what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

CMS Made Simple 2.2.14 Shell Upload
Posted Aug 13, 2020
Authored by Roel van Beurden

CMS Made Simple version 2.2.14 suffers from an authenticated shell upload vulnerability.

tags | exploit, shell
SHA-256 | dfec683841667f70218145ec3220e0b1035d7cd217d4a78f597b5fdeafa9b894

Related Files

Viper FakeUpdate Script
Posted Feb 8, 2012
Authored by Bl4ck.Viper

This is a simple script to spawn dns spoofing, arp spoofing, a fake update page for Windows and a backdoored executable on a webserver to cause the Windows box to connect back. Requires Metasploit.

tags | tool, spoof, rootkit
systems | windows, unix
SHA-256 | fafffa5a5d80b84aa1e06752a7b0e865780f651a7fbff17eb1f66ed93cefbbbc
Secunia Security Advisory 47877
Posted Feb 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in Simple Groupware, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 7bf294b5012904c6c7185b2c0b0f59e696694dc62b649a29cfbdbc0f9fa52476
SimpleGroupware 0.742 Cross Site Scripting
Posted Feb 7, 2012
Authored by Stefan Schurtz

SimpleGroupware version 0.742 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | da8c237855bb436d3a75486eaa1d4091bc3709e59dffbf2f047bbdf437251048
Port Tester 0.1
Posted Feb 3, 2012
Authored by localh0t

This is a simple little port scanning script written in python.

tags | tool, scanner, python
systems | unix
SHA-256 | ad34cb9d3975247aeac90686a80c09eb62fbcb41dbb7d953b4454b12630d2829
Engine By Avatarus Simple CMS SQL Injection
Posted Jan 21, 2012
Authored by Hubert Wojciechowski, Vulnerability Laboratory | Site vulnerability-lab.com

Engine By Avatarus Simple CMS suffers from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
SHA-256 | ae0f60d38563e3475e51ac8fca9dfa5dde3d850fb1058a8d0655747c45409bb4
ICMP Ping Sweep
Posted Jan 17, 2012
Authored by James Stevenson | Site stev.org

This is a simple ICMP ping sweeping tool that takes in a range of IP addresses.

tags | tool, scanner
systems | unix
SHA-256 | f42e0187f536097a0191dec4e7b0d24b97b53a7add5c373fe34cd95f26a39102
Security Implications Of IPv6 Extensions Headers With Neighbor Discovery Rev 2
Posted Jan 13, 2012
Authored by Fernando Gont | Site ietf.org

IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers. Revision 2 of this document. This revision includes, among other things, a discussion of possible issues with SEND as a result of IPv6 fragmentation.

tags | paper, local
SHA-256 | a8b7a492cc8ab102f8884547a7f042ea0e94a1cdbbad648050eb655bf675f524
Zero Day Initiative Advisory 12-014
Posted Jan 13, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-014 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Easy Printer Care. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XMLSimpleAccessor ActiveX control (CLSID: {466576F3-19B6-4FF1-BD48-3E0E1BFB96E9}). By passing an overlong string to the LoadXML() method it is possible to trigger a heap corruption vulnerability. A remote attacker could exploit this vulnerability to execute arbitrary code on the affected machine under the context of the user running the Internet Explorer process.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2011-4787
SHA-256 | 4c0d8147a4cc744a03c4b805f15c9dfd3c1b87e71dd48d95d2810e446ce52c6d
Secunia Security Advisory 47534
Posted Jan 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for simplesamlphp. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, debian
SHA-256 | 6d7eb642daeacb6ca0942b0fb1684649efe39f9b366409093fd051b19008a400
Debian Security Advisory 2387-1
Posted Jan 12, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2387-1 - timtai1 discovered that simpleSAMLphp, an authentication and federation platform, is vulnerable to a cross site scripting attack, allowing a remote attacker to access sensitive client data.

tags | advisory, remote, xss
systems | linux, debian
SHA-256 | dba38192c60bbaba03f0230ef3e7b91379f06487b5b433975eadf001840ec3b6
Secunia Security Advisory 47491
Posted Jan 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in SimpleSAMLphp, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 47678fad5d00de27a5aec416e06011b6a9cb05b6cfca70c7977c8bdfff7ab8a1
Secunia Security Advisory 47370
Posted Jan 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Simple File Upload module for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, file upload
SHA-256 | 204594a150746f2316abf9eb9e42b1d4dbf56255224c2d87bbe8c7141d4ce73c
Technitium MAC Address Changer
Posted Jan 3, 2012
Authored by Shreyas Zare | Site tmac.technitium.com

Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine.

