exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Cobian Backup 0.9 Unquoted Service Path
Posted Mar 9, 2022
Authored by Hejap Zairy

Cobian Backup version 0.9 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | f0bf3d93128d4111e4fcc98ebc30a520e09f6821cff02b23d579346e6223949a

Related Files

School Management System 1.0 Password / Backup Disclosure
Posted Aug 9, 2012
Authored by L0n3ly-H34rT

School Management System version 1.0 suffers from credential and backup disclosure vulnerabilities.

tags | exploit, vulnerability, sql injection
SHA-256 | dcd6e7efec0c1c07843a6cda9e11b3a70482acc597fbec31ecdb5d6efaede187
Secunia Security Advisory 50038
Posted Jul 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Backup plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 6b4a37496d31b5c1b7f3cee1e92d985a1f93ecad92957af11b3a066fcba37f53
Secunia Security Advisory 50033
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Symantec Backup Exec System Recovery 2010 and Symantec System Recovery 2011, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 719ab45fb3798af57f8e7d371b3ae750c366e6981150628cb7b629e5f296e755
Secunia Security Advisory 49884
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged two vulnerabilities in Oracle Secure Backup, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | bce8679ddc9a4f688adca7c6930dd9d306957ee6a3a0e9233c1ee663850e1bdd
Forensic Analysis Of iPhone Backups
Posted Jul 12, 2012
Authored by Satish Bommisetty

This article explains the technical procedure and challenges involved in extracting data and artifacts from iPhone backups.

tags | paper
systems | apple, iphone
SHA-256 | 91d87e6d4d62c26dfb2d234b849782b8cc383017bef870f2d1f7066ccb41ab9f
phpMyBackupPro 2.2 Local File Inclusion
Posted Jul 3, 2012
Authored by dun

phpMyBackupPro versions 2.2 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 166b21bdc9185f708bd036262f1a876d4441fdd2ba9d32aff7948aae343ed8f3
Astaro Security Gateway Cross Site Scripting
Posted Jun 12, 2012
Authored by Julien Ahrens

Astaro Security Gateway suffers from a backup related cross site scripting vulnerability. Version 8.304 is affected.

tags | advisory, xss
advisories | CVE-2012-3238
SHA-256 | 30eadf9f0efee1d3942c913ec214043f8d8064e76bff3708ef9b6013b88ed5e6
Samsung NET-i viewer Multiple ActiveX BackupToAvi() Remote Overflow
Posted Jun 7, 2012
Authored by Luigi Auriemma, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability in the CNC_Ctrl.dll ActiveX installed with the Samsung NET-i viewer 1.37. Specifically, when supplying a long string for the fname parameter to the BackupToAvi method, an integer overflow occurs, which leads to a posterior buffer overflow due to the use of memcpy with an incorrect size, resulting in remote code execution under the context of the user.

tags | exploit, remote, overflow, code execution, activex
advisories | OSVDB-81453
SHA-256 | 03a28d9b585a04552b2af08e30b7a0771b1cda34693418914dcb8507b373570a
Yamamah 1.1.0 Database Disclosure
Posted May 28, 2012
Authored by L3b-r1'z

Yamamah version 1.1.0 suffers from a database backup download vulnerability.

tags | exploit, info disclosure
SHA-256 | 9ba02db21a83e5a8efab01c2d4243ac6d3bea9948f0e4020890e7d14d7469e10
PHPCollab 2.5 Database Backup Disclosure
Posted May 23, 2012
Authored by team ' and 1=1--

PHPCollab version 2.5 suffers from an unauthenticated database backup download vulnerability.

tags | exploit, info disclosure
SHA-256 | 9a46856d1ef2f65839de2f080ba3af5ea42fd6478ae04438b9ce383fffe5a549
Red Hat Security Advisory 2012-0677-01
Posted May 22, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0677-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. CREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0866, CVE-2012-0868
SHA-256 | 99eb758e26ad01db7e3e088f497dd8ec98005e8f4fdef7cb43e51787e609733a
Red Hat Security Advisory 2012-0678-01
Posted May 22, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0678-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. When configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
SHA-256 | a11a5493acd610cf7f4bfdc27b2eba1d9d44ea753011012d38733b38292f077e
Ubuntu Security Notice USN-1444-1
Posted May 18, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1444-1 - It was discovered that BackupPC did not properly sanitize its input when processing RestoreFile error messages, resulting in a cross-site scripting (XSS) vulnerability. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

tags | advisory, remote, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2011-5081
SHA-256 | 359bdbb94093049e72426ec798a95cfc4d4baea1ae5e0d2cd86c4ac125e3c152
Secunia Security Advisory 49213
Posted May 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for backuppc. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | linux, ubuntu
SHA-256 | 0477d553c82d01faf038d24e0d50cb626ac4bc793d87b6d5543a6a1fa47fa199
Artiphp CMS 5.5.0 Database Backup Disclosure
Posted May 17, 2012
Authored by LiquidWorm | Site zeroscience.mk

