.

tags | cracker, php
SHA-256 | 974b9077b4f38d6b7f57f47c692af49a1e15451c3a0e96836e451c9e45bcb875
Atmail WebAdmin / Webmail Control Panel SQL Root Password Disclosure
Posted Jul 23, 2012
Authored by Ciph3r

Atmail WebAdmin and Webmail Control Panel suffers from a SQL root password disclosure vulnerability.

tags | exploit, root, info disclosure
SHA-256 | 02f37f360dac212fc971b316fb483fdb2f286cf0500b33dcd6659f153fdbcbc9
Secunia Security Advisory 49813
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in WebsitePanel, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | 1b22ddae90dea114d9c07c5bccf01976d5ca97c72c731e6d0c71dd91ad3e6b46
WebsitePanel CMS Open Redirect
Posted Jul 8, 2012
Authored by Anastasios Monachos

WebsitePanel CMS versions prior to 1.2.2.1 suffer from an open redirection vulnerability.

tags | exploit
SHA-256 | f3d18a3cdffa39c307617de82222186276ef53444e6663c5f876e672f7f6a760
SPIP Core 3.0.1 / 2.1.14 / 2.0.19 Cross Site Scripting
Posted Jun 14, 2012
Authored by ASafety

SPIP Core versions below and equal to 3.0.1, 2,1.14, and 2.0.19 suffer from a cross site scripting vulnerability in the administrative panel.

tags | exploit, xss
SHA-256 | 5f46f70dfcbb4a11ad71960db80676cb97a1e1a148304daa9c476926ffe35c25
Secunia Security Advisory 49363
Posted Jun 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities with unknown impacts have been reported in cPanel.

tags | advisory, vulnerability
SHA-256 | ca727ec168a9f8600763ef4ea9dd4060dd567a97c5f9e361bcc22dfd4f8f4e5e
Private Cpanel Cracker
Posted May 23, 2012
Authored by miyachung

This is a php script called Private Cpanel Cracker. It takes in a site list and a word list.

tags | cracker, php
SHA-256 | 9010f814de78bf1a146d22d4d389da8a9ffa95ac443a2a0ba005711f250c5e96
LiteSpeed 4.1.11 Cross Site Scripting
Posted Mar 19, 2012
Authored by K1P0D

LiteSpeed versions 4.1.11 and below suffer from a cross site scripting vulnerability in the admin panel.

tags | exploit, xss
SHA-256 | 4673c5fc0a1d5af35f49f2fe5b245398727d8205e95e7aa7d94b7620983fabbc
Secunia Security Advisory 48262
Posted Mar 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Parallels Plesk Panel, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 25eb28f694bc47be7ded7a5b133263b7d7d8b252f5303fa2a187951b39df9157
4Images 1.7.10 Cross Site Scripting
Posted Jan 31, 2012
Authored by d3v1l, RandomStorm

4Images version 1.7.10 suffers from a cross site scripting vulnerability in the administrative panel.

tags | exploit, xss
SHA-256 | 7dd9e0133074644527dd2a56ecee765075f79c519bfc221648d9e2b3e5b1b2f4
Secunia Security Advisory 47649
Posted Jan 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Panels module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | 17ecb270298f2ff0544eeedc80dda4aa6a50e7e093c81336aab464a35cc4eb2e
WordPress Blog Cross Site Scripting
Posted Jan 12, 2012
Authored by d3v1l, RandomStorm

The administrative panel for WordPress Blog on WordPress.com suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 87662fc54e7b6298ff08f7317f1a8410dcbb4c6454b35404b18429d6ada48103
Mandriva Linux Security Advisory 2011-198
Posted Jan 1, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-198 - Multiple vulnerabilities has been found and corrected in phpmyadmin. Importing a specially-crafted XML file which contains an XML entity injection permits to retrieve a local file (limited by the privileges of the user running the web server). Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the view creation dialog. Using a crafted column type, it was possible to produce XSS in the table search and create index dialogs. Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS payload can be saved to this directory. Using crafted url parameters, it was possible to produce XSS on the export panels in the server, database and table sections. This upgrade provides the latest phpmyadmin version to address these vulnerabilities.

