exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

TS-2007-001-0.txt
Posted Jul 31, 2007
Authored by forloop, defaultroute

Template Security has discovered a serious denial of service vulnerability in the BlueCat Networks Adonis DNS/DHCP Appliance. When XHA is configured to place two Adonis servers in an active-passive pair to provide high availability, a remote attacker can transmit a single UDP datagram to crash the heartbeat control process. This can be used for example to create an active/active condition in the cluster pair.

tags | advisory, remote, denial of service, udp
SHA-256 | cc3a0e1f01e8c577869fec6643baaacbf4c0c356f0b25da7cd5cad08f003d024

Related Files

Teacher Subject Allocation Management System 1.0 Insecure Settings
Posted Oct 2, 2024
Authored by indoushka

Teacher Subject Allocation Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | f3361bf9186b472b9be8cbd6ae5f7d9d24dd48bb2c9b3fc4085a3f7ab2c6d9ac
Teacher Subject Allocation Management System 1.0 Cross Site Scripting
Posted Sep 20, 2024
Authored by indoushka

Teacher Subject Allocation Management System version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b1db62a9d65130bfaeab7bcac6517aa366c7654856b16d38cfa8adfcb66c27a7
LumisXP 16.1.x Cross Site Scripting
Posted Jul 11, 2024
Authored by Rodolfo Tavares | Site tempest.com.br

LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in XsltResultControllerHtml.jsp.

tags | exploit, xss
advisories | CVE-2024-33326
SHA-256 | 44811fffdad55f59cab99ee680cea0158c35b26606a7a72215c8b74fff752970
LumisXP 16.1.x Cross Site Scripting
Posted Jul 11, 2024
Authored by Rodolfo Tavares | Site tempest.com.br

LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in UrlAccessibilityEvaluation.jsp.

tags | exploit, xss
advisories | CVE-2024-33327
SHA-256 | 62722fa4e4796c8ac819f4f74bff3b88e4c3207619569dd0af373cca85ccd325
LumisXP 16.1.x Cross Site Scripting
Posted Jul 11, 2024
Authored by Rodolfo Tavares | Site tempest.com.br

LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in main.jsp

tags | exploit, xss
advisories | CVE-2024-33328
SHA-256 | 6b2f2821d4c2d0424a401ff4ad365da2713d18f6c494dadd54e7fce8dfe51786
LumisXP 16.1.x Hardcoded Credentials / IDOR
Posted Jul 11, 2024
Authored by Rodolfo Tavares | Site tempest.com.br

LumisXP versions 15.0.x through 16.1.x have a hardcoded privileged identifier that allows attackers to bypass authentication and access internal pages and other sensitive information.

tags | exploit
advisories | CVE-2024-33329
SHA-256 | 507655a40fa21c33f270fff3ee33944627b6c9719d3c667e8ec61677948d5b35
Teacher Subject Allocation Management System 1.0 SQL Injection
Posted Mar 20, 2024
Authored by Ersin Erenler

Teacher Subject Allocation Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-46024
SHA-256 | 70201b7921db68f4cd1eabfe9d49fef650e64263d687be24d951e0f1d2287e83
Multilaser RE160 Cookie Manipulation Access Bypass
Posted Mar 4, 2024
Authored by Vinicius Moraes | Site tempest.com.br

Multilaser RE160 versions 5.07.51_pt_MTL01 and 5.07.52_pt_MTL01 suffer from an access control bypass vulnerability through cookie manipulation.

tags | exploit, bypass
advisories | CVE-2023-38946
SHA-256 | ba0ed12285ef51b34ae0d6988481e8d4fc6959295d9775d1e956a211d68153e0
Multilaser RE160V / RE160 URL Manipulation Access Bypass
Posted Mar 4, 2024
Authored by Vinicius Moraes | Site tempest.com.br

Multilaser RE160V web management interface versions 12.03.01.08_pt and 12.03.01.09_pt along with RE160 versions 5.07.51_pt_MTL01 and 5.07.52_pt_MTL01 suffer from an access control bypass vulnerability through URL manipulation.

tags | exploit, web, bypass
advisories | CVE-2023-38945
SHA-256 | e1156731f7c82aa391ee5895789afc5a989d3554ac5a410747604791d0f5fdcc
Multilaser RE160V Header Manipulation Access Bypass
Posted Mar 4, 2024
Authored by Vinicius Moraes | Site tempest.com.br

Multilaser RE160V web management interface versions 12.03.01.09_pt and 12.03.01.10_pt suffer from an access control bypass vulnerability through header manipulation.

tags | exploit, web, bypass
advisories | CVE-2023-38944
SHA-256 | c6cf3a65cbce62dca49ea866ac9a7ace5aa59a5dad1fb6abba12d3e96e453625
TSPlus 16.0.2.14 Insecure Permissions
Posted Aug 22, 2023
Authored by Carlo Di Dato

TSPlus version 16.0.2.14 suffers from an insecure permissions vulnerability.

