what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Siyah Beyaz Bilisim Web Design 1.0 SQL Injection
Posted Dec 3, 2018
Authored by KingSkrupellos

Siyah Beyaz Bilisim Web Design version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | a6a05f434a0a124b361c7510ffaae5ced9afcbcf07fc20d2d12804c57d31e132

Related Files

Portspoof Service Signature Obfuscator
Posted Aug 5, 2012
Authored by Piotr Duszynski | Site portspoof.duszynski.eu

The portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. The general goal of the program is to make the port scanning process very slow and output very difficult to interpret, thus making the attack reconnaissance phase a challenging and bothersome task.

tags | tool
systems | unix
SHA-256 | 1e2fbc345f0ea945b0c596c7b0b5b5b49756c29180499f99c286d77041804df8
Another File Integrity Checker 3.1
Posted Jul 26, 2012
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: This is the first public (stable) release of new 3.x branch. It is a rewrite (partial for now) of afick in object oriented programming, to allow better code and better support. It matches the 2.21 release for features. The two afick branches (2.x and 3.x) will be maintained in parallel for a few versions, to allow users to migrate when they want.
tags | tool, integrity
systems | linux, windows, unix
SHA-256 | 933d4fffd3ddffb6eeb8972b47caf3bce6a24d709209a488ab2ddec8e716842c
Red Hat Security Advisory 2012-1103-01
Posted Jul 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1103-01 - Red Hat Certificate System is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. Multiple cross-site scripting flaws were discovered in the Red Hat Certificate System Agent and End Entity pages. An attacker could use these flaws to perform a cross-site scripting attack against victims using Certificate System's web interface. It was discovered that Red Hat Certificate System's Certificate Manager did not properly check certificate revocation requests performed via its web interface. An agent permitted to perform revocations of end entity certificates could use this flaw to revoke the Certificate Authority certificate.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2012-2662, CVE-2012-3367
SHA-256 | c03295adba0c38b673534445461d9e0f2403b0a707f4b0ff13948486ba0bf7ff
Red Hat Security Advisory 2012-1090-01
Posted Jul 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1090-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1 decoder in NSS handled zero length items. This flaw could cause the decoder to incorrectly skip or replace certain items with a default value, or could cause an application to crash if, for example, it received a specially-crafted OCSP response.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0441
SHA-256 | 39c19044934dc07eaf2ccda4a7067b0b643c2cc6a9cc89a40b7f6f5157c495f1
Red Hat Security Advisory 2012-1091-01
Posted Jul 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1091-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1 decoder in NSS handled zero length items. This flaw could cause the decoder to incorrectly skip or replace certain items with a default value, or could cause an application to crash if, for example, it received a specially-crafted OCSP response.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0441
SHA-256 | d72857c706afe58af56ef92496d0bf05c85429eac1b79962ede93b64b9d8c56a
Another File Integrity Checker 2.21
Posted Jul 17, 2012
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: On Unix/Linux systems, the cron job can now notify nagios monitoring, using the nsca tool.
tags | tool, integrity
systems | linux, windows, unix
SHA-256 | a3e1d27385876c05c08eb1166b11ec93813315173953b748a1e2149f47a31761
Airdroid 1.0.4 Beta Implementation Weaknesses
Posted Jul 13, 2012
Authored by Tobias Glemser, Dominique Dewitt, Kathrin Schaberle

Airdroid version 1.0.4 Beta suffers from multiple security design implementation weaknesses.

tags | advisory, info disclosure
advisories | CVE-2012-3884, CVE-2012-3885, CVE-2012-3886, CVE-2012-3887, CVE-2012-3888
SHA-256 | e6777f2cf37fd0cc0c4fad4bc5839eb4b7f717137929dae19f8b618c9f4dfd25
U3-Pwn Sandisk Executable Injection Tool
Posted Jul 6, 2012
Authored by Zy0d0x | Site nullsecurity.net

U3-Pwn is a tool designed to automate injecting executables to Sandisk smart usb devices with default U3 software install. This is performed by removing the original iso file from the device and creating a new iso with autorun features.

tags | tool
systems | unix
SHA-256 | 51498ab2e7ba0c102e682ae6e8f6fca0fcc3c25cbe6926456c2c6aeb1049c326
Planetinfosoft SQL Injection
Posted Jul 2, 2012
Authored by Am!r | Site irist.ir

Sites designed by Planetinfosoft suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | e419f28a1265ee21d230f8658b77aa6882490a23509c308a33269154bd6f5608
Chiangrai Enter Soft Design SQL Injection
Posted Jun 28, 2012
Authored by 3spi0n

Chiangrai Enter Soft Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e301577863b80f8afebc3fab0af02f6a7bc28c1cefa52659a270e1b1dd1244eb
Rhdesign SQL Injection
Posted Jun 28, 2012
Authored by Taurus Omar

Rhdesign suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 994b3f6e5919e91c1ef54e6bb6a1a043d9a4a5d9b2f422fabca853fc9f8a7e19
Insecurity Of Poorly Designed Remote File Inclusion Payloads Part 2
Posted Jun 25, 2012
Authored by bwall | Site firebwall.com

