what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

KLiK Social Media Website 1.0 SQL Injection
Posted Apr 7, 2022
Authored by corpse

KLiK Social Media Website version 1.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 42db3e1dcbece0790bfbc86196de7c1c2969cdbeda431ac35150f2aacb2fa233

Related Files

Entropy Broker RNG 1.0.1
Posted Aug 14, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: This is an important bugfix release. This version replaces the ivec initializer code with something more sensible.
tags | encryption
systems | linux
SHA-256 | e505291a3ada9f1ba3928113fa70f9f79bfc771b2fe8e20560d612d5c64beb5b
Ubuntu Security Notice USN-1524-1
Posted Aug 9, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1524-1 - A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2011-3046, CVE-2011-3050, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3078, CVE-2012-0672, CVE-2012-3615, CVE-2012-3655, CVE-2012-3656, CVE-2012-3680
SHA-256 | cbaae6919431428ce28f0525f8b4610c12e3488e31906a3c083d3654bfca78e3
VMware Vendor Service Cross Site Scripting
Posted Aug 7, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

VMware's vendor website service application suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 97fea96f5c77623458d932b5ee192d04609a250f496344ae5ccebf8f7fa24694
Entropy Broker RNG 1.0
Posted Aug 7, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: EGD client now fully implements the EGD protocol. A network protocol fix was implemented.
tags | encryption
systems | linux
SHA-256 | 76ca25d4f7c84938b67595662b7b2a2ccc1f026c5fd38878da67d399c829206c
Entropy Broker RNG 0.9
Posted Jul 26, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: video4linux server is now compatible with video4linux2. It will now dump and restore the pool-contents.
tags | tool, encryption
systems | linux
SHA-256 | 1256b9eabb591bfe6735cfcd5b31fafece6cca0028f6df1894bd805070ba6d45
Secunia Security Advisory 49944
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in Website Baker, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 812f7e6ac436b9632527657040337ad9b0111c7fe1ae639be5352578bcfcc347
Secunia Security Advisory 49813
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in WebsitePanel, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | 1b22ddae90dea114d9c07c5bccf01976d5ca97c72c731e6d0c71dd91ad3e6b46
WebsitePanel CMS Open Redirect
Posted Jul 8, 2012
Authored by Anastasios Monachos

WebsitePanel CMS versions prior to 1.2.2.1 suffer from an open redirection vulnerability.

tags | exploit
SHA-256 | f3d18a3cdffa39c307617de82222186276ef53444e6663c5f876e672f7f6a760
Secunia Security Advisory 49682
Posted Jun 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Website FAQ plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | c8e9fb5283788ed22bbefb1180a07cfcfa306903014b65a7c20726ab8fc2aaec
WordPress Website FAQ 1.0 SQL Injection
Posted Jun 26, 2012
Authored by Chris Kellum

WordPress Website FAQ plugin version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 194080a9c6d560ac3dd0cf6014d77cc563bfbf371d95c99fbee6c22e24ceed4e
Secunia Security Advisory 49623
Posted Jun 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in PD E-Store, PD Companies Website, and PD Cars Gallery, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 2244b71d090be6d3e6136e22f4d02a153cabe43c6a595615f77fc09b2d72070c
Opera 11.61 URL Spoof
Posted Jun 14, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered that Opera versions 11.61 and below suffer from a website spoofing vulnerability.

tags | advisory, spoof
advisories | CVE-2012-3560
SHA-256 | 50da669bf3824d6c802a70da8d221a4f3190ef60b1128133a28548f02da68d04
TOR Virtual Network Tunneling Tool 0.2.2.37
Posted Jun 14, 2012
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release introduces a workaround for a critical renegotiation bug in OpenSSL 1.0.1 (20% of the Tor network can't talk to itself currently).
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | ae2c1fb52babd9e92264ac7c4486d3e941be6deb91b8a590965848fbbcbd9e88
Marco Valentino SQL Injection
Posted Jun 14, 2012
Authored by Taurus Omar

Websites designed by Marco Valentino appears susceptible to remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | cfe8383e708270f8806f14e704993616f1e3ad197fc401073cc7f2bcb946f30c
Apple Security Advisory 2012-06-11-1
Posted Jun 12, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-06-11-1 - iTunes 10.6.3 is now available and addresses multiple issues. Importing a maliciously crafted .m3u playlist may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of .m3u playlists. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in WebKit.