Artiphp CMS version 5.5.0 suffers from a database backup disclosure vulnerability.

tags | exploit
SHA-256 | 2d47b6d911592d5ad10e5f9ed6aee5747555241f52f6549700cf57ce4a15e301
SiliSoftware backupDB() 1.2.7a Cross Site Scripting
Posted May 17, 2012
Authored by LiquidWorm | Site zeroscience.mk

SiliSoftware backupDB() version 1.2.7a suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 93a38f800fc0a877b5be79911d049e6102a1c97585507571023aa77665e09f5f
WordPress EZPZ One Click Backup 12.03.10 Cross Site Scripting
Posted May 15, 2012
Authored by Heine Pedersen, Torben Jensen

WordPress EZPZ One ClickBackup plugin version 12.03.10 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 79c742d1b7e496c6787ee0d11f626162420814637259bd233afc4483a39c0e96
ManageEngine Support Center Plus 7903 XSS / SQL Injection
Posted Apr 15, 2012
Authored by xistence

ManageEngine Support Center Plus versions 7903 and below suffer from backup related, unauthorized access, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 00f2539984dab23c36d58c4e258af76a9f0554b23a8e7f3047e20d3d1a2fd7a1
Dolibarr ERP & CRM 3 Post-Auth OS Command Injection
Posted Apr 10, 2012
Authored by Nahuel Grisolia, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in Dolibarr ERP/CRM's backup feature. This software is used to manage a company's business information such as contacts, invoices, orders, stocks, agenda, etc. When processing a database backup request, the export.php function does not check the input given to the sql_compat parameter, which allows a remote authenticated attacker to inject system commands into it, and then gain arbitrary code execution.

tags | exploit, remote, arbitrary, php, code execution
SHA-256 | f473f9176eddcff3e9c592e1ef0bfc7d0a0e762392a39abfb965fb4ca8ee9b22
Seditio 165 Cross Site Request Forgery / Backup Disclosure
Posted Apr 9, 2012
Authored by Akastep

Seditio version 165 suffers from backup disclosure and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 5960cd105a7a7f241b28be92c2caf2fb8fc300ccc5aa6c11a5a691fd0b93b28f
GetSimple 3.1 Shell Upload / Disclosure
Posted Mar 30, 2012
Authored by KedAns-Dz

GetSimple version 3.1 suffers from backup download and shell upload vulnerabilities.

tags | exploit, shell, vulnerability
SHA-256 | 6d7e6bb2dc03c8ee708abf9ebd0c5acdb49191acb3f9a1b447a52889d00c3574
Secunia Security Advisory 48459
Posted Mar 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in CA ARCserve Backup, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | f85e0254d2b43b412e29c17b1b32aec8f472880b881421fd83785da62f108276
CA ARCserve Backup Denial Of Service
Posted Mar 21, 2012
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies Support is alerting customers to a potential risk with CA ARCserve Backup for Windows. A vulnerability exists that can allow a remote attacker to cause a denial of service condition. CA Technologies has issued fixes to address the vulnerability. The vulnerability occurs due to insufficient validation of certain network requests. An attacker can potentially use the vulnerability to disable network services.

tags | advisory, remote, denial of service
systems | windows
advisories | CVE-2012-1662
SHA-256 | f6cc7aa2a2c098a2e8ed419d61aa4d65e98cc20b7bdc4c73e4cfe07ba7fc117b
Novatel MiFi 2352 Access Bypass
Posted Mar 20, 2012
Authored by Alejandro Ramos

Novatel MiFi 2352 suffers from a direct access to backup file vulnerability.

tags | exploit, bypass
SHA-256 | 80873992662c38a0eb7c7a2ddb405fe7d26b936847457fbc64bc052df6d43d34
Secunia Security Advisory 47594
Posted Jan 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the myEASYbackup plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | ccf2dfb4cf2ee9066cd2e28412fc42b58bcc6ae0a7f21fb5600a232b39fe4185
Page 1 of 4
Back1234Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close