what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

Epic Games Rocket League 1.95 Insecure Permissions
Posted May 3, 2021
Authored by LiquidWorm | Site zeroscience.mk

Epic Games Rocket League versions 1.95 and below suffer from an insecure permissions vulnerability.

tags | exploit
MD5 | 9ed5a4f67cb00f02b0ffb67ded384d2c

Related Files

Epic Games Rocket League 1.95 Stack Buffer Overrun
Posted May 3, 2021
Authored by LiquidWorm | Site zeroscience.mk

Epic Games Rocket League version 1.95 suffers from a stack-based buffer overflow vulnerability. The issue is caused due to a boundary error in the processing of a UPK format file, which can be exploited to cause a stack buffer overflow when a user crafts the file with a large array of bytes inserted in the vicinity offset after the magic header. Successful exploitation could allow execution of arbitrary code on the affected machine.

tags | exploit, overflow, arbitrary
MD5 | ba2e463a8ce18d40968287a8781e6309
Golden Frieza
Posted Mar 3, 2020
Authored by redtimmysec

Imagine finding yourself in a "hostile" environment, one where you cannot run exploits, tools, and applications without worrying about prying eyes spying on you, be they a legitimate system administrator, a colleague sharing an access with you or a software solution that scans the machine you are logged in to for malicious files. Your binary should live in encrypted form in the filesystem so that no static analysis would be possible even if identified and copied somewhere else. It should be only decrypted on the fly in memory when executed, so preventing dynamic analysis too, unless the decryption key is known. To experiment with such an idea Red Timmy Sec have created the "golden frieza" project.

tags | tool
systems | unix
MD5 | 366f23cd679fa95715eb2ce109400d3f
Joomla JoomLeague 2.x Database Disclosure / SQL Injection
Posted Feb 5, 2019
Authored by KingSkrupellos

Joomla JoomLeague component version 2.x suffers from database disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 6681d25f45fcae62008771934b0df4a1
HITBSecConf2018PEK Call For CTF
Posted Sep 20, 2018
Authored by Hafez Kamal | Site conference.hitb.org

JD-HITB2018 Beijing CTF plus Finals of the 4th XCTF International League (XCTF Finals 2018) will take place on the 1st and 2nd of November alongside the first-ever HITB Security Conference in Beijing! Participate and stand a chance to win cash prizes worth up to USD 2000.

tags | paper, conference
MD5 | feafb7a6a6dfc34b9699bd3d3b51fe09
Riot Games League Of Legends Insecure File Permissions Privilege Escalation
Posted Jun 13, 2016
Authored by Cyril Vallicari

Riot Games League of Legends suffers from an insecure file permissions privilege escalation vulnerability.

tags | exploit
MD5 | bc24c95ffaef9fd40d756555071e83cc
League Of Legends Screensaver Unquoted Service Path Privilege Escalation
Posted Jun 7, 2016
Authored by Vincent Yiu

The League of Legends installer would install the League of Legends screensaver along with a service. The service would be called 'lolscreensaver'. This particular service was misconfigured such that the service binary path was unquoted. When the screensaver is installed to 'C:\Riot Games', the issue is not exploitable. However, during the installation process, users are able to specify a directory to install to. When a user chooses to install this to say an external drive, this becomes exploitable.

tags | exploit
MD5 | 662c1c0e79ec1589ad0d5575ffef39d5
League Of Legends Screensaver File Permission Privilege Escalation
Posted Jun 7, 2016
Authored by Vincent Yiu

The League of Legends screensaver was installed with insecure file permissions. It was found that all folder and file permissions were incorrectly configured during installation. It was possible to replace the service binary.

tags | exploit
MD5 | d139f9b4753c1faef4f2d8d39a6a5f48
WordPress LeagueManager 3.9.11 SQL Injection
Posted Jun 2, 2015
Authored by javabudd

WordPress LeagueManager plugin version 3.9.11 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b00911f7550643a951bd6b1513fefaa9
Joomla JoomLeague 2.1.12 XSS / XML Injection
Posted Feb 24, 2014
Authored by MustLive

Joomla JoomLeague plugin version 2.1.12 suffers from cross site scripting and XML injection vulnerabilities.

tags | exploit, vulnerability, xss, xxe
MD5 | 9075dcd10d8194a9b5609bf9177604bf
Joomla Joomleague Shell Upload
Posted Oct 31, 2013
Authored by wantexz

Joomla Joomleague component suffers from a remote shell upload vulnerability due to having Open Flash Chart included.

tags | exploit, remote, shell
MD5 | 301ddfd28f2d844d15515554732a5d5b
WordPress LeagueManager 3.8 SQL Injection
Posted Mar 15, 2013
Authored by Joshua Reynolds | Site infosec4breakfast.com

WordPress LeagueManager plugin version 3.8 suffers from a remote SQL injection vulnerability. Both an exploit along with patching recommendations are provided.

