Showing 1 - 25 of 285

Files

Packet Storm New Exploits For 2015: Posted Jan 1, 2016; Authored by Todd J. | Site packetstormsecurity.com; Complete comprehensive archive of all 2,311 exploits added to Packet Storm in 2015.; tags | exploit; systems | linux; SHA-256 | fc8074951b1bd82e3b4f5abc4576d42f54bbd7ab04172e004d1f267cc75e36a4; Download | Favorite | View

Packet Storm New Exploits For December, 2015: Posted Jan 1, 2016; Authored by Todd J. | Site packetstormsecurity.com; This archive contains 283 exploits that were added to Packet Storm in December, 2015.; tags | exploit; systems | linux; SHA-256 | 4022bfde30f47a194103882680d0d06509b5da5b3c569ae7f6eacc159f148245; Download | Favorite | View

Joomla 3.4.5 Object Injection: Posted Dec 31, 2015; Authored by Khashayar Fereidani; Joomla versions 1.5.x through 3.4.5 object injection exploit that allows for code execution and more. Written in golang.; tags | exploit, code execution; advisories | CVE-2015-8562; SHA-256 | 1134e88fe3a65c32fd5110807c6df065cc7bbbc72d79341eb6c13b16011fca94; Download | Favorite | View

Trend Micro DLL Hijacking: Posted Dec 31, 2015; Authored by Stefan Kanthak; TrendMicro_MAX_10.0_US-en_Downloader.exe loads and executes ProfAPI.dll and UXTheme.dll (and other DLLs too) eventually found in the directory it is started from.; tags | exploit; systems | windows; SHA-256 | c0671e37659541c6c0bbbb19381f144e24a52d8a638e4bc161e8a1032ac09225; Download | Favorite | View

KODExplorer 3.21 Cross Site Request Forgery: Posted Dec 31, 2015; Authored by Ben khlifa Fahmi; KODExplorer web file manager versions 3.21 and below suffer from multiple cross site request forgery vulnerabilities.; tags | exploit, web, csrf; SHA-256 | a6fdbf1e7430218c402b65dfecb7be4c2d6fdca3e63619dbcbe652c22d55ecea; Download | Favorite | View

WordPress Simple Ads Manager 2.9.4.116 SQL Injection: Posted Dec 30, 2015; Authored by Kacper Szurek; WordPress Simple Ads Manager plugin version 2.9.4.116 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | c3225024050bfa8485a3aa261ef44cdbf1842789ed7f02486760b470ce90f477; Download | Favorite | View

Netduma R1 1.03.4 / 1.03.5 Cross Site Request Forgery: Posted Dec 30, 2015; Authored by Josh Chaney; Netduma R1 router versions 1.03.4 and 1.03.5 suffer from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | cb9861408b2a312ef9c0c0798a0356f98ce6e8596554528293cfa5537a7cd173; Download | Favorite | View

FTPShell Client 5.24 Buffer Overflow: Posted Dec 30, 2015; Authored by hyp3rlinx | Site hyp3rlinx.altervista.org; FTPShell Client version 5.24 suffers from a buffer overflow vulnerability.; tags | exploit, overflow; SHA-256 | 2ad4624ed3713e9d5fba9c1b46d2e27a1cc02ad0ee37fe7729bdf7ca9a5666f4; Download | Favorite | View

DeleGate 9.9.13 Local Root: Posted Dec 30, 2015; Authored by Larry W. Cashdollar; Installation of DeleGate version 9.9.13 sets some binaries setuid root and at least one of these binaries can be used to escalate the privileges of a local user. The binary dgcpnod creates a node allowing a local unprivileged user to create files anywhere on disk. By creating a file in /etc/cron.hourly a local user can execute commands as root.; tags | exploit, local, root; advisories | CVE-2015-7556; SHA-256 | 7f7b948cf0c658577a60b54e041918a12f7d33a376ff4d93c8a8740f4fddad56; Download | Favorite | View

KODExplorer Web File Manager Cross Site Scripting: Posted Dec 30, 2015; Authored by Ben khlifa Fahmi; KODExplorer web file manager suffers from a cross site scripting vulnerability.; tags | exploit, web, xss; SHA-256 | a0105f30c9687518ec81049807bbf8fb7193299431ee0d621c176c069d12cadb; Download | Favorite | View

InterPhoto 2.3.0 Persians Database Disclosure: Posted Dec 30, 2015; Authored by indoushka; InterPhoto version 2.3.0 Persians suffers from a database disclosure vulnerability.; tags | exploit, info disclosure; SHA-256 | b9332d288e8d706e22260bfa2c7d25ac712e49b70bcbd14e8c91fcec8903639d; Download | Favorite | View

AVG WebTune Hijacking: Posted Dec 29, 2015; Authored by Tavis Ormandy, Google Security Research; AVG's Web Tune extension maliciously works to bypass the Chrome malware checks and leaves broken JavaScript APIs available. The attached exploit steals cookies from avg.com.; tags | exploit, web, javascript; systems | linux; SHA-256 | bc6771c4f589518e2a4514e7c5963c7ac6e4f7a4abf44b90f9df910e567a4843; Download | Favorite | View

