what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Left 4 Dead Stats SQL Injection
Posted Jan 4, 2010
Authored by Sora

Left 4 Dead Stats version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 076ec161ec82a883a608b91bf7256e0eb085831f187a4a279e95c6412604efbe

Related Files

Cura 1.5
Posted Jul 16, 2012
Site github.com

Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).

Changes: The modules screen is now Tabular, providing a much better user experience in which all of Cura's modules are provided as tabs on the top of the screen.
tags | exploit, remote
SHA-256 | 1701fc58dc21a0ecb6c45f4836abb5e380f5e8214af1f3d389ec0e35ee46a019
Cura 1.4
Posted Jul 13, 2012
Site github.com

Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).

Changes: This release features a completely new UI for the Home (Login) screen where you are dropped upon launch. This is where you access/create/update/delete your server accounts, and it's had a complete do-over.
tags | tool, remote, wireless
SHA-256 | 79fd0da76674b5e455a947a43496357a83abbd086c7bf141c80764ec54afd32c
Cura 1.0
Posted May 20, 2012
Site github.com

Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).

Changes: This release satisfies all the the tasks promised: terminal, syslog reader, SysMonitor (for CPU and RAM), Nmap, and server stats. In addition, there's the security feature (an SMS can wipe Cura's database (the phone's location is sent back)). It works for Android 2.3.3 (Gingerbread) and above.
tags | tool, remote, wireless
SHA-256 | 11557623033f83fd59c047df77732ae8b78ffc6326f727c0c1aea355a332f580
Cura 0.4.0
Posted May 12, 2012
Site github.com

Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).

Changes: Nmap is now fully functional.
tags | tool, remote, wireless
systems | unix
SHA-256 | 7535e3c956995ec088e0036a3ecb227af85f7e7498611ed214ba05bc70a26996
Torrent-Stats Denial Of Service
Posted Feb 3, 2012
Authored by otr

Torrent-Stats suffers from a denial of service vulnerability in httpd.c.

tags | exploit, denial of service
SHA-256 | 800bc0f63fdba947738b01388e1c4834532ab1fc95c5b2912e467da4293d8011
Secunia Security Advisory 47261
Posted Dec 19, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in DotA OpenStats, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 3d8de16680e62fdd4a2a4d6d3a3863a127e87493d1bd58674ce190e8752fd07d
DotA OpenStats 1.3.9 SQL Injection
Posted Dec 18, 2011
Authored by HvM17

