exploit the possibilities
Showing 1 - 25 of 100 RSS Feed

Files

Web Ofisi Rent A Car 3 SQL Injection
Posted Jul 19, 2019
Authored by Ahmet Umit Bayram

Web Ofisi Rent a Car version 3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | a5d470c60fe210d7fc74f1549a7e6e81

Related Files

Cisco Security Advisory 20120530-iosxr-2
Posted Aug 15, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS XR Software contains a vulnerability when handling crafted packets that may result in a denial of service condition. The vulnerability only exists on Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP-4G and RSP-8G), Route Switch Processor 440 (RSP440), and Cisco Carrier Routing System (CRS) Performance Route Processor (PRP). The vulnerability is a result of improper handling of crafted packets and could cause the route processor, which processes the packets, to be unable to transmit packets to the fabric. Cisco has released free software updates that address this vulnerability.

tags | advisory, denial of service
systems | cisco, osx
MD5 | 26362bf2982313cf5fcbee13db6c32b8
MobileCartly 1.0 Shell Upload
Posted Aug 15, 2012
Authored by ICheer_No0M

MobileCartly version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | e07808c8c810b616290c046dc2426bc1
MobileCarty 1.0 Shell Upload / File Write
Posted Aug 12, 2012
Authored by L0n3ly-H34rT

MobileCarty version 1.0 suffers from remote shell upload and arbitrary file creation vulnerabilities.

tags | exploit, remote, arbitrary, shell, vulnerability
MD5 | c012ab9693a85ea4b41ee70dd5205930
MobileCartly 1.0 File Deletion
Posted Aug 10, 2012
Authored by GolD_M

MobileCartly version 1.0 suffers from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
MD5 | fb408e8e59574195847aa51fbc33ad9f
iOS SSL Kill Switch
Posted Jul 27, 2012
Authored by Alban Diquet | Site github.com

This is a MobileSubstrate extension to disable certificate validation within NSURLConnection in order to facilitate black-box testing of iOS Apps. Once installed on a jailbroken device, iOS SSL Kill Switch patches NSURLConnection to override and disable the system's default certificate validation as well as any kind of custom certificate validation (such as certificate pinning). It was successfully tested against Twitter, Card.io and Square; all of them implement certificate pinning.

tags | tool, encryption
systems | apple
MD5 | 6652144267902b859b5c6e2a92b9e95a
Secunia Security Advisory 50006
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in X-Cart Gold, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 0fbea989eb5cec00e7e3f7ae3202a72c
Google Chrome 19 metro_driver.dll Mishandling
Posted Jul 17, 2012
Authored by Moshe Zioni

Google Chrome developers, while trying to be adaptive and current, added some windows 8 helper functions to aid the development of Metro style behavior, but does not include the library file itself, thus resulting in an unqualified dynamic-link library call to 'metro_driver.dll'. A user with local disk access can carefully construct a DLL that suits the pattern that is being traversed by the client and implement it somewhere along the search path and the client will load it seamlessly.

tags | exploit, local
systems | windows
advisories | CVE-2012-2764
MD5 | f0495b78284a495447233d07cb064d3c
VamCart CMS 0.9 Cross Site Scripting
Posted Jul 15, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

VamCart CMS version 0.9 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 5027ecf2cdc557885a9caa2855806dae
Lc Flickr Carousel 1.0 File Disclosure
Posted Jul 13, 2012
Authored by GolD_M

Lc Flickr Carousel version 1.0 suffers from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | 8989600d7063f8320beac3d2fbdf422c
OpenPuff 4.00
Posted Jul 13, 2012
Authored by Cosimo Oliboni | Site embeddedsw.net

OpenPuff is a professional military-strength steganography tool that supports 16 algorithms, has a strong random number generator, supports many carrier formats, and more.

Changes: Various updates.
tags | tool, encryption, steganography
MD5 | ab4ec8401743a6937b50daae4f338417
Ubuntu Security Notice USN-1504-1
Posted Jul 12, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1504-1 - It was discovered that Qt did not properly handle wildcard domain names or IP addresses in the Common Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. This issue only affected Ubuntu 10.04 LTS. A heap-based buffer overflow was discovered in the HarfBuzz module. If a user were tricked into opening a crafted font file in a Qt application, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-5076, CVE-2011-3193, CVE-2011-3194, CVE-2010-5076, CVE-2011-3193, CVE-2011-3194
MD5 | a9997166b739037023557de2955c6ae7
strongSwan IPsec Implementation 5.0.0
Posted Jul 3, 2012
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