Beezfud Remote Code Execution: Posted Dec 29, 2015; Authored by Ehsan Hosseini; Beezfud suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | 497a4606c5bb1310751ac087938088185c27e036193143a5a7f63aea7b2a8d8f; Download | Favorite | View

NASA Cross Site Scripting: Posted Dec 29, 2015; Authored by 4TT4CK3R; ghrc.nsstc.nasa.gov suffered from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 39c8465d756607f1fcd5544160fdda382abab5af697af9fa153ba65efff5fa84; Download | Favorite | View

PHP Melody CMS 2.3 SQL Injection: Posted Dec 27, 2015; Authored by V For Vendetta; PHP Melody CMS version 2.3 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, php, sql injection; SHA-256 | 3ce0e6de5b497053859c2d83646c7f89a4d121e02e130934677bae1f948ac14a; Download | Favorite | View

RW::Download 4.0.8 File Inclusion / SQL Injection: Posted Dec 26, 2015; Authored by indoushka; RW::Download version 4.0.8 suffers from remote and local file inclusion and remote SQL injection vulnerabilities.; tags | exploit, remote, local, vulnerability, code execution, sql injection, file inclusion; SHA-256 | a56588c35a1599d4874c8ae698232a9d5a487865ba837e1af15f014bb3f00f3d; Download | Favorite | View

AccessDiver 4.301 Build 5888 Buffer Overflow: Posted Dec 26, 2015; Authored by hyp3rlinx | Site hyp3rlinx.altervista.org; AccessDiver version 4.301 build 5888 suffers from a buffer overflow vulnerability.; tags | exploit, overflow; SHA-256 | 849355e29545b0be3f930fb8b655f633aeed9476aa1768fa04565dd2c20df444; Download | Favorite | View

EasyCafe Server 2.2.14 Remote File Read: Posted Dec 25, 2015; Authored by R-73eN; EasyCafe Server versions 2.2.14 and below suffer from a remote file read vulnerability.; tags | exploit, remote; SHA-256 | 121818ec38b64281f7a95209aa9db936cfefb36b812148de3e51ee15bd39e65c; Download | Favorite | View

Bigware Shop 2.3.01 Cross Site Scripting / File Upload: Posted Dec 25, 2015; Authored by indoushka; Bigware Shop version 2.3.01 suffers from cross site scripting and remote file upload vulnerabilities.; tags | exploit, remote, vulnerability, xss, file upload; SHA-256 | 0fda50166e50607bde50341fa86b07ba1d509d42e6e3efb1bc624c983bd8d609; Download | Favorite | View

Backshell Web Shell Cross Site Request Forgery: Posted Dec 25, 2015; Authored by Ehsan Hosseini; Backshell Web Shell suffers from a cross site request forgery vulnerability.; tags | exploit, web, shell, csrf; SHA-256 | e1667825acf8a9542de3584932040fd9b7faa17088c2d663c3f51ce4f779f9c5; Download | Favorite | View

Bigware Shop 2.3.01 Local File Inclusion: Posted Dec 24, 2015; Authored by bd0rk; Bigware Shop version 2.3.01 suffers from multiple local file inclusion vulnerabilities.; tags | exploit, local, vulnerability, file inclusion; SHA-256 | 9946bd3b9e89313d99f6e1d094c69eda3ba65830a2082252c809e6d99685ebcc; Download | Favorite | View

PHP 7.0.0 Format String: Posted Dec 24, 2015; Authored by Andrew Kramer; PHP version 7.0.0 suffers from a format string vulnerability.; tags | exploit, php; SHA-256 | 19b3c5bd5a0c46292b9003e0983dc856d030ce773b0d5344e1809ac15c10246e; Download | Favorite | View

eWON XSS / CSRF / Session Management / RBAC Issues: Posted Dec 24, 2015; Authored by Karn Ganeshen; eWON routers with firmware versions prior to 10.1s0* suffer from cross site request forgery, session management, RBAC control, and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; advisories | CVE-2015-7925, CVE-2015-7926, CVE-2015-7927, CVE-2015-7928, CVE-2015-7929; SHA-256 | db44f5340110e31d8969ebbbea39b66476ba340c324579db4a0c8e86da5eb756; Download | Favorite | View

Nordex Control 2 (NC2) SCADA 16 Cross Site Scripting: Posted Dec 24, 2015; Authored by Karn Ganeshen; Nordex Control 2 (NC2) SCADA version 16 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2015-6477; SHA-256 | e4b3732da6a42937ee4a23ae9d5562bb1a69144c16f5139060d53c7ef8a341f4; Download | Favorite | View

XZERES 442SR Wind Turbine Cross Site Scripting: Posted Dec 24, 2015; Authored by Karn Ganeshen; XZERES 442SR wind turbine suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 1328aca548475d9704158e50bb0cf1d133388c98974314b228e040c479815ad9; Download | Favorite | View

Page 1 of 12 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 272 files
Ubuntu 60 files
Debian 19 files
Gentoo 8 files
Apple 5 files
Google Security Research 4 files
Jann Horn 3 files
Spencer McIntyre 3 files
LiquidWorm 3 files
Pierre Kim 2 files

Files

Top Authors In Last 30 Days

Recent News