what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

CMS Made Simple 2.2.14 Shell Upload
Posted Aug 13, 2020
Authored by Roel van Beurden

CMS Made Simple version 2.2.14 suffers from an authenticated shell upload vulnerability.

tags | exploit, shell
SHA-256 | dfec683841667f70218145ec3220e0b1035d7cd217d4a78f597b5fdeafa9b894

Related Files

GNU Transport Layer Security Library 3.0.20
Posted Jun 6, 2012
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This is a minor feature enhancement and bugfix release. The main enhancement is the ability to load trusted certificates (CAs) from the system certificate store.
tags | protocol, library
SHA-256 | 7e3f431a43e5366ff5a9b7646d2a79892a905237ef18cb147b945ec99012686d
Mod_auth_pubtkt 0.7
Posted Jun 4, 2012
Site neon1.net

mod_auth_pubtkt is a simple Web single sign-on (SSO) solution for Apache. It validates authentication tickets provided by the client in a cookie using public-key cryptography (DSA or RSA). Thus, only the login server that generates the tickets needs to possess the private key, while Web servers can verify tickets given only the public key. The implementation of the login server is left to the user, but an example and a library in PHP are provided with the distribution.

Changes: The public key can be set per directory instead of only globally. The login URL is now optional, and a new TKTAuthBadIPURL option has been added. Furthermore, the module now compiles with Apache 2.4 and includes a Perl ticket generation module.
tags | web, php
systems | unix
SHA-256 | 8ff3de9c5acc026c6fd74fd8e599c0c2659cd29c51693dbf67a8bf8c609be94e
Simple Web Content Management System 1.1 SQL Injection
Posted Jun 1, 2012
Authored by loneferret

Simple Web Content Management System version 1.1 suffers from multiple remote SQL injection vulnerabilities. Most of these issues were already priorly discovered in early 2011 by John Leitch for versions 1.21 and below.

tags | exploit, remote, web, vulnerability, sql injection
SHA-256 | 82966c3a58927288ab4557775bf16493908a7de8d6566a8d84e89069b47fae4f
GNU SASL 1.8.0
Posted May 29, 2012
Authored by Simon Josefsson

GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.

Changes: This is a new major stable release. SAML20 support following RFC 6595. OPENID20 support following RFC 6616. SMTP server examples (e.g. for SCRAM, SAML20, and OPENID20). Various cleanups, portability fixes, and other bugfixes. The API and ABI are fully backwards compatible with version 1.6.x.
tags | imap, library
systems | unix
SHA-256 | 310262d1ded082d1ceefc52d6dad265c1decae8d84e12b5947d9b1dd193191e5
Secunia Security Advisory 49137
Posted May 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Chokri B.A. has discovered a vulnerability in GetSimple CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 8eb6820d562ff4891bab91a4c04d3a61385207060dfd1cd6b466f9b5a3a2b3f6
GetSimple CMS 3.1 Cross Site Scripting
Posted May 12, 2012
Authored by Chokri Ben Achor, Vulnerability Laboratory | Site vulnerability-lab.com

GetSimple CMS version 3.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 907c8b643da2c6b6cde7782c0dc396629ae2402f8972644e23c2e574d7f1ee23
MD5 MySQL Brute Forcer
Posted May 10, 2012
Authored by baltazar

This is a simple python script for cracking MySQL MD5 passwords.

tags | cracker, python
SHA-256 | 2eabc6d50aa0308a12f9f621132d81ab8133f46b0854377425c4d9b0bac9f450
WordPress Bruteforce Script
Posted Apr 29, 2012
Authored by CorryL

This is a simple bash script for bruteforcing WordPress.

tags | cracker, bash
SHA-256 | a04595fb1fae7483302800dc402320dae1656bd040d010c93927bb2d7e92208a
GNU Transport Layer Security Library 3.0.19
Posted Apr 23, 2012
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: PKCS #11 URLs support reading the PIN from a file. Updates in DSA, ECDSA, and Diffie-Hellman handling.
tags | protocol, library
SHA-256 | d9a436ea8718c38a564812e465c883f4f37ddc8c80c6f8bee54819e6e4089c37
GNU Transport Layer Security Library 3.0.18
Posted Apr 3, 2012
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This is a bugfix release on the current stable branch. It includes date-related (Y2K38) fixes, a fix for older VIA processors, and adds new APIs related to extraction of session random numbers and certificate parsing.
tags | protocol, library
SHA-256 | c3a07f641d78a4d4e5a6984c4e8f07390944c68c8d982826bd3f672383b4d8fa
CMS Made Simple 1.10.3 Cross Site Scripting
Posted Apr 2, 2012
Authored by Ivano Binetti

CMS Made Simple versions 1.10.3 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-1992
SHA-256 | 98d1ca8e6675a4383b17b98dd6f0f53b7983aa7263387b0bc73d41b8421c239a
Simple PHP Agenda 2.2.8 Cross Site Request Forgery
Posted Mar 30, 2012
Authored by Ivano Binetti

Simple PHP Agenda versions 2.2.8 and below suffer from multiple cross site request forgery vulnerabilities.

tags | exploit, php, vulnerability, csrf
advisories | CVE-2012-1978
SHA-256 | 02e95a628273a7d274960548d31bfc06e489e5e9030ae0a37dac889a18238b13
GetSimple 3.1 Shell Upload / Disclosure
Posted Mar 30, 2012
Authored by KedAns-Dz