DotA OpenStats versions 1.3.9 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f9e47482cdb11bda2bc5cf30a5bfe67a56d61882988a88ca7ff3b8afaf761d6f
Ubuntu Security Notice USN-1294-1
Posted Dec 8, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1294-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Qianfeng Zhang discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-1162, CVE-2011-2494, CVE-2011-2942, CVE-2011-3209, CVE-2011-3638, CVE-2011-4081, CVE-2011-4087, CVE-2011-4326
SHA-256 | acab8d51e69e89ac69916bfde79578d48d20a5c740ed8334923ba6a32afe7023
Ubuntu Security Notice USN-1285-1
Posted Nov 30, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1285-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-2183, CVE-2011-2491, CVE-2011-2494, CVE-2011-2495, CVE-2011-2517, CVE-2011-2905, CVE-2011-2909
SHA-256 | 6758df4905be75681d391dbdf0a22a6c0d585b02d7ae0b95ce6c9f405177ab7d
Ubuntu Security Notice USN-1279-1
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1279-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-2183, CVE-2011-2491, CVE-2011-2494, CVE-2011-2495, CVE-2011-2517, CVE-2011-2905, CVE-2011-2909
SHA-256 | a57a6a4677aad213b5b06f27421d5abb8eefa70db03930de1545039b4bd62c37
Ubuntu Security Notice USN-1275-1
Posted Nov 22, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1275-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2011-2494
SHA-256 | d80ad01354876eab576255c2bcf356baa28e1b46fd819624cd2d2de9c1971dd2
Ubuntu Security Notice USN-1260-1
Posted Nov 15, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1260-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2011-2494
SHA-256 | 40cd6d7f9146c1c43ee131b46b98a2d9c89006e4772e5e974f49db0f54f12901
Secunia Security Advisory 46069
Posted Nov 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ben Schmidt has discovered a vulnerability in the WP Easy Stats plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 3d358b676cb6bacfd873e5f6d79a36eecff6d05e43d1252a2df41ff66908ec73
Secunia Security Advisory 46160
Posted Nov 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has discovered two vulnerabilities in AWStats, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 0cd7ab8ce6bbe825d65dbf994d9382ac1ae47cfa2a2821c4c8b40cec27083a15
Ubuntu Security Notice USN-1243-1
Posted Oct 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1243-1 - It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-1479, CVE-2011-2494, CVE-2011-2495, CVE-2011-2695, CVE-2011-2905, CVE-2011-2909, CVE-2011-3188, CVE-2011-3363
SHA-256 | 17f248b3931a988aad14812534c1789db9fb19d3669e1520b000fb81fd5b0df9
Ubuntu Security Notice USN-1242-1
Posted Oct 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1242-1 - It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-1479, CVE-2011-2494, CVE-2011-2495, CVE-2011-2695, CVE-2011-2905, CVE-2011-2909, CVE-2011-3188, CVE-2011-3363, CVE-2010-4250
SHA-256 | 544731c1bb12667fa7a9b5b5b16ac0871a169440d284556042daf2acc1e9a8f4
Secunia Security Advisory 46478
Posted Oct 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for awstats. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, fedora
SHA-256 | 107657305e39f19b9876be06455f1050533e854529c845f0282de55b44afd0f8
AWStats 7.0 / 6.0 SQL Injection / Cross Site Scripting / CRLF Injection
Posted Sep 23, 2011
Authored by MustLive

AWStats versions 6.0 and 7.0 suffers from CRLF injection, cross site scripting, HTTP response splitting, and remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, xss, sql injection
SHA-256 | 59557071b1987b2fde0f1594bff019d2392bfda8e3b64f00a2219e1a52209747
WordPress WPEasyStats 1.8 Remote File Inclusion
Posted Sep 19, 2011
Authored by Ben Schmidt | Site spareclockcycles.org

WordPress WPEasyStats plugin version 1.8 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | d3f013a760a7b4563260188e45ab4a66c858aef58be11b3225d2ee692195009e
WP-Stats-Dashboard 2.6.5.1 Cross Site Scripting
Posted Aug 18, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

WP-Stats-Dashboard version 2.6.5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 267125d33a18c0bf9147f49eb589e14b9f0d600aebee93eaf437a0302e071f90
Secunia Security Advisory 45687
Posted Aug 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in the WP-Stats-Dashboard plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 7d8641f40e5fe99d1010c6d44f9439ac6812daab187998bc771dae379e703c63
Secunia Security Advisory 45681
Posted Aug 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in the WP-Stats-Dashboard plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | cd37d0e9e2ccaddcf38597d8e42e7743cc86a7c242a7a113d904a038ed3cdf4e
AWStats Totals 1.14 Remote Command Execution
Posted May 26, 2011
Authored by Patrick Webster | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats Totals PHP script. AWStats Totals version v1.0 - v1.14 are vulnerable.

tags | exploit, arbitrary, php
advisories | CVE-2008-3922, OSVDB-47807
SHA-256 | 5a5ef1d851e7541e28de7b53546932d0881adc18c9f19c4d8ea20156248a6ea5
SmarterStats 6.0 XSS / DoS / Command Execution / Traversal
Posted Mar 11, 2011
Authored by sqlhacker

SmarterStats version 6.0 suffers from cross site scripting, denial of service, command execution, and directory traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, xss, file inclusion
SHA-256 | 0836c7412eeb88d123a674b23d5f7ccaf25ad59b6cf315b294ccc95936d268b5
tplSoccerStats SQL Injection
Posted Feb 23, 2011
Authored by AtT4CKxT3rR0r1ST

tplSoccerStats suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 29bbbb06aace402b7764cbb1e8d6af83f7550140b179cd35397141cd903ba14e
Page 1 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close