Exploit the possiblities
Showing 1 - 25 of 40,526 RSS Feed

Exploit Files

Disk Savvy Enterprise 10.4.18 Buffer Ovreflow
Posted Feb 23, 2018
Authored by Daniel Teixeira | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in Disk Savvy Enterprise version 10.4.18, caused by improper bounds checking of the request sent to the built-in server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, overflow, x86
systems | windows, 7
MD5 | bfeae1744c34384854bd5326b5010471
CloudMe Sync 1.10.9 Buffer Overflow
Posted Feb 23, 2018
Authored by Daniel Teixeira, hyp3rlinx | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the CloudMe Sync version 1.10.9 client application. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, overflow, x86
systems | windows, 7
advisories | CVE-2018-6892
MD5 | 41dab942f2886640903e2e9e54f5e2e7
AsusWRT LAN Unauthenticated Remote Code Execution
Posted Feb 23, 2018
Authored by Pedro Ribeiro | Site metasploit.com

The HTTP server in AsusWRT has a flaw where it allows an unauthenticated client to perform a POST in certain cases. This can be combined with another vulnerability in the VPN configuration upload routine that sets NVRAM configuration variables directly from the POST request to enable a special command mode. This command mode can then be abused by sending a UDP packet to infosvr, which is running on port UDP 9999 to directly execute commands as root. This exploit leverages that to start telnetd in a random port, and then connects to it. It has been tested with the RT-AC68U running AsusWRT Version 3.0.0.4.380.7743.

tags | exploit, web, root, udp
advisories | CVE-2018-5999, CVE-2018-6000
MD5 | 0a0cdd7637ea7a4a50df34cad0df396f
Groupon Clone Script 3.0.2 Cross Site Scripting
Posted Feb 23, 2018
Authored by Prasenjit Kanti Paul

Groupon Clone Script version 3.0.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-6868
MD5 | 8c45768488f3a8575379e78609d78040
Alibaba Clone Script 1.0.2 Cross Site Scripting
Posted Feb 23, 2018
Authored by Prasenjit Kanti Paul

Alibaba Clone Script version 1.0.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-6867
MD5 | 52578087deca4d56086eb683f2ff0082
Learning And Examination Management System Script 2.3.1 XSS
Posted Feb 23, 2018
Authored by Prasenjit Kanti Paul

Learning and Examination Management System Script version 2.3.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-6866
MD5 | 56a3caf5187054a653b75978805b772b
Joomla! OS Property Real Estate 3.12.7 SQL Injection
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! OS Property Real Estate component version 3.12.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-7319
MD5 | 10c1e12862bd58e0615a8e888d05f32d
Joomla! Proclaim 9.1.1 Shell Upload
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! Proclaim component version 9.1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
advisories | CVE-2018-7316
MD5 | e4b3f4730e22f3b7318737ee5628509e
Joomla! CheckList 1.1.1 SQL Injection
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! CheckList component version 1.1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-7318
MD5 | da40a67229d8a2554d96e24e8dd85c27
Joomla! Alexandria Book Library 3.1.2 SQL Injection
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! Alexandria Book Library component version 3.1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-7312
MD5 | 7cc1ce6165302e8abb336073f066c668
Joomla! Ek Rishta 2.9 SQL Injection
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! Ek Rishta component version 2.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-7315
MD5 | 0ff338c1363cd3325828f73ab0044dcc
Joomla! PrayerCenter 3.0.2 SQL Injection
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! PrayerCenter component version 3.0.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-7314
MD5 | a59a49349bb73dce4fb20f3fec9b5047
Joomla! Proclaim 9.1.1 Backup Disclosure
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! Proclaim component version 9.1.1 suffers from a backup disclosure vulnerability.

tags | exploit
advisories | CVE-2018-7317
MD5 | 250a8ab6bfe43d75e960a12779b9defd
Joomla! CW Tags 2.0.6 SQL Injection
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! CW Tags component version 2.0.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-7313
MD5 | 1b2237938dd63d23e8890c9f2a72fc55
NoMachine nxfuse Privilege Escalation
Posted Feb 23, 2018
Authored by Fidus InfoSecurity