GetSimple version 3.1 suffers from backup download and shell upload vulnerabilities.

tags | exploit, shell, vulnerability
SHA-256 | 6d7e6bb2dc03c8ee708abf9ebd0c5acdb49191acb3f9a1b447a52889d00c3574
Quest InTrust 10.4.x File Overwrite
Posted Mar 29, 2012
Authored by rgod | Site retrogod.altervista.org

Quest InTrust version 10.4.x suffers from ArDoc.dll active-x control remote file creation / overwrite vulnerabilities in the ReportTree and SimpleTree classes. Proof of concept code included.

tags | exploit, remote, vulnerability, activex, proof of concept
systems | linux
SHA-256 | 1b249434937ec1c1ec6432094ca9aca11399fda520e83ee44caaf8e3963ed614
Firewall Builder With GUI 5.1.0.3599
Posted Mar 29, 2012
Site fwbuilder.org

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Changes: Packages for Windows and Mac OS X are now distributed under the GPL, and the source code includes all files necessary to build on Linux, *BSD, Windows, and Mac OS X. This release also includes a few bugfixes in the policy compiler for iptables and for the build problem on Gentoo.
tags | tool, firewall
systems | cisco, linux, unix, openbsd
SHA-256 | 452514a1ec0be1416bfca93603e6c89deb91d1a3a19671c64b5a8868a3743daf
CMSimple_XH 1.5.2 Cross Site Scripting
Posted Mar 22, 2012
Authored by Stefan Schurtz

CMSimple_XH version 1.5.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3baabd8c7d302fd46aa95ed98487b55cd2b7d11dab5ae33b933e1dd84125a337
Secunia Security Advisory 48473
Posted Mar 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in CMSimple, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | e5b2b107aa6b7a62f38663f024bdf9291802cb64c39f94512fd4a9547ed1a5f3
rdpScan Network Checker
Posted Mar 18, 2012
Authored by silverstoneblue

This is a simple script that leverages nmap to scan for RDP-Server.

tags | tool, scanner
systems | unix
SHA-256 | 396f47878b4ab500666868acb58cf5871826fd5090559209cb91564b55b243e6
GNU Transport Layer Security Library 3.0.16
Posted Mar 17, 2012
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This is a bugfix release on the current stable branch. The main fixes are an SRP-RSA fix under TLS 1.2 and the addition of assembler files for Mac OS X.
tags | protocol, library
SHA-256 | a87886259a035ff1051b77cc41e86323b294a6bd910b0ce66c6fb708ab45dc11
Simple Posting System 1.0 Final Local File Inclusion
Posted Mar 13, 2012
Authored by n0tch

Simple Posting System version 1.0 Final suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | d73abe8631ff8d9a2ed2661dce68ae64f4fa4453d6808dd87777087f0e7b3e0b
Simple Fuzzing Utility 0.7.0
Posted Mar 4, 2012
Authored by aaron conole | Site aconole.brad-x.com

Simple Fuzz is a simple fuzzer. It has two network modes of operation, an output mode for developing command line fuzzing scripts, as well as taking fuzzing strings from literals and building strings from sequences. It is built to fill a need - the need for a quickly configurable black box testing utility that does not require intimate knowledge of the inner workings of C or require specialized software rigs. The aim is to just provide a simple interface, clear inputs/outputs, and reusability.

Changes: Fixed a long standing bug in the memory block replacement code. Added the ability to fuzz via blocks (ala spike/sulley fuzz frameworks). Added the ability to trap crashes via a harness program.
tags | fuzzer
SHA-256 | a65bb4d048c713dd9ecc4b42b98cc124516fd5c1df19deddfc664476aad7caac
GNU Transport Layer Security Library 3.0.15
Posted Mar 3, 2012
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release adds several bugfixes and updates.
tags | protocol, library
SHA-256 | 013800e2bb94d72f5f1c3b447553223039f01bd0655d60138e1a0cea50022962
D-Link DSL-2640B Authentication Bypass
Posted Feb 23, 2012
Authored by Ivano Binetti

The D-Link DSL-2640B ADSL router suffers from a simple authentication bypass vulnerability by spoofing the MAC address of a logged in administrator.

tags | exploit, spoof, bypass
SHA-256 | 12bc1d6056d32882aa0e9cb89830f0cca2bd54029fb7e936e8201175dcf085f6
GNU Transport Layer Security Library 3.0.13
Posted Feb 21, 2012
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release adds support for a new helper interface to support trust on first use (SSH-like authentication), online OCSP verification in included programs, and several updates in the Datagram TLS layer.
tags | protocol, library
SHA-256 | 2e0adbc50059496ec13177034708eef163344c2b8898da7ce6a91312b70d6e7c
Codetective Analysis Tool
Posted Feb 12, 2012
Authored by Francisco Gama Tabanez Ribeiro

Codetective is a simple tool to determine the crypto/encoding algorithm used according to traces of its representation. Written in Python.

tags | tool, encryption, crypto
SHA-256 | cbaf97c8b1ea47226eb5fa662a8442645b216ebfcc9373d0676a59eafd9816a9
Page 2 of 4
Back1234Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close