This whitepaper discusses the insecurity of poorly designed remote file inclusion payloads. This is part two.

tags | paper, remote, file inclusion
SHA-256 | 357450c73effdc1d8d79eadc0c1966d2cf52597ec2b85ef66ef49ae5a9a554f2
Debian Security Advisory 2498-1
Posted Jun 25, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2498-1 - It was discovered that dhcpcd, a DHCP client, was vulnerable to a stack overflow. A malformed DHCP message could crash the client, causing a denial of service, and potentially remote code execution through properly designed malicious DHCP packets.

tags | advisory, remote, denial of service, overflow, code execution
systems | linux, debian
advisories | CVE-2012-2152
SHA-256 | 2a1985d21c5fc5cfea58dab1c087d2cbcd793d34c92dfbc5e4ad65f8a1d75a90
Voila Web Design SQL Injection
Posted Jun 24, 2012
Authored by 3spi0n

Voila Web Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | dfac022abcd8dd817bf7421286b8b4d64706303c7f00ee95f51ac685ab59e430
Muinar SQL Injection
Posted Jun 20, 2012
Authored by Taurus Omar

Muinar web design suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, sql injection
SHA-256 | 1059f416a117a9e5a601bf612b961b9b37715d0d7b5b33429a5c1baa911668e5
Red Hat Security Advisory 2012-0973-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0973-04 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority issued a subordinate CA certificate to its customer, that could be used to issue certificates for any name. This update renders the subordinate CA certificate as untrusted. Note: This fix only applies to applications using the NSS Builtin Object Token. It does not render the certificates untrusted for applications that use the NSS library, but do not use the NSS Builtin Object Token.

tags | advisory
systems | linux, redhat
SHA-256 | bd86edb0d7d1e0e9eb08ff6f70f96509f32f3170947d1f455892784f3cc8b4f1
Red Hat Security Advisory 2012-0939-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0939-04 - X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. A flaw was found in the way the X.Org server handled lock files. A local user with access to the system console could use this flaw to determine the existence of a file in a directory not accessible to the user, via a symbolic link attack. A race condition was found in the way the X.Org server managed temporary lock files. A local attacker could use this flaw to perform a symbolic link attack, allowing them to make an arbitrary file world readable, leading to the disclosure of sensitive information.

tags | advisory, arbitrary, local
systems | linux, redhat
advisories | CVE-2011-4028, CVE-2011-4029
SHA-256 | 056bbb8f9c917f5519bbd54df7dac67565efe3792cceacb35765ad54e8033a0f
Hirakee SQL Injection
Posted Jun 20, 2012
Authored by Taurus Omar

Sites designed by Hirakee suffer from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | ef9fedaafee10295598db990c383926b58c8c23690691aee0035c0b62c2d20b7
PD Professional Designer SQL Injection
Posted Jun 20, 2012
Authored by Taurus Omar

PD Professional Designer suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 9f5934b17c5182b1d95681fb1236314992f1471da0a40bd350e53a158f7cb095
Web Designs Studio CMS SQL Injection
Posted Jun 16, 2012
Authored by Am!r | Site irist.ir

Web Designs Studio CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | b1e23768c7c85057223977950ee407a0097254b8bc66eaa4851f11cc18d0c1ea
Perception Design SQL Injection
Posted Jun 16, 2012
Authored by Taurus Omar

Perception Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 63717776adbb88c6147ce7208cff76dfd7651ad72c27e23de3f38d1fb48a7dac
Mandriva Linux Security Advisory 2012-092
Posted Jun 16, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-092 - Multiple vulnerabilities has been discovered and corrected in postgresql. Fix incorrect password transformation in contrib/pgcrypto's DES crypt() function (Solar Designer). If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much weaker than it appeared. With this fix, the rest of the string is properly included in the DES hash. Any stored password values that are affected by this bug will thus no longer match, so the stored values may need to be updated. Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler (Tom Lane). Applying such attributes to a call handler could crash the server. This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2012-2143, CVE-2012-2655
SHA-256 | 1edfeb5c298d59aca21fc94dd3d94074bf90df118aaad1545a26a577513db22c
Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow
Posted Jun 14, 2012
Authored by unknown, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Lattice Semiconductor PAC-Designer 6.21. As a .pac file, when supplying a long string of data to the 'value' field under the 'SymbolicSchematicData' tag, it is possible to cause a memory corruption on the stack, which results in arbitrary code execution under the context of the user.

tags | exploit, arbitrary, code execution
advisories | CVE-2012-2915, OSVDB-82001
SHA-256 | 4f39a6ba7a1c027c53d6c89df81d4f572dc43a0a4728c3bef5f6473a11849cc1
Marco Valentino SQL Injection
Posted Jun 14, 2012
Authored by Taurus Omar

Websites designed by Marco Valentino appears susceptible to remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | cfe8383e708270f8806f14e704993616f1e3ad197fc401073cc7f2bcb946f30c
Espejo Design SQL Injection
Posted Jun 12, 2012
Authored by Taurus Omar

Espejo Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 13c3caed35d158738601e4da8538f1b0f8f156d6c212714d1e8c1cc627c634f2
Page 1 of 4
Back1234Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close