SHA-256 | c52fde9a3517d2d95b182f5a532a23fa0f13f2c771598819114293b01e59681d
Joomla Simple File Upload 1.3 Remote Code Execution
Posted Dec 29, 2011
Authored by gmda

The Joomla Simple File Upload component version 1.3 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution, file upload
SHA-256 | 805ef7cfd9b8a1d4ba413bccf67b38b7c55142606663af6ab35e092bc08e9e50
Firewall Builder With GUI 5.0.1.3592
Posted Dec 24, 2011
Site fwbuilder.org

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Changes: This release includes improvements in the design of the installer dialog to let users start in non-batch install mode but continue in batch install mode later; improvements in support for iptables configurations for bridging Linux firewalls; fixes for several GUI crashes; policy compilers now correctly handle /31 subnets.
tags | tool, firewall
systems | cisco, linux, unix, openbsd
SHA-256 | 22120de712844b5d89a3f2924964c16cc86f96f2156ace7c3f551bd0d713c94b
Secunia Security Advisory 46893
Posted Dec 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - mghack has discovered two vulnerabilities in Simple PHP Blog, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, php, vulnerability, xss
SHA-256 | e86ed32731f61f3f3a617047af8628440303b1c15b1d3bc288b49bace22f3a00
GNU Transport Layer Security Library 3.0.9
Posted Dec 15, 2011
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This is an update to the current stable branch with several optimizations, including faster Diffie-Hellman and elliptic curve Diffie-Hellman key exchange.
tags | protocol, library
SHA-256 | 811c2fb46dd1d162a18cfd4f8e8352de65199ff66c44e73b15a18b924fc53857
SMF 2.0.1 SQL Injection / Privilege Escalation
Posted Dec 7, 2011
Authored by The:Paradox

Simple Machines Forum versions 2.0.1 and below remote SQL injection and privilege escalation exploit.

tags | exploit, remote, sql injection
SHA-256 | 086c3cf9ec21d8c9e9a80a59c0f0dc1702873c6613db1b5fc590c2942b519083
Web Backdoors - Attack, Evasion And Detection
Posted Dec 6, 2011
Authored by FB1H2S

Whitepaper called Web Backdoors - Attack, Evasion and Detection. This paper provides insight on common web back doors and how simple manipulations could make them undetectable by AV and other security suits. It explains a few techniques that could be used to render undetectable and unnoticed backdoors inside web applications.

tags | paper, web
SHA-256 | b1a5cd53ac0ba93fa6ae8a95e647a33652ee817065946819d8fc813efa6fdce6
SopCast 3.4.7 Improper Permissions
Posted Dec 5, 2011
Authored by LiquidWorm | Site zeroscience.mk

SopCast is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. Version 3.4.7.45585 is affected.

tags | exploit
SHA-256 | 1715697722899e506bb604c388d1147e954711b184bb29cf08b590d58ca98864
Manx 1.0.1 Directory Traversal
Posted Nov 29, 2011
Authored by LiquidWorm | Site zeroscience.mk

Manx version 1.0.1 suffers from a directory traversal vulnerability in simplexml_load_file().

tags | exploit
SHA-256 | 254006fee143eb3cea57e5edc7813044af7f110d985f7ea806576e3cecc3af51
ARP Toxin Cache Poisoner
Posted Nov 27, 2011
Authored by infodox

ARP Toxin is a simple Perl script designed to ARP poison a host on the LAN. It uses Nemesis as a packet crafting tool to create and send the ARP packets. It is NOT original code, merely a slightly improved version of the sample arpredirect script from the book "Hacking: The Art of Exploitation". This variant allows one to set their own poisoning interval and interface to poison on.

tags | tool, perl
systems | unix
SHA-256 | aaa815740a2967208c32389034fd22ddc713b8769ad0c27475d119c8fbeb276d
Secunia Security Advisory 46783
Posted Nov 14, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in CMS Made Simple, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | c53c1628b4fa61f6744a975aa78cfee0cf4782c9bc44f8feb58344022be45930
Secunia Security Advisory 46081
Posted Nov 14, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Rodolfo H-Baz has discovered a vulnerability in Gerd Tentler SimpleForum, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | bbca6ce7c7db8f6cf8a960d3894afa71dba668ddeb3679055acebe100ce2bacb
LFI Fuzzploit Tool 1.1
Posted Nov 12, 2011
Authored by nullbyt3

LFI Fuzzploit is a simple tool to help in the fuzzing for, finding, and exploiting of local file inclusion vulnerabilities in Linux-based PHP applications. Using special encoding and fuzzing techniques, lfi_fuzzploit will scan for some known and some not so known LFI filter bypasses and exploits using some advanced encoding/bypass methods to try to bypass security and achieve its goal which is ultimately, exploiting a local file inclusion.

Changes: A bug in the file descriptor scan function is fixed. A command shell bug is fixed.
tags | tool, local, scanner, php, vulnerability, file inclusion
systems | linux, unix
SHA-256 | 164c07ad86594aa9bfe0936cec79654856d45223f5354927c0eba3f0fca68942
Page 3 of 4
Back1234Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    0 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close