what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

MG2 0.5.1 Cross Site Scripting
Posted Feb 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

MG2 version 0.5.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d9e1492757a88b8aae40695552fa07b4741b360277a7016b7540c93273f43c48

Related Files

Zyxel / EMG2926 Command Injection
Posted Apr 2, 2017
Authored by Trevor Hough

Zyxel / EMG2926 versions prior to 1.00(AAQT.4)b8 suffers from an OS command injection vulnerability.

tags | exploit
advisories | CVE-2017-6884
SHA-256 | d2fe28ccfad0ff3449ac16a08f737147127ce359adeb79b057c6ca7dba400d21
Samsung SystemUI fimg2d Null Pointer Dereference
Posted Sep 9, 2016
Authored by 0xr0ot

Samsung SystemUI fimg2d driver suffers from a null pointer dereference vulnerability.

tags | advisory
SHA-256 | 5078f08a5818485da8db3f5b0d45965d8daf96f6c90003d8eae14f1610f7bba2
Samsung Fimg2d FIMG2D_BITBLT_BLIT Ioctl Concurrency Flaw
Posted Oct 28, 2015
Authored by Google Security Research, leecam

The Samsung Graphics 2D driver (/dev/fimg2d) is accessible by unprivileged users/applications. It was found that the ioctl implementation for this driver contains a locking error which can lead to memory errors (such as use-after-free) due to a race condition.

tags | exploit
systems | linux
advisories | CVE-2015-7891
SHA-256 | a3f38084cb1d4d13978aaba6602e9965fb1df0bed4c3c2f913708f75b9b78245
iGallery Plugin 1.0.0 Cross Site Scripting
Posted Sep 18, 2011
Authored by LiquidWorm | Site zeroscience.mk

iGallery plugin version 1.0.0 suffers from a cross site scripting vulnerability when parsing user input to the 'dir' parameter via GET method in '/scripts/pthumb/demo/phpThumb.demo.random.php'. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, php, xss
SHA-256 | 649c0e5f670adcc02d2f48ac41bb3b9dbf1473ba6e21da4a9bebd40f9b3f7896
iManager Plugin 1.2.8 Cross Site Scripting
Posted Sep 18, 2011
Authored by LiquidWorm | Site zeroscience.mk

iManager plugin versions 1.2.8 build 02012008 and below suffer from a cross site scripting vulnerability when parsing user input to the 'dir' parameter via GET method in 'random.php' and 'phpThumb.demo.random.php'. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, php, xss
SHA-256 | 4c4c2b763221737d36a6acfffd6dbb477bc08d64d63061a263200f70c4504d7a
iBrowser Plugin 1.4.1 Cross Site Scripting
Posted Sep 18, 2011
Authored by LiquidWorm | Site zeroscience.mk

iBrowser plugin versions 1.4.1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2107ed08679b3cadf3a5612f0068b8a88d9524b1ecc47a00f4761fae255d7405
iManager Plugin 1.2.8 Arbitrary File Deletion
Posted Sep 18, 2011
Authored by LiquidWorm | Site zeroscience.mk

iManager plugin version 1.2.8 suffers from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
SHA-256 | 63d8ec3f4d364c44e15e1df3ae54eb79901968d0e854a24fdc9ff42dc237090b
iManager Plugin 1.2.8 Local File Inclusion
Posted Sep 17, 2011
Authored by LiquidWorm | Site zeroscience.mk

iManager plugin version 1.2.8 suffers from a local file inclusion vulnerability / file disclosure vulnerability when input passed thru the 'lang' parameter to imanager.php, rfiles.php, symbols.php, colorpicker.php, loadmsg.php, ov_rfiles.php and examples.php is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks and URL encoded NULL bytes.

tags | exploit, local, php, file inclusion
SHA-256 | d0cf4e6a0566ee44420d01dd97fde3f21f7a6d484e9d9448f4b1f6a0c32cc43c
iBrowser Plugin 1.4.1 Local File Inclusion
Posted Sep 16, 2011
Authored by LiquidWorm | Site zeroscience.mk

iBrowser plugin version 1.4.1 suffers from a local file inclusion vulnerability / file disclosure vulnerability when input passed thru the 'lang' parameter to ibrowser.php, loadmsg.php, rfiles.php and symbols.php is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks and URL encoded NULL bytes.

tags | exploit, local, php, file inclusion
SHA-256 | a153b7a4a47ff146d91e0d79e554e424553ad4ca1efa41e15eaa049ec8a0b46d
Mini FTP Server 1.1 Denial Of Service
Posted Aug 28, 2011
Authored by LiquidWorm | Site zeroscience.mk