tags | exploit
advisories | CVE-2023-31067
SHA-256 | 0bc7ecda382e75a1cb2b54690a396532c49dd66393a3842a9283c8bfaf166236
TSPlus 16.0.0.0 Insecure Permissions
Posted Aug 22, 2023
Authored by Carlo Di Dato

TSPlus version 16.0.0.0 suffers from an insecure permissions vulnerability.

tags | exploit
advisories | CVE-2023-31068
SHA-256 | 06f5da798bc1734c99952dd5665f7fc882b0e8d1c219d8e327e08d2824444cbb
TSPlus 16.0.0.0 Insecure Credential Storage
Posted Aug 22, 2023
Authored by Carlo Di Dato

TSPlus version 16.0.0.0 suffers from an insecure credential storage vulnerability.

tags | exploit
advisories | CVE-2023-31069
SHA-256 | 215f20ce0fd7976f257c178193251dfef5d9ab1191d503a59cbdd146d251811d
Time Slot Booking Calendar 1.8 Cross Site Scripting
Posted Jun 30, 2023
Authored by CraCkEr

Time Slot Booking Calendar version 1.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f65b274470cdaa58905697b946bb0b36c4806f9c1a414f504b6f854b7f020005
Piwigo 13.5.0 SQL Injection
Posted Apr 28, 2023
Authored by Rodolfo Tavares | Site tempest.com.br

Piwigo version 13.5.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-26876
SHA-256 | b4b2bf2bd02e5e6e2f24ce835e44e52d016f467252a6d79a30e013c6f3028a74
Train Scheduler App 1.0 Insecure Direct Object Reference
Posted Oct 31, 2022
Authored by Rohit Sharma

Train Scheduler App version 1.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
advisories | CVE-2022-3774
SHA-256 | 35e0aca5c12fde1a197fcd41a91aeee4b905c913ce48905a08acc0913c03bbe7
WordPress WPvivid Backup Path Traversal
Posted Oct 4, 2022
Authored by Rodolfo Tavares | Site tempest.com.br

WordPress WPvivid Backup plugin versions prior to 0.9.76 suffer from a path traversal vulnerability.

tags | exploit
advisories | CVE-2022-2863
SHA-256 | fb090fe06b8107185b5b73bdfac52e984a5bd3987e4e8a14397734095d06addf
LiquidFiles 3.4.15 Cross Site Scripting
Posted May 19, 2022
Authored by Rodolfo Tavares | Site tempest.com.br

LiquidFiles version 3.4.15 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-30140
SHA-256 | 64fb0fffa85d330dbc47f539a594fa8fcad4c9362b419983c93474d08ba4e151
PHPIPAM 1.4.4 Cross Site Request Forgery / Cross Site Scripting
Posted May 19, 2022
Authored by Rodolfo Tavares | Site tempest.com.br

PHPIPAM version 1.4.4 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2021-46426
SHA-256 | 050c77ae0f13a5b4247218de44f8bf133ca516aae7da4d73aba802231bdde893
T-Soft E-Commerce 4 SQL Injection
Posted May 17, 2022
Authored by Alperen Ergel

T-Soft E-Commerce version 4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 45b5224650ea3cb883a0c405f3c4d76eef8cc2dbc8f3fb98282c4ea633d2e202
T-Soft E-Commerce 4 Cross Site Scripting
Posted May 17, 2022
Authored by Alperen Ergel

T-Soft E-Commerce version 4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a38f9872c25051fb5d40689975a5a643292512cac28208caeaa677228ed3e251
T-Soft E-Commerce 4 Cross Site Request Forgery
Posted Sep 20, 2021
Authored by Alperen Ergel

T-Soft E-Commerce version 4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c6b8e63ffe9cd49eeb60a1fb0927f605b76c7e0f0c0526db27887b5438211ac3
Comprehensive Guide On TShark
Posted Apr 23, 2021
Authored by Jeenali Kothari | Site hackingarticles.in

This document is a guide on how to use tshark effectively to monitor and analyze traffic.

tags | paper
SHA-256 | b5f392c0a6f13e0c48407dcf564964d9098a9ac088cfac2258e29e1f74c4670c
Envira Gallery Lite 1.8.3.2 Cross Site Scripting
Posted Jan 13, 2021
Authored by Rodolfo Tavares | Site tempest.com.br

Envira Gallery Lite edition version 1.8.3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-35581, CVE-2020-35582
SHA-256 | 9dbf149ef3ee66457f73ea7147ed74161ff3ef6881909b863f14b4bf54649b7c
Typesetter CMS 5.1 Remote Code Execution
Posted Oct 7, 2020
Authored by Rodolfo Tavares | Site tempest.com.br

Typesetter version 5.1 is vulnerable to code execution via /index.php/Admin/Uploaded. An attacker can exploit this by uploading a zip that contains a malicious php file inside. After extracting the zip file containing the malicious php file, it is possible to execute commands on the target operation system.

tags | advisory, php, code execution
advisories | CVE-2020-25790
SHA-256 | ee974c9d37c8aba758fd4db3a34e859ee9e9a7a9e7db287f6d35e858f330de34
Page 1 of 4
Back1234Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close