Twenty Year Anniversary
Showing 26 - 50 of 41,289 RSS Feed

Exploit Files

Nikto 2.1.6 CSV Injection
Posted Jun 18, 2018
Authored by Adam Greenhill

Nikto version 2.1.6 suffers from a csv injection vulnerability.

tags | exploit
advisories | CVE-2018-11652
MD5 | aedc26323562020a43750f0d92a863ca
Redatam Web Server Directory Traversal
Posted Jun 18, 2018
Authored by Berk Dusunur

Redatam Web Server prior to version 7 suffer from a directory traversal vulnerability.

tags | exploit, web, file inclusion
MD5 | 0584808e1c49454251c2d5a7207ce5ef
Redis-cli Buffer Overflow
Posted Jun 18, 2018
Authored by Fakhri Zulkifli

Redis-cli versions prior to 5.0 buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
advisories | CVE-2018-12326
MD5 | a53747670c7b2fd888620a15cd0610c7
Audiograbber 1.83 Buffer Overflow
Posted Jun 18, 2018
Authored by Dennis Herrmann

Audiograbber version 1.83 local SEH buffer overflow exploit.

tags | exploit, overflow, local
MD5 | 8737acad1660bbb2394fd9aba67a272f
Joomla Jomres 9.11.2 Cross Site Request Forgery
Posted Jun 18, 2018
Authored by Borna Nematzadeh

Joomla Jomres component version 9.11.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 85f5c9da3da7654810d5acb079efaa95
phpMyAdmin 4.x Remote Code Execution
Posted Jun 18, 2018
Authored by Matteo Cantoni, Cure53, Michal AihaA | Site metasploit.com

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.

tags | exploit, remote, arbitrary, php
advisories | CVE-2016-5734
MD5 | 40f298aed179561d60e3ea947664bb79
Tapplock Smart Lock Insecure Direct Object Reference
Posted Jun 18, 2018
Authored by Vangelis Stykas

Tapplock Smart Lock suffers from multiple insecure direct object reference vulnerabilities.

tags | exploit, vulnerability
MD5 | 763446d7594572376c209584efb7e078
WordPress Redirection 2.7.1 Deserialization Code Execution
Posted Jun 15, 2018
Authored by Glyn Wintle

WordPress Redirection plugin version 2.7.1 suffers from a code execution vulnerability.

tags | exploit, code execution
MD5 | 1e14e58ceb21022344666e902766b80b
Easy Chat Server 3.1 Add User Local Buffer Overflow
Posted Jun 15, 2018
Authored by Hashim Jawad

Easy Chat Server version 3.1 add user local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | bcabdbd0527bd278db11840e1c948973
rtorrent 0.9.6 Denial Of Service
Posted Jun 14, 2018
Authored by ecx86

rtorrent versions 0.9.6 and below denial of service exploit.

tags | exploit, denial of service
MD5 | 9112f5a4b93d3f374dd3059e367d761d
Joomla Ek Rishta 2.10 SQL Injection
Posted Jun 14, 2018
Authored by Guilherme Assmann

Joomla Ek Rishta component version 2.10 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-12254
MD5 | c9cf00e1bcf138179996aad2f1258826
Soroush IM Desktop App 0.15 Authentication Bypass
Posted Jun 14, 2018
Authored by VortexNeoX64

Soroush IM Desktop App version 0.15 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | 8b2face38684b376cf73245beb80de94
Eclipse Vert.x 3.5.1 HTTP Header Injection
Posted Jun 13, 2018
Authored by Lukasz D.

Eclipse Vert.x versions 3.0.0 through 3.5.1 suffer from an HTTP header injection vulnerability.

tags | exploit, web
MD5 | b0bcdd2957a82518f6bc91174e6bea0c
Samsung Web Viewer For Samsung DVR Cross Site Scripting
Posted Jun 13, 2018
Authored by Yavuz Atlas

Samsung Web Viewer for Samsung DVR suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
advisories | CVE-2018-11689
MD5 | 4c1965dce41d570dded8761c42edd7e7
Rockwell Automation RSLinx Classic / FactoryTalk Linx Gateway Privilege Escalation
Posted Jun 13, 2018
Authored by LiquidWorm | Site zeroscience.mk

Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway suffer from a privilege escalation vulnerability. Rockwell Automation RSLinx Classic versions 3.90.01, 3.73.00, 3.72.00, and 2.58.00 are susceptible. Rockwell Automation FactoryTalk Linx Gateway version 3.90.00 is susceptible.

tags | exploit
advisories | CVE-2018-10619
MD5 | 59c9bf7a610c8becf0674a228bcebf7b
Ecos Secure Boot Stick 5.6.5 Credential Disclosure / Information Leak
Posted Jun 13, 2018
Authored by Michael Rossberg, Guenter Schaefer, Franz Girlich, Robert Lasch | Site telematik.prakinf.tu-ilmenau.de

Ecos Secure Boot Stick version 5.6.5 and System Management version 5.2.68 suffers from credential disclosure and various other security vulnerabilities that can lead to information disclosure.

tags | exploit, vulnerability, info disclosure
MD5 | 410ebe83f339489d39f169146778451a
Microsoft Windows 10 1709 Child Process Restriction Mitigation Bypass
Posted Jun 13, 2018
Authored by James Forshaw, Google Security Research

Microsoft Windows 10 version 1709 suffers from a child process restriction mitigation bypass vulnerability.

tags | exploit, bypass
systems | windows
advisories | CVE-2018-0982
MD5 | 14320128fadf9ab6d9bdc495b2999b56
Redaxo CMS Mediapool Arbitrary File Upload
Posted Jun 13, 2018
Authored by h0n1gsp3cht

Redaxo CMS Mediapool add-on versions prior to 5.5.1 suffer from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | 2ee9e258e0cbc86d2f56b93a4898abbb
MACCMS 10 Cross Site Request Forgery
Posted Jun 13, 2018
Authored by bay0net

MACCMS version 10 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-12114
MD5 | ee33d43696b35ae5172cabdee9ebf0b1
glibc 'realpath()' Privilege Escalation
Posted Jun 12, 2018
Authored by halfdog, Brendan Coles | Site metasploit.com

This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in GNU C Library (glibc) version 2.26 and prior. This Metasploit module uses halfdog's RationalLove exploit to exploit a buffer underflow in glibc realpath() and create a SUID root shell. The exploit has offsets for glibc versions 2.23-0ubuntu9 and 2.24-11+deb9u1. The target system must have unprivileged user namespaces enabled. This Metasploit module has been tested successfully on Ubuntu Linux 16.04.3 (x86_64) with glibc version 2.23-0ubuntu9; and Debian 9.0 (x86_64) with glibc version 2.24-11+deb9u1.

tags | exploit, shell, root
systems | linux, debian, ubuntu
advisories | CVE-2018-1000001
MD5 | fdde72feb2388aee3f2e93395c3c6363
DHCP Client Command Injection (DynoRoot)
Posted Jun 12, 2018
Authored by Felix Wilhelm | Site metasploit.com

This Metasploit module exploits the DynoRoot vulnerability, a flaw in how the NetworkManager integration script included in the DHCP client in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier processes DHCP options. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.

tags | exploit, arbitrary, local, root, spoof, protocol
systems | linux, redhat, fedora
advisories | CVE-2018-1111
MD5 | 5260d2ef5bb8f8bbc5edbc0ec7cb7c67
WordPress Tooltipy 5.0 Cross Site Request Forgery
Posted Jun 12, 2018
Authored by Tom Adams

WordPress Tooltipy plugin version 5.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | a73ed2fa150749fa9b7b1f8405ab4402
WordPress Tooltipy 5.0 Cross Site Scripting
Posted Jun 12, 2018
Authored by Tom Adams

WordPress Tooltipy plugin version 5.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b6c5e7774fb62ebf84c690fa5e490b74
WordPress Redirection 2.7.3 Remote File Inclusion
Posted Jun 12, 2018
Authored by Glyn Wintle

WordPress Redirection plugin version 2.7.3 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | ad8fd6f0edda2fb7d07a6e8d56138be6
Canon PrintMe EFI Cross Site Scripting
Posted Jun 12, 2018
Authored by Huy Kha

Canon PrintMe EFI suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-12111
MD5 | 1b32c8d5e91282bc9f3a9fa12654d6f4
Page 2 of 1,652
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    8 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    32 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    2 Files
  • 18
    Jun 18th
    15 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    15 Files
  • 21
    Jun 21st
    15 Files
  • 22
    Jun 22nd
    7 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close