CMS Made Simple version 2.2.14 suffers from an authenticated shell upload vulnerability.
dfec683841667f70218145ec3220e0b1035d7cd217d4a78f597b5fdeafa9b894This is a simple script to spawn dns spoofing, arp spoofing, a fake update page for Windows and a backdoored executable on a webserver to cause the Windows box to connect back. Requires Metasploit.
fafffa5a5d80b84aa1e06752a7b0e865780f651a7fbff17eb1f66ed93cefbbbcSecunia Security Advisory - Stefan Schurtz has discovered a vulnerability in Simple Groupware, which can be exploited by malicious people to conduct cross-site scripting attacks.
7bf294b5012904c6c7185b2c0b0f59e696694dc62b649a29cfbdbc0f9fa52476SimpleGroupware version 0.742 suffers from a cross site scripting vulnerability.
da8c237855bb436d3a75486eaa1d4091bc3709e59dffbf2f047bbdf437251048This is a simple little port scanning script written in python.
ad34cb9d3975247aeac90686a80c09eb62fbcb41dbb7d953b4454b12630d2829Engine By Avatarus Simple CMS suffers from a remote SQL injection vulnerability.
ae0f60d38563e3475e51ac8fca9dfa5dde3d850fb1058a8d0655747c45409bb4This is a simple ICMP ping sweeping tool that takes in a range of IP addresses.
f42e0187f536097a0191dec4e7b0d24b97b53a7add5c373fe34cd95f26a39102IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers. Revision 2 of this document. This revision includes, among other things, a discussion of possible issues with SEND as a result of IPv6 fragmentation.
a8b7a492cc8ab102f8884547a7f042ea0e94a1cdbbad648050eb655bf675f524Zero Day Initiative Advisory 12-014 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Easy Printer Care. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XMLSimpleAccessor ActiveX control (CLSID: {466576F3-19B6-4FF1-BD48-3E0E1BFB96E9}). By passing an overlong string to the LoadXML() method it is possible to trigger a heap corruption vulnerability. A remote attacker could exploit this vulnerability to execute arbitrary code on the affected machine under the context of the user running the Internet Explorer process.
4c0d8147a4cc744a03c4b805f15c9dfd3c1b87e71dd48d95d2810e446ce52c6dSecunia Security Advisory - Debian has issued an update for simplesamlphp. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
6d7eb642daeacb6ca0942b0fb1684649efe39f9b366409093fd051b19008a400Debian Linux Security Advisory 2387-1 - timtai1 discovered that simpleSAMLphp, an authentication and federation platform, is vulnerable to a cross site scripting attack, allowing a remote attacker to access sensitive client data.
dba38192c60bbaba03f0230ef3e7b91379f06487b5b433975eadf001840ec3b6Secunia Security Advisory - Two vulnerabilities have been discovered in SimpleSAMLphp, which can be exploited by malicious people to conduct cross-site scripting attacks.
47678fad5d00de27a5aec416e06011b6a9cb05b6cfca70c7977c8bdfff7ab8a1Secunia Security Advisory - A vulnerability has been discovered in the Simple File Upload module for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.
204594a150746f2316abf9eb9e42b1d4dbf56255224c2d87bbe8c7141d4ce73cTechnitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine.
c52fde9a3517d2d95b182f5a532a23fa0f13f2c771598819114293b01e59681dThe Joomla Simple File Upload component version 1.3 suffers from a remote code execution vulnerability.
805ef7cfd9b8a1d4ba413bccf67b38b7c55142606663af6ab35e092bc08e9e50Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.
22120de712844b5d89a3f2924964c16cc86f96f2156ace7c3f551bd0d713c94bSecunia Security Advisory - mghack has discovered two vulnerabilities in Simple PHP Blog, which can be exploited by malicious people to conduct cross-site scripting attacks.
e86ed32731f61f3f3a617047af8628440303b1c15b1d3bc288b49bace22f3a00GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
811c2fb46dd1d162a18cfd4f8e8352de65199ff66c44e73b15a18b924fc53857Simple Machines Forum versions 2.0.1 and below remote SQL injection and privilege escalation exploit.
086c3cf9ec21d8c9e9a80a59c0f0dc1702873c6613db1b5fc590c2942b519083Whitepaper called Web Backdoors - Attack, Evasion and Detection. This paper provides insight on common web back doors and how simple manipulations could make them undetectable by AV and other security suits. It explains a few techniques that could be used to render undetectable and unnoticed backdoors inside web applications.
b1a5cd53ac0ba93fa6ae8a95e647a33652ee817065946819d8fc813efa6fdce6SopCast is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. Version 3.4.7.45585 is affected.
1715697722899e506bb604c388d1147e954711b184bb29cf08b590d58ca98864Manx version 1.0.1 suffers from a directory traversal vulnerability in simplexml_load_file().
254006fee143eb3cea57e5edc7813044af7f110d985f7ea806576e3cecc3af51ARP Toxin is a simple Perl script designed to ARP poison a host on the LAN. It uses Nemesis as a packet crafting tool to create and send the ARP packets. It is NOT original code, merely a slightly improved version of the sample arpredirect script from the book "Hacking: The Art of Exploitation". This variant allows one to set their own poisoning interval and interface to poison on.
aaa815740a2967208c32389034fd22ddc713b8769ad0c27475d119c8fbeb276dSecunia Security Advisory - A vulnerability has been discovered in CMS Made Simple, which can be exploited by malicious people to bypass certain security restrictions.
c53c1628b4fa61f6744a975aa78cfee0cf4782c9bc44f8feb58344022be45930Secunia Security Advisory - Rodolfo H-Baz has discovered a vulnerability in Gerd Tentler SimpleForum, which can be exploited by malicious people to conduct cross-site scripting attacks.
bbca6ce7c7db8f6cf8a960d3894afa71dba668ddeb3679055acebe100ce2bacbLFI Fuzzploit is a simple tool to help in the fuzzing for, finding, and exploiting of local file inclusion vulnerabilities in Linux-based PHP applications. Using special encoding and fuzzing techniques, lfi_fuzzploit will scan for some known and some not so known LFI filter bypasses and exploits using some advanced encoding/bypass methods to try to bypass security and achieve its goal which is ultimately, exploiting a local file inclusion.
164c07ad86594aa9bfe0936cec79654856d45223f5354927c0eba3f0fca68942
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed