exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

Automated Link Exchange Portal 1.3 Bypass
Posted Jun 8, 2009
Authored by TiGeR-Dz | Site h4ckf0u.com

Automated Link Exchange Portal version 1.3 suffers from bypass and direct access vulnerabilities.

tags | exploit, vulnerability, bypass
SHA-256 | 35fcba00e6f954ce1e41341743215b15a9c18f19b3a1fe538fa81b1abbd3eef2

Related Files

Liferay 6.1 Default Configuration Compromise
Posted Apr 21, 2012
Authored by Jelmer Kuperus

By utilizing the json webservices exposed in Liferay Portal version 6.1 you can register a new user with any role in the system, including the built in administrator role. Proof of concept included.

tags | exploit, proof of concept
systems | linux
SHA-256 | 3f6c3c5b9e5e27e968adbe87afc167aa13e200b89a6647cbde10d03c9a021bac
Liferay JSON Request Control Takeover
Posted Apr 20, 2012
Authored by Jelmer Kuperus

Liferay Portal suffers from a takeover vulnerability due to a single HTTP request allowing an attacker to reconfigure which memcached to use. Proof of concept code included. Version 6.1 ce is confirmed vulnerable.

tags | exploit, web, proof of concept
systems | linux
SHA-256 | 52363e44fb0da67d9da2ef19c482ca115b0e60ea50da8776e953b5d028b5ea91
Packet Fence 3.3.0
Posted Apr 16, 2012
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: A major release focused on new features and enhancements. AlliedTelesis switches support. Introduction of Role-Based Access Control (RBAC) for Aruba, AeroHIVE, Meru, and Motorola equipment. Guests can now pre-register in advance or have their network access sponsored. Simplified inline enforcement. Several new configuration parameters that affects guest handling. Noteworthy fixes include a RADIUS Identity privacy fix and Captive portal look on mobile devices (smartphones and tablets). There is some polishing and translation updates.
tags | tool, remote
systems | unix
SHA-256 | 4f8b4518e51638a4a7ae0c0c2a4a8d382eca998798bac68923b88a5731cfb863
Hotel Booking Portal 0.1 SQL Injection
Posted Apr 4, 2012
Authored by Mark Stanislav

Hotel Booking Portal version 0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2012-1672
SHA-256 | e5bd761b6b77d6401e0829fb292820e953061861cf27bd9e56a3a7e67b73d807
WebPortal CMS Beta Arbitrary File Upload
Posted Mar 29, 2012
Authored by HELLBOY

WebPortal CMS Beta suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 0a16776905892f9932c6a81532948beda759b23fb0a1ebd44a1a250d6589aa23
Secunia Security Advisory 48570
Posted Mar 28, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has reported multiple vulnerabilities in ocPortal, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | d542eb796aac0fe41bbbd2adf0f9a1c05f3bad363e7aca7683728d2be595ed13
Secunia Security Advisory 48416
Posted Mar 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Proficy Real-Time Information Portal, which can be exploited by malicious people to manipulate certain data.

tags | advisory
SHA-256 | b2ef76f7aacc74d5255265caa2c4d5132cc3ba7b56fe43a98e8164b52f199f88
Saman Portal Local File Inclusion
Posted Mar 12, 2012
Authored by TMT

Saman Portal suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 2632eee686a4e9351a65cadbb8a788712e659de6696e09063c84ee4776c0a097
Saman Portal Local File Inclusion
Posted Mar 7, 2012
Authored by TMT

Saman Portal suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | f245aeea6b3f77592cd6dfc9450697947d068c975c0e07a0e1db15820a8fbdaf
Secunia Security Advisory 48233
Posted Mar 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Witze addon for deV!L'z Clanportal, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | ffc5ef0672c3dc0b09eef95981a013b8785bbc3f4fa30ac110036be49fc2fc11
deV!L`z Clanportal Witze 0.9 SQL Injection
Posted Mar 4, 2012
Authored by Easy Laster

deV!L`z Clanportal Witze add-on version 0.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1a41b3da1ce02aa31f75b547c7ce2bfc84fead8cc9e1e96acd6aaf17fff8eb77
Red Hat Security Advisory 2012-0345-02
Posted Mar 2, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0345-02 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. It was found that JBoss Web did not handle large numbers of parameters and large parameter values efficiently. A remote attacker could make JBoss Web use an excessive amount of CPU time by sending an HTTP request containing a large number of parameters or large parameter values. This update introduces limits on the number of parameters and headers processed per request to address this issue. The default limit is 512 for parameters and 128 for headers. These defaults can be changed by setting the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties in "jboss-as/server/[PROFILE]/deploy/properties-service.xml".