Changes: The IKEv1 protocol was re-implemented from scratch by extending the successful IKEv2 code. The charon keying daemon now supports both protocols, which allowed the old IKEv1 pluto daemon to be removed. Support for the IKEv1 Aggressive and Hybrid Modes has been added.
tags | tool, encryption, protocol
systems | linux, freebsd, apple, osx
MD5 | 1d7bccb50f01020bb04d06e9755e0eec
OpenCart CMS Cross Site Scripting
Posted Jun 23, 2012
Authored by $1l3n7 @$$@$$17

OpenCart CMS suffers from persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 615ee7880d83079242e4ac92107bf7d6
Secunia Security Advisory 49530
Posted Jun 22, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Vulnerability Lab has reported two vulnerabilities in Interspire Shopping Cart, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | af4ba0632717eef358975a54ccf1cb59
Secunia Security Advisory 49623
Posted Jun 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in PD E-Store, PD Companies Website, and PD Cars Gallery, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 9a03ebe25cbb393400b11db0d359175c
Red Hat Security Advisory 2012-0880-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0880-04 - Qt is a software toolkit that simplifies the task of writing and maintaining GUI applications for the X Window System. HarfBuzz is an OpenType text shaping engine. A buffer overflow flaw was found in the harfbuzz module in Qt. If a user loaded a specially-crafted font file with an application linked against Qt, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. A flaw was found in the way Qt handled X.509 certificates with IP address wildcards. An attacker able to obtain a certificate with a Common Name containing an IP wildcard could possibly use this flaw to impersonate an SSL server to client applications that are using Qt. This update also introduces more strict handling for hostname wildcard certificates by disallowing the wildcard character to match more than one hostname component.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2010-5076, CVE-2011-3922
MD5 | 659dc61af3decae8b5765c3cf1ac546f
Secunia Security Advisory 49652
Posted Jun 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the TheCartPress plugin for WordPress, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 52620cd3c60969bfd576e7288de92db3
Squirrelcart Cart Shop 3.3.4 Cross Site Scripting
Posted Jun 14, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Squirrelcart Cart Shop version 3.3.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | c1e72461b4d5724ea4e5319bf5b2da96
Interspire Shopping Cart 6 Cross Site Scripting
Posted Jun 14, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Interspire Shopping Cart version 6 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | a8f92359904ee4da8b63aa372ed9e3c5
Drupal Ubercart AJAX Cart 6.x Information Disclosure
Posted Jun 14, 2012
Authored by Neil Bertram | Site drupal.org

Drupal Ubercart AJAX Cart third party module version 6.x suffers from an information disclosure vulnerability.

tags | advisory, info disclosure
MD5 | f859fdb6d8847b89f7be964eaedd5cdc
Checkpoint Endpoint Connect VPN DLL Hijack
Posted Jun 14, 2012
Authored by Moshe Zioni

A vulnerability in Checkpoint Endpoint Connect VPN causes the client to be susceptible to an attack that result in arbitrary dynamic-library loading. A user with local disk access can carefully construct a DLL that suits a pattern that is being traversed by the client and implement it somewhere along the search path and the client will load it seamlessly.

tags | advisory, arbitrary, local
systems | windows
advisories | CVE-2012-2753
MD5 | ca161bf35254dda9e83bc42ad15b9ff1
Secunia Security Advisory 49459
Posted Jun 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the wpStoreCart plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 21381394e925bbca8edc5f7cc64940aa
WordPress wpStoreCart 2.5.29 Shell Upload
Posted Jun 8, 2012
Authored by Sammy FORGIT

WordPress wpStoreCart plugin versions 2.5.27 through 2.5.29 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 3c7ecb11ed893f0bbd0975428c8abfac
Red Hat Security Advisory 2012-0715-01
Posted Jun 7, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0715-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Note: CVE-2011-3101 only affected users of certain NVIDIA display drivers with graphics cards that have hardware acceleration enabled.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2011-3101, CVE-2012-1937, CVE-2012-1938, CVE-2012-1939, CVE-2012-1940, CVE-2012-1941, CVE-2012-1944, CVE-2012-1945, CVE-2012-1946, CVE-2012-1947
MD5 | 80ca5f566c9f6e2c8c5379209545a0b5
Red Hat Security Advisory 2012-0710-01
Posted Jun 5, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0710-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Note: CVE-2011-3101 only affected users of certain NVIDIA display drivers with graphics cards that have hardware acceleration enabled.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-3101, CVE-2012-1937, CVE-2012-1938, CVE-2012-1939, CVE-2012-1940, CVE-2012-1941, CVE-2012-1944, CVE-2012-1945, CVE-2012-1946, CVE-2012-1947
MD5 | fffd5b4c1d3eb173d69f16851930053b
Page 1 of 4
Back1234Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    16 Files
  • 18
    Sep 18th
    8 Files
  • 19
    Sep 19th
    14 Files
  • 20
    Sep 20th
    20 Files
  • 21
    Sep 21st
    3 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close