Twenty Year Anniversary
Showing 101 - 125 of 40,837 RSS Feed

Exploit Files

LineageOS 14.1 Blueborne Remote Code Execution
Posted Apr 6, 2018
Authored by Marcin Kozlowski

LineageOS version 14.1 Blueborne suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-0781
MD5 | 90410d5586fb58a108784ae1818b9a2b
WebKit WebAssembly Missing Order Check
Posted Apr 6, 2018
Authored by Google Security Research, natashenka

When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check validateOrder() does not adequately check that sections are in the correct order when a binary contains custom sections.

tags | exploit
MD5 | d9c23ee48266ac97c0d46ca18c95d336
Onethink CMS Server Side Request Forgery
Posted Apr 6, 2018
Authored by Jiawang Zhang, Qian Wu, Bo Wang

Onethink CMS versions released up to date 2018/04/06 suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2017-14323
MD5 | 37fbf6905231e41dc7ab8bbf92cf136c
Z-Blog 1.5.1.1740 Cross Site Scripting
Posted Apr 5, 2018
Authored by zzw

Z-Blog version 1.5.1.1740 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-7736
MD5 | f1f7f62827a7b4abea2e5361f1a04dc4
YzmCMS 3.6 Cross Site Scripting
Posted Apr 5, 2018
Authored by zzw

YzmCMS version 3.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-7653
MD5 | 0f37576ed66fa3e6d42c7efedbd840ab
GetSimple CMS 3.3.13 Cross Site Scripting
Posted Apr 5, 2018
Authored by Sureshbabu Narvaneni

GetSimple CMS version 3.3.13 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-9173
MD5 | 6ecf79314326952339c1a3dd3cf28540
Joomla JS Jobs 1.2.0 Cross Site Scripting
Posted Apr 5, 2018
Authored by Sureshbabu Narvaneni

Joomla JS Jobs component version 1.2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-9183
MD5 | 645eb32d80dec449657d13a251ad2a7f
MyBB Downloads 2.0.3 Cross Site Scripting
Posted Apr 5, 2018
Authored by 0xB9

MyBB Downloads plugin version 2.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b160710ea500ac72bff60c07796b7417
Microsoft Windows jscript Use-After-Free
Posted Apr 5, 2018
Authored by Ivan Fratric, Google Security Research

Microsoft Windows suffers from multiple use-after-free issues in jscript Array methods.

tags | exploit
systems | windows
advisories | CVE-2018-0935
MD5 | 54dbc94c4392c67aa6871073166ebbc0
Z-Blog 1.5.1.1740 Full Path Disclosure
Posted Apr 5, 2018
Authored by zzw

Z-Blog version 1.5.1.1740 suffers from a full path disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2018-7737
MD5 | b539f83d3245ec921cb13135e29d3f56
PMS 0.42 Stack-Based Buffer Overflow
Posted Apr 4, 2018
Authored by Juan Sacco

PMS version 0.42 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 040caf5340322857b30d22ea4686e161
FiberHome VDSL2 Modem HG 150-UB Login Bypass
Posted Apr 4, 2018
Authored by Noman Riffat

FiberHome VDSL2 Modem HG 150-UB suffers from a login bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2018-9248
MD5 | cc018f464eed5329f3febb11bd5f1fe7
Microsoft Sharepoint 14.x Cross Site Scripting
Posted Apr 4, 2018
Authored by Mostafa Gharzi

Microsoft Sharepoint version 14.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a03ce9730e95243aa47abaea9ef193d2
Adobe Flash 28.0.0.137 Remote Code Execution
Posted Apr 4, 2018
Authored by SyFi

Adobe Flash versions 28.0.0.137 and below remote code execution proof of concept exploit.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2018-4878
MD5 | d2fd29c4f918f11dabd7bb253cc87a3f
Sophos Endpoint Protection 10.7 Insecure Cryptography
Posted Apr 4, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Sophos Endpoint Protection version 10.7 control panel authentication uses a weak unsalted unicoded cryptographic hash (SHA1) function. Not using a salt allows attackers that gain access to hash ability to conduct faster cracking attacks using pre-computed dictionaries, e.g. rainbow tables. This can potentially result in unauthorized access that could allow for changing of settings, whitelist or unquarantine files.

