what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Automated Link Exchange Portal 1.3 Bypass
Posted Jun 8, 2009
Authored by TiGeR-Dz | Site h4ckf0u.com

Automated Link Exchange Portal version 1.3 suffers from bypass and direct access vulnerabilities.

tags | exploit, vulnerability, bypass
SHA-256 | 35fcba00e6f954ce1e41341743215b15a9c18f19b3a1fe538fa81b1abbd3eef2

Related Files

Hotel Booking Portal 0.1 Cross Site Scripting / SQL Injection
Posted Aug 13, 2012
Authored by Yakir Wizman

Hotel Booking Portal version 0.1 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 256b6d0f295a339e04943601e44942aae79e9b08c4b1430be39582ee5d729968
ESCON SupportPortal Pro 3.0 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

ESCON SupportPortal Pro version 3.0 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2590
SHA-256 | 276e0b8f015732fce0ae5dbd7e7bdd804d1aa558b1f1268b2d84dc292f750351
Packet Fence 3.5.0
Posted Aug 2, 2012
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: This major release focuses on new features and enhancements. It adds a remediation module for SourceFire 3D, the ability to have different captive portals depending on the SSID you connect to, a new Web-based configuration tool which eases the installation and configuration process of a new PacketFence installation, and complete Suricata support.
tags | tool, remote
systems | unix
SHA-256 | 04d68118540aa72d1079d73c6cbd5d757435496db0dd4e260130a127a8844be7
Tekno.Portal 0.1b Blind SQL Injection
Posted Aug 1, 2012
Authored by Socket_0x03

Tekno.Portal version 0.1b suffers from a remote blind SQL injection vulnerability in link.php. This version was already known to have issues with SQL injection since 2010.

tags | exploit, remote, php, sql injection
SHA-256 | c71eed1836a67943fa03e0218fb566e5956562284ee6c837a7ec26e30d887446
ocPortal CMS 7.1.5 Open Redirect
Posted Jul 29, 2012
Authored by Aung Khant | Site yehg.net

ocPortal CMS versions 7.1.5 and below are vulnerable to open URL redirection.

tags | exploit
SHA-256 | 353cd4c439e094016caa438e0e165cbccde2fc29c1d867a80b2e7e755c9e4333
Red Hat Security Advisory 2012-1109-01
Posted Jul 23, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1109-01 - JBoss Application Server is the base package for JBoss Enterprise Portal Platform, providing the core server components. The Java Naming and Directory Interface Java API allows Java software clients to locate objects or services in an application server. It was found that the JBoss JNDI service allowed unauthenticated, remote write access by default. The JNDI and HA-JNDI services, and the HAJNDIFactory invoker servlet were all affected. A remote attacker able to access the JNDI service, HA-JNDI service, or the HAJNDIFactory invoker servlet on a JBoss server could use this flaw to add, delete, and modify items in the JNDI tree. This could have various, application-specific impacts.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2011-4605
SHA-256 | 78dd41f8b5b34025ec971ccb9596f9551cde8d2534b3816a8c8e07e50a8da9ef
Secunia Security Advisory 49974
Posted Jul 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Portal, which can be exploited by malicious people to manipulate certain data.

tags | advisory
SHA-256 | 928114f8b9053db227ebed1159952f58fc357f0c51062df46a310ad4d6b94af2
Netsweeper Cross Site Scripting / Cross Site Request Forgery
Posted Jul 10, 2012
Authored by Jacob Holcomb

Netsweeper Internet Filter suffers from cross site scripting and cross site request forgery vulnerabilities in the WebAdmin portal.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2012-2446, CVE-2012-2447, CVE-2012-3859
SHA-256 | 4bd4e67cc0eb876ff9cc96b4c11b92ea9c443472e744412fd9c45d3c23ad06ab
Secunia Security Advisory 49855
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Portal, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 8a1255757f651dd5f4b8c93e7d95f2d598843210aa0ffd2dd453601e5f3b8f38
Secunia Security Advisory 49486
Posted Jun 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Vulnerability Laboratory Research has reported multiple vulnerabilities in Jobs Portal, which can be exploited by malicious users to conduct script insertion and SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 24b1e2ed73141ce80a233b9a684c71cf7bf5c2464f841f3e5e3949ecc3c16c3f
Packet Fence 3.4.0
Posted Jun 14, 2012
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: This major release focuses on new features and enhancements, including Brocade and H3C hardware support, Debian Squeeze support, more custom VLAN support, node bulk importation improvements, new bandwidth graphs, performance tweaks, stability improvements, and a security fix.
tags | tool, remote
systems | unix
SHA-256 | 74b9505aefce9b9b5e02bc6eb31e0b44de771b4a3fd5c73edbb8c4870f56a7d2
Jobs Portal 3.0 SQL Injection / Cross Site Scripting
Posted Jun 14, 2012
Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

