exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files Date: 2017-10-25

KeystoneJS 4.0.0-beta.5 Unauthenticated Stored Cross Site Scripting
Posted Oct 25, 2017
Authored by Ishaq Mohammed

KeystoneJS version 4.0.0-beta.5 suffers from an unauthenticated stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-15878
SHA-256 | 881abd2d25635bf6646252976fd1a62284d08ac39e533e0472bf231f6bec2316
KeystoneJS 4.0.0-beta.5 Unauthenticated CSV Injection
Posted Oct 25, 2017
Authored by Ishaq Mohammed

KeystoneJS version 4.0.0-beta.5 suffers from an unauthenticated CSV injection vulnerability in admin/server/api/download.js and lib/list/getCSVData.js.

tags | exploit
advisories | CVE-2017-15879
SHA-256 | 2a0d06a04621ea6257d1518d4b20206d976b94c65caac627e89f9c7e3f23cccd
Windows NTLM Auth Hash Disclosure / Denial Of Service
Posted Oct 25, 2017
Authored by Juan Diego

Under certain circumstances a shared folder on Windows can be abused remotely to obtain the user credentials and to freeze the machine.

tags | exploit
systems | windows
SHA-256 | a3786c197d5f84764cc4238584bcbb27d4db39d6327b9a342215870ceb7ce56b
Sophos UTM 9 Management Appplication Local File Inclusion
Posted Oct 25, 2017
Authored by Matthew Bergin | Site korelogic.com

Sophos UTM 9 suffers from a local file inclusion vulnerability. Version 9.410 is affected.

tags | exploit, local, file inclusion
SHA-256 | ba17012c9d21cd3e781e366f214abfdf9faf9780535e543ae9cf3a40603af138
Sophos UTM 9 loginuser Privilege Escalation Via Insecure Directory Permissions
Posted Oct 25, 2017
Authored by Matthew Bergin | Site korelogic.com

Sophos UTM 9 suffers from a loginuser privilege escalation vulnerability via insecure directory permissions. Version 9.410 is affected.

tags | exploit
SHA-256 | fd8843e98bd26838d92a0d52e8d9620f3e5d6a90bc1aa8cc078996b66040699a
Sonicwall WXA5000 1.3.2-10-30 Console Jail Escape / Privilege Escalation
Posted Oct 25, 2017
Authored by Matthew Bergin | Site korelogic.com

Sonicwall WXA5000 version 1.3.2-10-30 suffers from console jail escape and privilege escalation vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 528772153763dde340abad6b6f539c06481ea3af1b1c1bc7eda3277928a19022
Infoblox NetMRI VM-AD30-5C6CE Factory Reset Persistence
Posted Oct 25, 2017
Authored by Matthew Bergin | Site korelogic.com

Infoblox NetMRI version VM-AD30-5C6CE suffers from an administration shell factory reset persistence vulnerability.

tags | exploit, shell
SHA-256 | b441994193d057c810483b9cd2d4dad307269cc38772ac61db1b6c79283f9899
Infoblox NetMRI 7.1.4 Shell Escape / Privilege Escalation
Posted Oct 25, 2017
Authored by Hank Leininger, Matthew Bergin | Site korelogic.com

Infoblox NetMRI versions 7.1.2 through 7.1.4 suffer from administration shell escape and privilege escalation vulnerabilities.

tags | exploit, shell, vulnerability
SHA-256 | cf2764068642712d57bf637c469af8efd08229679a4265ceb71c2691a388b2a0
Ubuntu Security Notice USN-3425-2
Posted Oct 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3425-2 - USN-3425-1 fixed a vulnerability in Apache HTTP Server. This update provides the corresponding update for Ubuntu 12.04 ESM. Hanno Boeck discovered that the Apache HTTP Server incorrectly handled A Limit directives in .htaccess files. In certain configurations, a A remote attacker could possibly use this issue to read arbitrary server A memory, including sensitive information. This issue is known as A Optionsbleed. Various other issues were also addressed.

tags | advisory, remote, web, arbitrary
systems | linux, ubuntu
SHA-256 | ec9e7c6f5d337302858cf2a0818db50e9651066e124b29ee53ae385d7ba5388c
Ubuntu Security Notice USN-3388-2
Posted Oct 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3388-2 - USN-3388-1 fixed several vulnerabilities in Subversion. This update provides the corresponding update for Ubuntu 12.04 ESM. Ivan Zhakov discovered that Subversion did not properly handle some requests. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2167, CVE-2016-2168, CVE-2017-9800
SHA-256 | a687e5391fa1b5969d8465cd6fe1b7abad9ba098f227067976e565ef0aebea20
PHP Melody 2.6.1 SQL Injection
Posted Oct 25, 2017
Authored by Venkat Rajgor