tags | exploit
advisories | CVE-2018-9233
MD5 | 17d6f74a89bfb18403ee901bf2ed270d
Sophos Endpoint Protection 10.7 Tamper Protection Bypass
Posted Apr 4, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Sophos Endpoint Protection version 10.7 suffers from a tamper protection bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2018-4863
MD5 | 81f02a8434690f8501645852069a7be1
MPEngine UnRAR Inherited Flaw
Posted Apr 4, 2018
Authored by Thomas Dullien, Google Security Research

Inspection of mpengine.dll revealed that the code responsible for processing RAR archives appears to be a forked and modified version of the original unrar code and has a vulnerability that has since been patched in newer versions of unrar.

tags | exploit
MD5 | 1d20cff34936c67b825e496b10f33391
Rockwell LOGIX 5324 ER Cross Site Scripting
Posted Apr 3, 2018
Authored by Sezai Ali HOROZOGLU, Adegsmail BALBAL

Rockwell LOGIX 5324 ER suffers from cross site scripting and html injection vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | ea5b7abf9d32d9e47f4676930d6def4b
ProcessMaker Plugin Code Execution
Posted Apr 3, 2018
Authored by Brendan Coles | Site metasploit.com

This Metasploit module will generate and upload a plugin to ProcessMaker resulting in execution of PHP code as the web server user. Credentials for a valid user account with Administrator roles is required to run this module. This Metasploit module has been tested successfully on ProcessMaker versions 1.6-4276, 2.0.23, 3.0 RC 1, 3.2.0, 3.2.1 on Windows 7 SP 1; and version 3.2.0 on Debian Linux 8.

tags | exploit, web, php
systems | linux, windows, debian, 7
MD5 | 62ca13841303372ebfe7885ec8e1b271
Microsoft Edge Charka JIT Incomplete Fix For Issue 1420 #2
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

A security fix applied for Microsoft Edge Chakra JIT is incomplete.

tags | exploit
advisories | CVE-2018-0934
MD5 | 6099c93a3f08c4e81ed7de84882cba0a
Microsoft Edge Charka JIT Incomplete Fix For Issue 1420
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

A security fix applied for Microsoft Edge Chakra JIT is incomplete.

tags | exploit
advisories | CVE-2018-0933
MD5 | dc6e350de68f5b22d4f1cdba5404821b
Chrome V8 Genesis::InitializeGlobal Bugs
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

Chrome V8 has multiple bugs in Genesis::InitializeGlobal.

tags | exploit
MD5 | 0b5c156e751faddf1932eeb73dcaf083
Chrome V8 ElementsAccessorBase::CollectValuesOrEntriesImpl Type Confusion
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

Chrome V8 suffers from a type confusion vulnerability in ElementsAccessorBase::CollectValuesOrEntriesImpl.

tags | exploit
advisories | CVE-2018-6064
MD5 | e92050fc25960e3ebedf1862a29f2346
DuckDuckGo 4.2.0 WebRTC Private IP Leakage
Posted Apr 3, 2018
Authored by Brendan Coles, Mishra Dhiraj | Site metasploit.com

This Metasploit module exploits a vulnerability in browsers using well-known property of WebRTC (Web Real-Time Communications) which enables Web applications and sites to capture or exchange arbitrary data between browsers without requiring an intermediary.

tags | exploit, web, arbitrary
advisories | CVE-2018-6849
MD5 | 1d9975950bdc7255d15ef79cf990fc30
ShoprLynx 9.2.3 Insecure File Permissions
Posted Apr 2, 2018
Authored by LiquidWorm | Site zeroscience.mk

ShoprLynx version 9.2.3 suffers from an insecure file permissions vulnerability.

tags | exploit
MD5 | 34cb6eae09a136075078fd8f17fca5cf
Page 5 of 1,634
Back34567Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    7 Files
  • 21
    Apr 21st
    10 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close