Jobs Portal version 3.0 suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | a99fcd0bd41bc6f9abd28a43cd0fd0e0ed3f34ede832e0246bf2c24b0f585df8
Tom Sawyer Software GET Extension Factory Remote Code Execution
Posted Jun 11, 2012
Authored by rgod, Elazar Broad, juan vazquez | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability in the tsgetx71ex553.dll ActiveX control installed with Tom Sawyer GET Extension Factory due to an incorrect initialization under Internet Explorer. While the Tom Sawyer GET Extension Factory is installed with some versions of VMware Infrastructure Client, this module has been tested only with the versions installed with Embarcadero Technologies ER/Studio XE2 / Embarcadero Studio Portal 1.6. The ActiveX control tested is tsgetx71ex553.dll, version 5.5.3.238. This Metasploit module achieves DEP and ASLR bypass using the well known msvcr71.dll rop chain. The dll is installed by default with the Embarcadero software, and loaded by the targeted ActiveX.

tags | exploit, remote, code execution, activex
advisories | CVE-2011-2217, OSVDB-73211
SHA-256 | 9ea26d2b6cb47fda41b9580e28eab68d2c736833da3e4ee9317fb28219b79c3f
Secunia Security Advisory 49205
Posted May 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Liferay Portal, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.

tags | advisory, vulnerability, xss, csrf
SHA-256 | d34160e0a3395a5b4d010de6e744c746abeeebe6e86eb04a34ccf72137ab90c1
Secunia Security Advisory 49154
Posted May 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Liferay Portal, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 4dc1a1f9b93161b8d29f7ec9e1b94695cc8f8ee2fbc4c92f412fcca9e26fb8d5
Liferay Portal Privilege Escalation
Posted May 14, 2012
Authored by Jelmer Kuperus

Liferay Portal suffers from a privilege escalation issue due to an insufficient permissions check in the updateOrganizations method of UserService.

tags | exploit
SHA-256 | 4c1ad3c260bfe325b9aead7258ea230d32d644be3b58cca2627419a584adc85b
Uiga Personal Portal SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

Uiga Personal Portal suffers from a remote SQL injection vulnerability in index2.php.

tags | exploit, remote, php, sql injection
SHA-256 | b9152582b0c4f0b77c7e1db220fcefc393f21d4e2076d4a38a60087190e6ac5d
FlirtPortal Script SQL Injection / Cross Site Scripting
Posted Apr 27, 2012
Authored by Farbod Mahini

FlirtPortal Script suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | c9d6b60ae6be968eb4af63c0f48ff6ecb8a4a072ed5d0fe9a2c3756139950c12
Secunia Security Advisory 49010
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - the_storm has reported a vulnerability in Car Portal CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 69c71994ab9e66698a9d6899c363fdfcd8c4470086bb6cefd6c0f7b14bb7c9d9
Car Portal CMS 3.0 CSRF / XSS / Shell Upload
Posted Apr 26, 2012
Authored by the_storm, Vulnerability Laboratory | Site vulnerability-lab.com

Car Portal CMS version 3.0 suffers from cross site request forgery, cross site scripting, and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, xss, csrf
SHA-256 | 016eb43689724108c0b719601b4797e2a9308603f6fad4d20c86d624f8360dc5
Secunia Security Advisory 48954
Posted Apr 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Portal Platform. This fixes a security issue and two vulnerabilities, which can be exploited by malicious people to manipulate certain data and disclose potentially sensitive information.

tags | advisory, vulnerability
systems | linux, redhat
SHA-256 | cf49e0f1fa6aee8fcedff16c76c7c1395d44eb2c319e3a6d8a8005ca2712e68d
Red Hat Security Advisory 2012-0519-01
Posted Apr 25, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0519-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. This release of JBoss Enterprise Portal Platform 5.2.1 serves as a replacement for JBoss Enterprise Portal Platform 5.2.0, and includes bug fixes.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2011-4314, CVE-2012-0818
SHA-256 | 4c2d7e867f2236c82154ad3fdca5b623e021c311c49562d7e1ef097fb83249f5
Secunia Security Advisory 43687
Posted Apr 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Jelmer Kuperus has discovered a vulnerability in Liferay Portal, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 41cc8f47ed19077bdbc4f4d32bc478a4af929eb954e60d3fce8d24c661811585
Secunia Security Advisory 48883
Posted Apr 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle PeopleSoft Enterprise Portal, which can be exploited by malicious users to manipulate certain data.

tags | advisory
SHA-256 | f4391e84433e11602388064596f7d0cef7e5ccbcf04b0fb69c58bf5cf497f11d
Liferay 6.0.5 ce WebDAV File Reading
Posted Apr 21, 2012
Authored by Jelmer Kuperus

By creating a specially crafted webdav request that contains an external entity it is possible to read files from Liferay Portal version 6.0.5 ce. Proof of concept code included.

tags | exploit, proof of concept
systems | linux
SHA-256 | 3cd00ba5d2fefa08a9eafaa941c8ee4bdbf23dae39cb2ccf5da00cbf88d064e4
Page 1 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close