PHP Melody version 2.6.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | a425a7ab3c7c14869cba15e86f433029050c51e41a96a88f5760ede827b8c0fc
FS OLX Clone SQL Injection
Posted Oct 25, 2017
Authored by 8bitsec

FS OLX Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c3d39648da58b9f3b01ba0d06e2355dd85b266a83c1d0bfb9f62bdc999bd190e
FS Ebay Clone SQL Injection
Posted Oct 25, 2017
Authored by 8bitsec

FS Ebay Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 13f64510b602c003c2efd5f84284981e2ca77d1f200b5998b39ec5fc62bcfe76
Debian Security Advisory 4006-1
Posted Oct 25, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4006-1 - Multiple vulnerabilities have been found in MuPDF, a PDF file viewer, which may result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-14685, CVE-2017-14686, CVE-2017-14687, CVE-2017-15587
SHA-256 | b434341ba675edfdd0294230b93749bfaba7130b722225d87a404cf8baf4122b
Ubuntu Security Notice USN-3411-2
Posted Oct 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3411-2 - USN-3411-1 fixed a vulnerability in Bazaar. This update provides the corresponding update for Ubuntu 12.04 ESM. A Adam Collard discovered that Bazaar did not properly handle host names A in 'bzr+ssh://' URLs. A remote attacker could use this to construct A a bazaar repository URL that when accessed could run arbitrary code A with the privileges of the user. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
SHA-256 | d2232a8ccd4ab791bae18f23bd07111564d267f8de4f31375381fb47c7d63efd
Ayukov NFTP FTP Client Buffer Overflow
Posted Oct 25, 2017
Authored by Berk Cem Goksel

Ayukov NFTP FTP Client versions prior to 2.0 suffer from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-15222
SHA-256 | a632bf99ff3bbdbfc9a053514ff1f6b5add7c5b91645feb0f209c26eb01b180b
FS Book Store Script SQL Injection
Posted Oct 25, 2017
Authored by 8bitsec

FS Book Store Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e1f920458be0c16c31deadeef0cd520feaa4107d70158442f95cef757b35e9aa
FS Amazon Clone SQL Injection
Posted Oct 25, 2017
Authored by 8bitsec

FS Amazon Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | fdd74476c24b10ca62c62f6f629c0de1ff948963a052e7e6bc6bc54fc06b0196
CometChat Local File Inclusion
Posted Oct 25, 2017
Authored by Luke Paris

CometChat versions prior to 6.2.0 BETA 1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 8ed60d89b947c01969d393d54572218af37662f5dcc5cc16852f537dc5f12c91
FS Food Delivery Script SQL Injection
Posted Oct 25, 2017
Authored by 8bitsec

FS Food Delivery Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | af21bab8b5dcd0eec7746fc3a17a79d9bdadde5fe704e4941e5aa8111dff1e43
Netgear DGN1000 Setup.cgi Remote Command Execution
Posted Oct 25, 2017
Authored by Roberto Paleari | Site metasploit.com

This Metasploit module exploits an unauthenticated OS command execution vulnerability in the setup.cgi file in Netgear DGN1000 firmware versions up to 1.1.00.48, and DGN2000v1 models.

tags | exploit, cgi
SHA-256 | 86c53ad96211bee0a0215a95caed6678b01af806833286d61151eee772e71fa9
osTicket 1.10.1 Shell Upload
Posted Oct 25, 2017
Authored by Rajwinder Singh

osTicket version 1.10.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2017-15580
SHA-256 | ce15e751def8d93cd66218093fd5ea3fa6f5420a74a1b91f773ab1c8e8466195
Easy MPEG/AVI/DIVX/WMV/RM To DVD Buffer Overflow
Posted Oct 25, 2017
Authored by Venkat Rajgor

Easy MPEG/AVI/DIVX/WMV/RM to DVD buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | d9e741a1d1215c8034fa2eb5337e705f28fb836d52ac8dd87c767cfcf035852d
ArGoSoft Mini Mail Server 1.0.0.2 Denial Of Service
Posted Oct 25, 2017
Authored by Berk Cem Goksel

ArGoSoft Mini Mail Server version 1.0.0.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-15223
SHA-256 | 55774b4428664ba2332d7f5e4492418894bc5407fa5631fdbce8d3bd59a10650
Linux Kernel 4.14.0-rc4+ waitid() Privilege Escalation
Posted Oct 25, 2017
Authored by XeR_0x2A, chaign_c

Linux Kernel version 4.14.0-rc4+ waitid() privilege escalation exploit.

tags | exploit, kernel
systems | linux
advisories | CVE-2017-5123
SHA-256 | ad2f7368a6b794e683035e93e709ee032d99808bca8403ed47ec0e796c474f2d
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close