tags | advisory, web, local, vulnerability
systems | linux, mandriva
advisories | CVE-2011-4107, CVE-2011-4634, CVE-2011-4782, CVE-2011-4780
SHA-256 | 849717620dc582e004cf04bfa3adddb6224bed65bd3093ac4c8205f2f134c230
Debian Security Advisory 2365-1
Posted Dec 18, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2365-1 - Ansgar Burchardt, Mike O'Connor and Philipp Kern discovered multiple vulnerabilities in DTC, a web control panel for admin and accounting hosting services.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2011-3195, CVE-2011-3196, CVE-2011-3197, CVE-2011-3198, CVE-2011-3199
SHA-256 | c7cba6fb7804a5597351848ffd009742a6b93472da3c1efa132f5c69371f0c94
Secunia Security Advisory 47068
Posted Dec 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Parallels has acknowledged two vulnerabilities in Parallels Plesk Panel, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 9d188efb4c603546de8b62417f9eb98035504a439a2c8ae4f792bc04dc395821
Secunia Security Advisory 46158
Posted Oct 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Hoyt has reported multiple vulnerabilities in Parallels Plesk Panel, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 207fd84d743b9aa7c67d5b5d2dc72fce9e60bad86c024f4fd6ef5d36e02a2eac
Secunia Security Advisory 46211
Posted Oct 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Hoyt has reported multiple vulnerabilities in Plesk and Parallels Plesk Panel, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 761622afc21f3d2c7f2fee0623d3217866029e7b0fb1a3d348aa71f04a707ec1
Easy Hosting Control Panel Authentication Bypass
Posted Oct 4, 2011
Authored by Jasman

Easy Hosting Control Panel suffers from an administrative authentication bypass vulnerability. Versions 0.29.10 through 0.29.13 are affected.

tags | exploit, bypass
SHA-256 | 70f8f483c68391abc1a3e3a8348e75effc0054c71381b430a6300cfba9349ebd
Plesk Parallels Panel Cross Site Scripting / SQL Injection
Posted Sep 24, 2011
Site xss.cx

Plesk Parallels Panel version psa 10.2.0_build1011110331.18 suffers from cross site scripting, denial of service, and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, xss, sql injection
SHA-256 | f8a05ab963a17008a7c169a3468ed60df81d6029eee3e497be0b082eda8537e5
WordPress Clickjacking
Posted Sep 23, 2011
Authored by Andrew Horton | Site security-assessment.com

This advisory is the result of research into how clickjacking can be leveraged and is the first published clickjacking exploit against a popular web application to gain OS command execution. WordPress is a web application used to create a website or blog. The WordPress Admin panel can be clickjacked to install an arbitrary plugin from the WordPress plugin archive which leads to arbitrary PHP code installation and subsequently OS command execution. Versions of WordPress prior to 3.1.3 are vulnerable to clickjacking. WordPress has had clickjacking protection since May, 2011 with the release of version 3.1.3, however no specific threat or exploit has been published.

tags | advisory, web, arbitrary, php
SHA-256 | 6d655b5582b4862af9ad5082596a3a125309795b934f84d6bc8af6fa078b4321
Plesk Control Panel 10.2 Cross Site Scripting
Posted Sep 23, 2011
Site xss.cx

Plesk Control Panel version 102 suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 9ce94f018b6a159b2536c30e1849e01d5740c9bd9318fe2e6a86e92ad9d7fff7
cPanel Cross Site Request Forgery
Posted Aug 28, 2011
Authored by Net.Edit0r

cPanel versions prior to 11.30.2 suffer from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 90f0d7a9552cefb98aff3d09aeee4c26b57e9040c90fde907b903f4c64245c46
SeoPanel 3.0.0-Released Cross Site Request Forgery
Posted Aug 8, 2011
Authored by KedAns-Dz

SeoPanel version 3.0.0-Released suffers from cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 464551f78c733a2e2751dff93434b7b57eddabf46ba37964516ef1196ee46c9e
Byethost Cpanel Cross Site Request Forgery
Posted Aug 2, 2011
Authored by Izam

Byethost Cpanel suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | ab7232e1a064b6353a804d935d08d59ec6886f0915f9232a0c789f414704a465
Page 1 of 4
Back1234Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close