what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

Sipwise C5 NGCP CSC Cross Site Request Forgery
Posted Apr 23, 2021
Authored by LiquidWorm | Site zeroscience.mk

The Sipwise application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Versions affected include CE_m39.3.1 and below and NGCP www_admin version 3.6.7.

tags | exploit, web
advisories | CVE-2021-31584
SHA-256 | 7af65ecb81ce4b4c1a3d5b2e77c78c1b93a601f5b442985ac77bb97f00dc5731

Related Files

Family Connections CMS 2.3.2 XSS / XML Injection
Posted Mar 25, 2011
Authored by LiquidWorm | Site zeroscience.mk

Family Connections CMS version 2.3.2 suffers from stored cross site scripting and XML injection vulnerabilities.

tags | exploit, vulnerability, xss, xxe
SHA-256 | 560b3b3d4d08ff3156aae5a09cf91b31f8fe7ef39a5cb6cabff71d7f147a2fbf
Microsoft Source Code Analyzer For SQL Injection 1.3 Improper Permissions
Posted Mar 16, 2011
Authored by LiquidWorm | Site zeroscience.mk

Microsoft Source Code Analyzer for SQL Injection is a static code analysis tool for finding SQL Injection vulnerabilities in ASP code. The package suffers from an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exists due to the improper permissions, with the "C" flag (Change(write)) for the "Everyone" group, for the binary file msscasi_asp.exe and the package itself, msscasi_asp_pkg.exe.

tags | exploit, vulnerability, sql injection, asp
SHA-256 | 985f1b8a0c9c7170bfff235022459884dade76cc7504b5ccb7d597a030b5d2e8
Pointter PHP CMS 1.2 LFI / XSS / SQL Injection
Posted Mar 16, 2011
Authored by LiquidWorm | Site zeroscience.mk

Pointter PHP CMS version 1.2 suffers from cross site scripting, local file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, php, vulnerability, xss, sql injection, file inclusion
SHA-256 | 9576e04112b662072178f9e55b2f30889f73467a6b27a79f96dc6bffd32f2b9b
Constructr CMS 3.03.0 Cross Site Scripting / SQL Injection
Posted Mar 11, 2011
Authored by LiquidWorm | Site zeroscience.mk

Constructr CMS version 3.03 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | a4224d4b86b1a571f0f86d7e8a69d82fa301a58aad20b4eff53030bccf77f96d
eXPert PDF Reader 4.0 NULL Pointer Dereference / Heap Corruption
Posted Feb 26, 2011
Authored by LiquidWorm | Site zeroscience.mk

eXPert PDF Reader version 4.0 suffers from a NULL pointer dereference and heap corruption denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 290623376432a2f10c80421fb38a2d32682190ff9321dac7e355092b1f5512ff
Nitro PDF Reader 1.4.0 Heap Corruption
Posted Feb 26, 2011
Authored by LiquidWorm | Site zeroscience.mk

Nitro PDF Reader version 1.4.0 remote heap memory corruption proof of concept denial of service exploit and advisory.

tags | exploit, remote, denial of service, proof of concept
systems | linux
SHA-256 | 6f7251db7965fc6a2cb851fe9fe21e4f69d15e09dae81c217b971fb2bc6b0484
Elecard MPEG Player 5.7 Buffer Overflow
Posted Feb 24, 2011
Authored by badc0re

Elecard MPEG Player version 5.7 local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | e924badb6b079b6080a73804ebae6bfddae61d8bb4d1cbcdd18b7b2f41db3392
WinMerge 2.12.4 Stack Overflow
Posted Feb 22, 2011
Authored by LiquidWorm | Site zeroscience.mk

WinMerge version 2.12.4 project file handling stack overflow exploit.

tags | exploit, overflow
SHA-256 | a90d518f4b58a2d90381a86b1328947e877d00adeda5abb3f18c2dbec603cfa5
phpBugTracker 1.0.5 Cross Site Scripting
Posted Feb 18, 2011
Authored by LiquidWorm | Site zeroscience.mk

phpBugTracker version 1.0.5 suffers from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | e653f2dcaa267e5788cce847b1b903fcb155cef35150ac6fd4a767c3f855861d
GAzie 5.10 Cross Site Scripting / SQL Injection
Posted Feb 17, 2011
Authored by LiquidWorm | Site zeroscience.mk

GAzie version 5.10 suffers from cross site scripting and remote SQL injection vulnerabilities in the login_admin.php script.

tags | exploit, remote, php, vulnerability, xss, sql injection
SHA-256 | ead13b30d80bb3f7501f40846fd76e17b90bc050e548377ff399f21d2a1dece6
AutoPlay 1.33 Buffer Overflow
Posted Feb 15, 2011
Authored by badc0re | Site zeroscience.mk

AutoPlay version 1.33 local buffer overflow exploit that creates a malicious autoplay.ini file.