NoMachine versions prior to 6.0.80 (x64) suffer from an nxfuse privilege escalation vulnerability.

tags | exploit
advisories | CVE-2018-6947
MD5 | 8a5db7fa6bd183e57b076f19b78e3126
Armadito Antivirus 0.12.7.2 Detection Bypass
Posted Feb 23, 2018
Authored by Souhail Hammou

Armadito Antivirus version 0.12.7.2 suffers from a detection bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2018-7289
MD5 | f5b81f188805211be13432cac9f664ab
Disk Pulse Enterprise 10.4.18 Buffer Overflow
Posted Feb 23, 2018
Authored by Daniel Teixeira

Disk Pulse Enterprise version 10.4.18 suffers from an import command buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-7310
MD5 | 306d6473f1da65b39b55c3e2eb726093
Disk Savvy Enterprise 10.4.18 Buffer Overflow
Posted Feb 23, 2018
Authored by Daniel Teixeira

Disk Savvy Enterprise version 10.4.18 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2018-6481
MD5 | d0a5403b18b4719bbfcc5ed6a346f8fa
Wavpack 5.1.0 Denial Of Service
Posted Feb 23, 2018
Authored by r4xis

Wavpack version 5.1.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2018-7254
MD5 | 101ae8999ce6a951af0e1503218bfffc
Microsoft IE11 Js::RegexHelper::RegexReplace Use-After-Free
Posted Feb 22, 2018
Authored by Ivan Fratric, Google Security Research

Microsoft IE11 suffers from a use-after-free vulnerability in Js::RegexHelper::RegexReplace.

tags | exploit
advisories | CVE-2018-0866
MD5 | 21e0ce967c4444c198feef093336a61e
Windows Constrained Impersonation Capability Privilege Escalation
Posted Feb 22, 2018
Authored by James Forshaw, Google Security Research

Windows suffers from a Constrained Impersonation Capability privilege escalation vulnerability.

tags | exploit
systems | windows
advisories | CVE-2018-0821
MD5 | 1f17f321ec2055627ec4f2ce8c689dc4
Windows StorSvc SvcMoveFileInheritSecurity Arbitrary File Security Descriptor Overwrite
Posted Feb 22, 2018
Authored by James Forshaw, Google Security Research

Windows StorSvc SvcMoveFileInheritSecurity suffers from an arbitrary file security descriptor overwrite vulnerability that allows for privilege escalation.

tags | exploit, arbitrary
systems | windows
MD5 | c23ff1030843d4b2a8918b43f35200c0
Trend Micro Email Encryption Gateway XSS / Code Execution
Posted Feb 21, 2018
Authored by Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com

Trend Micro Email Encryption Gateway suffers from cleartext transmission of sensitive information, missing authentication, cross site request forgery, cross site scripting, and various other vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2018-6219, CVE-2018-6220, CVE-2018-6221, CVE-2018-6222, CVE-2018-6223, CVE-2018-6224, CVE-2018-6225, CVE-2018-6226, CVE-2018-6227, CVE-2018-6228, CVE-2018-6229, CVE-2018-6230
MD5 | 223e4ef70d15bf9047b6fde86990def0
EChat Server 3.1 CHAT.ghp Buffer Overflow
Posted Feb 21, 2018
Authored by Juan Sacco

EChat Server version 3.1 suffers from a buffer overflow vulnerability in CHAT.ghp.

tags | exploit, overflow
MD5 | e8de314cc62dfc852d982ec99b634622
Navarino Infinity Blind SQL Injection / Session Fixation
Posted Feb 21, 2018
Authored by Vangelis Stykas

Navarino Infinity versions prior to 2.2 suffer from session fixation and remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 8c6b15e0bd87e4ae1bcbbb82908fa878
Page 1 of 1,622
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    16 Files
  • 20
    Feb 20th
    16 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    16 Files
  • 23
    Feb 23rd
    31 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close