Twenty Year Anniversary
Showing 51 - 75 of 42,291 RSS Feed

Exploit Files

Surreal ToDo 0.6.1.2 Local File Inclusion
Posted Nov 13, 2018
Authored by Ihsan Sencan

Surreal ToDo version 0.6.1.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 4544bbb63c826c4b3fdfc2422dc06211
Surreal ToDo 0.6.1.2 SQL Injection
Posted Nov 13, 2018
Authored by Ihsan Sencan

Surreal ToDo version 0.6.1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 265992952bc4e252b41f04b8a6586d21
XAMPP Control Panel 3.2.2 Buffer Overflow
Posted Nov 13, 2018
Authored by Gionathan Reale, Semen Alexandrovich Lyhin

XAMPP Control Panel version 3.2.2 SEH unicode buffer overflow exploit.

tags | exploit, overflow
MD5 | fc81a31ec51873be9f0185f023efc416
Cisco Prime Infrastructure Unauthenticated Remote Code Execution
Posted Nov 13, 2018
Authored by Pedro Ribeiro | Site metasploit.com

Cisco Prime Infrastructure (CPI) contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege escalation to root by bypassing execution restrictions in a SUID binary. This Metasploit module exploits these vulnerabilities to achieve unauthenticated remote code execution as root on the CPI default installation. This Metasploit module has been tested with CPI 3.2.0.0.258 and 3.4.0.0.348. Earlier and later versions might also be affected, although 3.4.0.0.348 is the latest at the time of writing. The file upload vulnerability should have been fixed in versions 3.4.1 and 3.3.1 Update 02.

tags | exploit, remote, root, vulnerability, code execution, file upload
systems | cisco
advisories | CVE-2018-15379
MD5 | 2c9170145359581c4c8d1c13f564bce3
Android RSSI Broadcast Information Disclosure
Posted Nov 13, 2018
Authored by Yakov Shafranovich, Vilius Kraujutis | Site wwws.nightwatchcybersecurity.com

Android OS suffers from a sensitive data exposure vulnerability in its RSSI broadcasts.

tags | exploit, info disclosure
advisories | CVE-2018-9581
MD5 | a26217d9d0c12d9ab358f22208fabe78
Android 5.0 Battery Information Broadcast Information Disclosure
Posted Nov 13, 2018
Authored by Yakov Shafranovich, Vilius Kraujutis | Site wwws.nightwatchcybersecurity.com

Android OS version 5.0 suffers from a sensitive data exposure vulnerability in its battery information broadcasts.

tags | exploit, info disclosure
advisories | CVE-2018-15835
MD5 | 1662a0811657c2af60dfcefe19ec6d2f
TufinOS 2.1.7 Build 1193 XML Injection
Posted Nov 12, 2018
Authored by Konstantinos Alexiou

TufinOS version 2.1.7 build 1193 suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | ccd2c04ce995ab3a02c0fb45eeb538aa
The Don 1.0.1 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

The Don version 1.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a6151d20387a2fb7f431a9064d670d29
Mongoose Web Server 6.9 Denial Of Service
Posted Nov 12, 2018
Authored by Ihsan Sencan

Mongoose Web Server version 6.9 suffers from a denial of service vulnerability.

tags | exploit, web, denial of service
MD5 | 0bfc59fbbe8fc8dce5ff5ee4bf59679b
Nominas 0.27 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

Nominas version 0.27 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 035d880db5eccd94dd115104f910b017
ServerZilla 1.0 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

ServerZilla version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7b2b67def4a643fdfd3f2c493c0fa519
GPS Tracking System 2.12 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

GPS Tracking System version 2.12 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b3d47b43dcee7925d466c114f0441523
Easyndexer 1.0 Cross Site Request Forgery
Posted Nov 12, 2018
Authored by Ihsan Sencan

Easyndexer version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 5cddd718e27c0e3419a973f5446a7e5d
Facturation System 1.0 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

Facturation System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | cc739da9b1dce4e69acec65524f7f8ed
Paroiciel 11.20 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

Paroiciel version 11.20 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2cef56992e3bde78149d1a2a712ab38b
Data Center Audit 2.6.2 SQL Injection
Posted Nov 12, 2018
Authored by Ihsan Sencan

Data Center Audit version 2.6.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 50743004a9d872e2e1324206cc8fb52a
WordPress PeepSo 1.11.2 Cross Site Scripting
Posted Nov 12, 2018
Authored by Socket_0x03

WordPress PeepSo plugin version 1.11.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0d2abe1f8360ec073ae662fa0f60ddd8
WordPress PeepSo 1.11.2 SQL Injection
Posted Nov 12, 2018
Authored by Socket_0x03

WordPress PeepSo plugin version 1.11.2 suffers from a remote time-based SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f7801a9f20acb28193e406e3e8127b11
WordPress WP User Manager 2.0.8 SQL Injection
Posted Nov 12, 2018
Authored by Socket_0x03

WordPress WP User Manager plugin version 2.0.8 suffers from a remote time-based SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b23aa52bd9caaf0ef1b7daec59bcbab1
Vignette Content Management 6 Security Bypass
Posted Nov 12, 2018
Authored by Rafael Pedrero

Vignette Content Management version 6 suffers from a security bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2018-18941
MD5 | 134f2f8a3d512fe1b1e828f5bdf8ebdf
Netscape Enterprise 3.63 Cross Site Scripting
Posted Nov 12, 2018
Authored by Rafael Pedrero

Netscape Enterprise 3.63 suffers from a cross site scripting vulnerability in the default SnoopServlet servlet.

tags | exploit, xss
advisories | CVE-2018-18940
MD5 | 0c6b97708954b5902901fac4c063a6c2
Advanced Comment System 1.0 SQL Injection
Posted Nov 12, 2018
Authored by Rafael Pedrero

Advanced Comment System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-18619
MD5 | 2e410b3407ce4a5c6db3c52fa0679770
WordPress Media File Manager 1.4.2 Directory Traversal
Posted Nov 12, 2018
Authored by Pasquale Turi

WordPress Media File Manager plugin version 1.4.2 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | ad440b3cb42becebba5381c62008256e
TP-Link Archer C50 Wireless Router 171227 CSRF
Posted Nov 12, 2018
Authored by Wadeek

TP-Link Archer C50 Wireless Router 171227 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 2efb2a61dba26a8d7f468c0bea401132
HeidiSQL 9.5.0.5196 Denial Of Service
Posted Nov 12, 2018
Authored by Victor Mondragon

HeidiSQL version 9.5.0.5196 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 1b41b9a6b07f55592e488ec83227d070
Page 3 of 1,692
Back12345Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close