Mini FTP Server version 1.1 buffer corruption remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | b954b66b92fff6c7c4842db209961c835199a37a3c1bb75a49811ee6ddea2b88
ManageEngine ServiceDesk Plus 8.0 Cross Site Scripting
Posted Aug 23, 2011
Authored by LiquidWorm | Site zeroscience.mk

ManageEngine ServiceDesk Plus version 8.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | c5e4aace24eeb232523198e9b9fbf7a3b8bc002a0ecc544c0dcfc4d68c940c72
ATutor 2.0.2 HTTP Response Splitting
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor version 2.0.2 suffers from a HTTP response splitting vulnerability.

tags | exploit, web
SHA-256 | da8399ab3bad548b518a4945303c6c748c100bc0caaeae91414d81c717c8ce1e
ATutor 2.0.2 Cross Site Scripting / SQL Injection
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor version 2.0.2 suffers from cross site scripting, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 156e8ca29442c39dd68f426ab627536ea459ec2f62caf6d738900896523fcea0
ATutor AChecker 1.2 Cross Site Scripting / Path Disclosure
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor AChecker version 1.2 suffers from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | f051fdf159320c7c589e285d8b88bea2bf95dbf5dda51944394344650d558b95
ATutor AChecker 1.2 SQL Injection
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor AChecker version 1.2 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 69d0f7a89f886464429de2e220cc5aeecc1f9b05cd0e22b446911e96c541b9f1
ATutor AContent 1.1 Script Insertion
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor AContent version 1.1 suffers from a script insertion vulnerability.

tags | exploit
SHA-256 | a6be43d63054eb477eddea9f0ec640843c438d24439cee3724859cfa283bb118
ATutor AContent 1.1 / 1.3 Cross Site Scripting
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor AContent version 1.1 suffers from multiple cross site scripting vulnerabilities. This also affects version 1.3 as of 2014/01/05.

tags | exploit, vulnerability, xss
SHA-256 | 11f71a7a8fc1b6198d0accd72f3c4a62c57ad812171943bba7e230803cb30eff
ATutor AContent 1.1 SQL Injection
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor AContent version 1.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | f56291915b34b94f96cf88882cc5c3ad29f32c7cd6bb2be6f841ce2ae4b2f103
Digital Scribe 1.5 Cross Site Scripting
Posted Jul 31, 2011
Authored by LiquidWorm | Site zeroscience.mk

Digital Scribe version 1.5 suffers from multiple post cross site scripting vulnerabilities. Input thru the POST parameters 'title', 'last' and 'email' in register.php is not sanitized allowing the attacker to execute HTML code into user's browser session on the affected site.

tags | exploit, php, vulnerability, xss
SHA-256 | b4e758e765d3c3f1dd3bae0aeac26f05237bd21334ea75852e11273d369ff975
Online Grades Project Team 3.2.5 Cross Site Scripting
Posted Jul 25, 2011
Authored by LiquidWorm | Site zeroscience.mk

Online Grades version 3.2.5 suffers from multiple cross site scripting vulnerabilities. The issue is triggered when input passed via multiple parameters to the 'admin/admin.php' script is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

tags | exploit, arbitrary, php, vulnerability, xss
SHA-256 | 97dac1462d3751baa282b6d6356f3f5c1af9936b2fe7fc9e1f21af38da27da98
PG eLMS Pro DEC_2007_01 Blind SQL Injection
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

PG eLMS Pro version DEC_2007_01 suffers from multiple remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | f33c1f60fe48012757d4de9d5b369cbdd1b4511201f7d9fa55519f099d092a34
PG eLMS Pro DEC_2007_01 Cross Site Scripting
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

PG eLMS Pro version DEC_2007_01 suffers from multiple POST cross site scripting vulnerabilities in contact_us.php.

tags | exploit, php, vulnerability, xss
SHA-256 | 3cb7f482a30aa8222e39a62050d674c0b4201c4a9b953dc76fb7e986a91915bf
TCExam 11.2.011 SQL Injection
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

TCExam versions 11.2.011 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 914e1468f043c743fbcb3539d34a062ed28fec35ba1be0ed6dab33cd0deb9e05
TCExam 11.2.011 Cross Site Scripting
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

TCExam versions 11.2.011 and below suffer from multiple pre and post auth cross site scripting vulnerabilities when parsing user input to multiple parameters via GET and POST method in multiple scripts. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, vulnerability, xss
SHA-256 | 124989b21ffded644a3bd7fb5253e0bf4a9f3a0f8cf17bb80608ab44fd14748f
Tugux CMS 1.2 Remote Arbitrary File Deletion
Posted Jul 11, 2011
Authored by LiquidWorm | Site zeroscience.mk

Tugux CMS version 1.2 remote arbitrary file deletion vulnerability.

tags | exploit, remote, arbitrary
SHA-256 | b322ce3279d241071e6638005f0f9486916adab50fcebbdaf25046904c8aa330
Page 1 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close