exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2019-01-25

WordPress MM-Forms-Community 2.2.7 Shell Upload / SQL Injection
Posted Jan 25, 2019
Authored by KingSkrupellos

WordPress MM-Forms-Community plugin version 2.2.7 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | ca2fec971b7a3528fd7278de926970107ee488cb97fb506bb4fd47a58dc86b18
WordPress pitajte-strucnjaka 4.9.6 Shell Upload
Posted Jan 25, 2019
Authored by KingSkrupellos

WordPress pitajte-strucnjaka plugin version 4.9.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 930445443ba80f5f43d55ad6c8f92ff3ef3caf629402b118a7786da6ab7e8471
Python GnuPG 0.4.3 Improper Input Validation
Posted Jan 25, 2019
Authored by Stig Palmquist, Alexander Kjall

Researchers discovered a way to inject data through the passphrase property of the gnupg.GPG.encrypt() and gnupg.GPG.decrypt() methods when symmetric encryption is used. The supplied passphrase is not validated for newlines, and the library passes --passphrase-fd=0 to the gpg executable, which expects the passphrase on the first line of stdin, and the ciphertext to be decrypted or plaintext to be encrypted on subsequent lines. By supplying a passphrase containing a newline an attacker can control/modify the ciphertext/plaintext being decrypted/encrypted. Proof of concept exploit included. Version 0.4.3 is affected.

tags | exploit, proof of concept
advisories | CVE-2019-6690
SHA-256 | 2ddd6ea3428cff6a5351b694f600825f17bf24b9cc0a6b871e114db2d991529a
Podcast Generator 2.7 Cross Site Scripting
Posted Jan 25, 2019
Authored by Zekvan Arslan | Site netsparker.com

Podcast Generator version 2.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-20121
SHA-256 | 342aa0add9d97bf1e5a03940d7b2d050192f55a9959995061ac92669ad0ea45a
Apple Security Advisory 2019-1-24-1
Posted Jan 25, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-1-24-1 - iTunes 12.9.3 for Windows is now available and addresses code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | windows, apple
advisories | CVE-2018-20346, CVE-2018-20505, CVE-2018-20506, CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6221, CVE-2019-6226, CVE-2019-6227, CVE-2019-6229, CVE-2019-6233, CVE-2019-6234, CVE-2019-6235
SHA-256 | ac79794ec22441e2867245a8673787a895a1818b2a307cea606a45fb20502f9a
Green CMS 2.x Arbitrary File / Directory Download
Posted Jan 25, 2019
Authored by Ihsan Sencan

Green CMS version 2.x suffers from arbitrary file and directory download vulnerabilities.

tags | exploit, arbitrary, vulnerability, info disclosure
SHA-256 | 7a59de12b3748877d64521ce09e47e0f8cc72dbfdf74601538a71773948eac29
Green CMS 2.x SQL Injection
Posted Jan 25, 2019
Authored by Ihsan Sencan

Green CMS version 2.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bf9d26094abaa46d3909203a826a37b8642c913de2d637a38daa95492576c897
Joomla RSFirewall 2.11.25 Database Disclosure
Posted Jan 25, 2019
Authored by KingSkrupellos

Joomla RSFirewall component version 2.11.25 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | cc831fedf778341c9441a1d649f14fbc4dde0f211990168812eb2d59b1b240ec
Lua 5.3.5 Use-After-Free
Posted Jan 25, 2019
Authored by Fady Mohamed Osman

Lua version 5.3.5 suffers from a use-after-free vulnerability.

tags | exploit
advisories | CVE-2019-6706
SHA-256 | e4fa1f2a58aeecca822a55e272763709ae37bde58311cf5071a4a4b56331b1ad
WordPress Wisechat 2.6.3 Forced Redirect / Phishing
Posted Jan 25, 2019
Authored by MTK

WordPress Wisechat plugin version 2.6.3 suffers from a forced tab redirection flow that can aid in phishing attacks.

tags | exploit
advisories | CVE-2019-6780
SHA-256 | 735a795a37627d01a0cb21c77897831a4970caff4a6ac87e4926f646c947d658
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close