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-0022
SHA-256 | 5f8ed354af7f93aae635f0011391c698a68ac7e5da46495e45b1d1b424d2b453
Packet Fence 3.2.0
Posted Feb 24, 2012
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: This is a major release focused on new features and enhancements. It has OpenVAS Vulnerability Assessment integration for free client-side policy compliance. Per-user bandwidth limits can be imposed using RADIUS accounting information. A new billing engine was integrated in the captive portal, allowing a variety of paid-for Internet access workflows. Several performance enhancements and more robust handling of configuration mistakes. Many bugfixes, small enhancements, and translation updates.
tags | tool, remote
systems | unix
SHA-256 | ba03e5371037a7543536b1b3657f4b8d9eb3f36d5711e818d4cc69d3057f12f4
STHS v2 Web Portal 2.2 SQL Injection
Posted Feb 11, 2012
Authored by Liyan Oz

STHS v2 Web Portal version 2.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | df2aef2b8ed5719432fab9d65d36c1e6976ddeece6ee659a2784031108fcd5bd
Secunia Security Advisory 47866
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Portal Platform. This fixes multiple weaknesses, a security issue, and multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
systems | linux, redhat
SHA-256 | 4d46d88fe1552e6fef5b6dc95b3fc4a042a2f4f0ea8038b01309fd5cfc6856bc
Red Hat Security Advisory 2012-0091-01
Posted Feb 3, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0091-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. This JBoss Enterprise Portal Platform 4.3 CP07 release serves as a replacement for JBoss Enterprise Portal Platform 4.3 CP06.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2011-1184, CVE-2011-1484, CVE-2011-2526, CVE-2011-4085, CVE-2011-4858, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064
SHA-256 | 8d477b129cade9168945756f320e10f89d8e0cf7bba8bf7336e147cc0e23f36a
Secunia Security Advisory 47598
Posted Jan 22, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Moviebase addon for deV!L'z Clanportal, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 73d6f16cf4d4fd2ab38e4e3667f2c8e45017634f40e781b1d0d61c354aa430de
SOOP Portal Raven 1.0 Shell Upload
Posted Jan 21, 2012
Authored by HELLBOY

SOOP Portal Raven version 1.0 suffers from a fckeditor shell upload vulnerability.

tags | exploit, shell
SHA-256 | 0f8273872316d694baa3f500986ae9071919c3115aa8db27659d4bf52a44aaad
SMF Portal 1.1.16 Shell Upload
Posted Jan 21, 2012
Authored by HELLBOY

SMF Portal version 1.1.16 fckeditor suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | 04babd577f16ab3b3226783c0614188c3210538cd0494f5a7fa636ca41c2f6f2
deV!L`z Clanportal 1.5.5 Moviebase SQL Injection
Posted Jan 18, 2012
Authored by Easy Laster

The deV!L`z Clanportal version 1.5.5 Moviebase add-on suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6d5a7924a34b72b16edc5519639f6524b61aa185cc5047a781541906f69889c4
deV!L`z Clanportal Gamebase SQL Injection
Posted Jan 18, 2012
Authored by Easy Laster

The deV!L`z Clanportal Gamebase add-on suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3492ac0e196fec26a595040d9c4171120263e3306bf97c75e457afec9ed34b8d
Secunia Security Advisory 47563
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Gamebase addon for deV!L'z Clanportal, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 95afebcc57615fdd4c484442dbdaee3b1c683ac015091545b78fff917e7b375d
Secunia Security Advisory 47550
Posted Jan 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Contus Jobs Portal, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 0db27dfc646c3830b9e76c1702651b0515e8f5c3be9ba38b02f7dcb300596bd7
ARASTAR Portal System Cross Site Scripting
Posted Jan 14, 2012
Authored by ITTIHACK

ARASTAR Portal System suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 32fe953c4b69bbc4c887b2a46cb5fe2901ad4a8a9a4c445c453cef140d62e1b6
Contus Job Portal SQL Injection
Posted Jan 12, 2012
Authored by Lazmania61

Contus Job Portal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 855725ce2adeba5240d6804c2179d7037d4e7091c389037c22510defce3ee255
Page 2 of 4
Back1234Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close