tags | exploit, overflow, local
SHA-256 | 3d6ec4b37f5393ccc419eac3e4e7edbdd77b47c7d203d69da6130e06a397a565
MG2 0.5.1 Cross Site Scripting
Posted Feb 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

MG2 version 0.5.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d9e1492757a88b8aae40695552fa07b4741b360277a7016b7540c93273f43c48
Pixelpost 1.7.3 SQL Injection
Posted Feb 11, 2011
Authored by LiquidWorm | Site zeroscience.mk

Pixelpost is vulnerable to an SQL Injection attack when input is passed to several POST parameters (findfid, id, selectfcat, selectfmon, selectftag). The script (admin/index.php) fails to properly sanitize the input before being returned to the user allowing the attacker to compromise the entire DB system and view sensitive information. Version 1.7.3 is affected.

tags | exploit, php, sql injection
SHA-256 | 058b005df3b48a0a2f6526e2d72d4ad64a02ed8dbdd5a5eeac880138515851eb
Oracle MySQL Eventum 2.3 Cross Site Scripting
Posted Feb 11, 2011
Authored by LiquidWorm | Site zeroscience.mk

Oracle MySQL Eventum versions 2.2 and 2.3 suffer from cross site scripting and script insertion vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | b8ee58ea46776bf446728edd538964f323d61acaa892fd2e07c381ecb17a66c4
Pixelpost 1.7.3 Cross Site Scripting
Posted Feb 11, 2011
Authored by LiquidWorm | Site zeroscience.mk

Pixelpost version 1.7.3 suffers multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | fcc972c67a58e71be958caa6666fcacbebf4d166d7acba0ba6ff664163a286c6
TaskFreak! 0.6.4 Cross Site Scripting
Posted Feb 11, 2011
Authored by LiquidWorm | Site zeroscience.mk

TaskFreak! version 0.6.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d4a82eb8408d5ef509ea24f2ea5421f7b3a38bce8f7fc498a71d10bc4d78a3b1
CultBooking 2.0.4 Local File Inclusion
Posted Jan 24, 2011
Authored by LiquidWorm | Site zeroscience.mk

CultBooking version 2.0.4 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 24bcdd6125c7cc4b3d51be8dee944fb8ce491872476affee2bd28200a712e6f8
CultBooking 2.0.4 Cross Site Scripting
Posted Jan 24, 2011
Authored by LiquidWorm | Site zeroscience.mk

CultBooking version 2.0.4 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 24e1154c89c42c178796c636bb67c5e08c8ad7b7e1f4211c0ba0b0ae79186a25
Embedthis Appweb Web Server 3.2.2-1 Cross Site Scripting
Posted Dec 25, 2010
Authored by LiquidWorm | Site zeroscience.mk

Embedthis Appweb Web Server version 3.2.2-1 suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
SHA-256 | 3bf0eb7266128b20d987e0ca5fdc2ac3b08bde1c94aa4b5000b8e3bb3f0ca62a
MantisBT 1.2.3 Cross Site Scripting / Path Disclosure
Posted Dec 15, 2010
Authored by LiquidWorm | Site zeroscience.mk

MantisBT versions 1.2.3 and below suffer from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 18a95d91ab5662bc9da22edd42c6085d143c012493617b0a9f216e4bbb8cd78e
MantisBT 1.2.3 Local File Inclusion
Posted Dec 15, 2010
Authored by LiquidWorm | Site zeroscience.mk

MantisBT versions 1.2.3 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | abf8514ede0418cc0812ff5542f8637869d485480ee17472e692434df0836263
MODx Revolution CMS Cross Site Scripting
Posted Dec 6, 2010
Authored by LiquidWorm | Site zeroscience.mk

MODx Revolution CMS version 2.0.4-pl2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ee4eae9c7c2d3ad655590094df23afa0c31e8588b46ce611a9158231283e7fd9
Native Instruments Service Center 2.2.5 Local Privilege Escalation
Posted Nov 20, 2010
Authored by LiquidWorm | Site zeroscience.mk

Native Instruments Service Center version 2.2.5 suffers from a local privilege escalation vulnerability.

tags | advisory, local
SHA-256 | 17003a3d3ba0281c940bdee33302d7f863117f4222be5fa9fc977e0d2d38b948
Native Instruments Massive 1.1.4 KSD File Handling Use-After-Free
Posted Nov 20, 2010
Authored by LiquidWorm | Site zeroscience.mk

Native Instruments Massive version 1.1.4 suffers from a KSD file handling use-after-free vulnerability.

tags | exploit
SHA-256 | c2b308fa8e87b18b73cb43c68ad32dee80d98ad144657ee759f5045112df0d0f
Kontakt 4 Player NKI File Syntactic Analysis Buffer Overflow
Posted Nov 20, 2010
Authored by LiquidWorm | Site zeroscience.mk

Native Instruments Kontakt 4 Player NKI File Syntactic Analysis buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | 70713be9f719b9fb02eb8d297e9b7609df428c484244c571482402333e7b586f
Page 3 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close