tags | advisory, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2012-0677, CVE-2012-0672
SHA-256 | 644c91fc8758a15b827d4bc4a159391a534dc99616a262e6926d0a05f89dab42
TOR Virtual Network Tunneling Tool 0.2.2.36
Posted Jun 7, 2012
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release updates the addresses for two of the eight directory authorities, fixes some potential anonymity and security issues, and fixes several crash bugs. Tor 0.2.1.x has reached its end-of-life. Those Tor versions have many known flaws, and nobody should be using them. You should upgrade. If you're using a Linux or BSD distribution and its packages are obsolete, stop using those packages and upgrade anyway.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2011-4576
SHA-256 | 0e57e6e7dbc98aaa1b458ba745dac9fb19ed3ef59e4251d98de02068723148db
Apple Security Advisory 2012-05-14-2
Posted May 15, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-05-14-2 - This update disables Adobe Flash Player if it is older than 10.1.102.64 by moving its files to a new directory. This update presents the option to install an updated version of Flash Player from the Adobe website.

tags | advisory
systems | apple
SHA-256 | a18bf4afd49f0790a7800f00c7179cc923a3890a42c7c396c63645d35c123d0d
Debian Security Advisory 2461-1
Posted Apr 26, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2461-1 - Several vulnerabilities have been found in SPIP, a website engine for publishing, resulting in cross-site scripting, script code injection and bypass of restrictions.

tags | advisory, vulnerability, xss
systems | linux, debian
SHA-256 | 941b8db73cd0a3d9a9f385427725bfc3917123f727aded12a6b4fbeeda06ba25
Website Design Cardiff SQL Injection
Posted Apr 24, 2012
Authored by Th4 MasK

Website Deisgn Cardiff suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9fb16c16ea10f1e8ab6415d84c27188754c2862797de36e6bc36d57da8055092
School Website Solutions Cross Site Scripting
Posted Apr 23, 2012

School Website Solutions suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 80af71695150018fd717350d968e6d200dcb7528844b325608fb32140f234a4d
Website Toolbox Cross Site Scripting
Posted Apr 19, 2012
Authored by Sony

Website Toolbox suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | bb49d6ec4df7be34d84a089474fa9edf0da0923e8ea931012b8ad628b799607e
Microsoft AFKAR Website Service Cross Site Scripting
Posted Apr 14, 2012
Authored by Mohd. Shadab Siddiqui, Vulnerability Laboratory | Site vulnerability-lab.com

Microsoft AFKAR Website Service suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | cdac195bdfb2422d08724e204a5b99b9d43b9d66f36be52d7f948f02c6089435
Oracle Service Applications SQL Injection
Posted Apr 12, 2012
Authored by Mohd. Shadab Siddiqui, Vulnerability Laboratory | Site vulnerability-lab.com

Various Oracle websites appear to suffer from blind SQL injection vulnerabilities. A cross site scripting issue also exists.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | c84df9781055fd52a22321f022e6e8331e5acbf26ea03af8ba9a8d181cd80877
PcwRunAs 0.4 Password Obfuscation Design Flaw
Posted Mar 26, 2012
Authored by otr

The PcwRunAs software available from the PC-Welt website is prone to a trivial password recovery attack that allows local users to obtain passwords encrypted with the pcwRunAsGui.exe. pcwRunAs versions 0.4 and below are affected.

tags | exploit, local
advisories | CVE-2012-1793
SHA-256 | 811b545d5083c227c56986dbdeeac60ef0a1b6690230618e3d3b76f311c4ab12
Proxy Check 02122011
Posted Mar 21, 2012
Authored by Alejandro Ramos | Site securitybydefault.com

Proxy Check is a tool that includes a website to automate testing for web proxy content filtering. It has a battery of tests that includes looking for typically malicious URLs, several PDF exploits, and more.

tags | tool, web, scanner
systems | linux, unix
SHA-256 | ac9e7fea81ae9f981e0e3a0a3524dbb37d2aefac198ef4e781a1ffbf6cab1891
Page 1 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close