tags | exploit, remote, sql injection
advisories | CVE-2013-1852
MD5 | 482d98f460f251d5f3a553a878f966df
Secunia Security Advisory 49949
Posted Jul 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in the LeagueManager plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 3b646bceb7e62607f51680f9e3b9908e
WordPress LeagueManager 3.7 Cross Site Scripting
Posted May 15, 2012
Authored by Heine Pedersen, Torben Jensen

WordPress LeagueManager plugin version 3.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a798e717ae1b0c5219df562d712004b8
Joomla Bearleague SQL Injection
Posted Apr 11, 2012
Authored by xDarkSton3x

The Joomla Bearleague component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | febefa16693396ef43efb94a14bcae88
ESTsoft ALPlayer 2.0 ASX Playlist File Handling Buffer Overflow
Posted Jul 7, 2011
Authored by LiquidWorm | Site zeroscience.mk

ESTsoft ALPlayer version 2.0 suffers from a buffer overflow vulnerability. It is caused due to a boundary error in the processing of a playlist file, which can be exploited to cause a stack-based buffer overflow when a user opens e.g. a specially crafted .asx file. Successful exploitation may allow execution of arbitrary code.

tags | exploit, overflow, arbitrary
systems | linux
MD5 | d4de01988901ed58ed438a72b179821a
Valve Steam Client Application v1559/1559 Local Privilege Escalation
Posted Jun 29, 2011
Authored by LiquidWorm | Site zeroscience.mk

Valve Steam Client Application version 1.0.968.628 is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice.

tags | exploit
MD5 | a520359ea1a44ddeefdb6d50fcde3fdb
NetServe Web Server 1.0.58 XSS / RFI / Denial Of Service
Posted Jun 24, 2011
Authored by LiquidWorm | Site zeroscience.mk

NetServe Web Server version 1.0.58 suffers from denial of service, cross site scripting, various inclusion vulnerabilities and more.

tags | advisory, web, denial of service, vulnerability, xss
MD5 | 5ade5c26e88f7c83b40dce3c0e313857
Sitemagic CMS 2010.04.17 Cross Site Scripting
Posted Jun 21, 2011
Authored by LiquidWorm | Site zeroscience.mk

Sitemagic CMS suffers from a XSS vulnerability when parsing user input to the 'SMExt' parameter via GET method in 'index.php'. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, php
MD5 | 987fc3343b09d074a6561ab2ebf89411
Pacer Edition CMS 2.1 Local File Inclusion
Posted Jun 10, 2011
Authored by LiquidWorm | Site zeroscience.mk

Pacer Edition CMS version 2.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | e61bf8d70ffa20ede22f63943e958822
Pacer Edition CMS 2.1 Cross Site Scripting
Posted Jun 9, 2011
Authored by LiquidWorm | Site zeroscience.mk

Pacer Edition CMS suffers from a cross site scripting vulnerability when parsing user input to the 'email' parameter via POST method in 'admin/login/forgot/index.php'.

tags | exploit, php, xss
MD5 | 04332a8f5d83ca9a9cb3c22f9e157535
Pacer Edition CMS 2.1 Arbitrary File Deletion
Posted Jun 9, 2011
Authored by LiquidWorm | Site zeroscience.mk

Pacer Edition CMS version 2.1 remote arbitrary file deletion exploit.

tags | exploit, remote, arbitrary
MD5 | 6fa7455280f7689c775c516c148f3048
Ushahidi 2.0.1 SQL Injection
Posted Jun 3, 2011
Authored by LiquidWorm | Site zeroscience.mk

Ushahidi version 2.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f7817241e90581c32857dfbf3c4ab8ce
Kentico CMS 5.5R2.23 Cross Site Scripting
Posted May 31, 2011
Authored by LiquidWorm | Site zeroscience.mk

Kentico CMS versions 5.5R22.23 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c22edd73b708209a777319388b6c9d45
Tugux CMS 1.2 XSS / LFI / SQL Injection / URL Redirection
Posted May 22, 2011
Authored by LiquidWorm | Site zeroscience.mk

Tugux CMS version 1.2 suffers from cross site scripting, local file inclusion, url redirection, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
MD5 | 4d84b690e0283966c598d642bea39a0c
Adobe Audition 3.0 (build 7283) Session File Handling Buffer Overflow
Posted May 13, 2011
Authored by LiquidWorm | Site zeroscience.mk

Adobe Audition version 3.0 build 7238 suffers from a buffer overflow vulnerability when dealing with .SES (session) format file. The application fails to sanitize the user input resulting in a memory corruption, overwriting several memory registers which can aid the attacker to gain the power of executing arbitrary code or denial of service.

tags | exploit, denial of service, overflow, arbitrary
advisories | CVE-2011-0614
MD5 | 5b0ff81d1ed5d009189dc22e128606db
Page 1 of 4
Back1234Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    27 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    0 Files
  • 10
    May 10th
    0 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close