what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2015-05-08 to 2015-05-09

Xeams 4.5 Build 5755 CSRF / Cross Site Scripting
Posted May 8, 2015
Authored by Marlow Tannhauser

Xeams version 4.5 build 5755 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2015-3141
SHA-256 | 5b0de84610bd9cec2e0c622b699be56bdc7acdcc49862431395ff4916d529a79
Syncrify Server 3.6 Build 833 CSRF / Cross Site Scripting
Posted May 8, 2015
Authored by Marlow Tannhauser

Syncrify Server version 3.6 build 833 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2015-3140
SHA-256 | 93f6f957cc8cf86fdcf92d4636a9bf54342fde02464b86ab05a5c510225d3958
SynaMan 3.4 Build 1436 CSRF / Cross Site Scripting
Posted May 8, 2015
Authored by Marlow Tannhauser

SynaMan version 3.4 build 1436 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2015-3140
SHA-256 | 6ab1b2f93aca389179502a5b70564abad6a80c2d417198ae5f5864729515616c
SynTail 1.5 Build 566 CSRF / Cross Site Scripting
Posted May 8, 2015
Authored by Marlow Tannhauser

SynTail version 1.5 build 566 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2015-3140
SHA-256 | d72ce579c7f581c425afa9a2347fa35d8c2e085f93fa80be200f7006d097308f
Docker Privilege Escalation / Information Disclosure
Posted May 8, 2015
Authored by Eric Windisch, Tonis Tiigi

Docker versions prior to 1.6.1 suffer from privilege escalation and information disclosure vulnerabilities.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2015-3627, CVE-2015-3629, CVE-2015-3630, CVE-2015-3631
SHA-256 | 95ee351837d4eafc2ac444cb87bd4b716e7c5f58566ada9fb56a9b758dee33cc
Pirelli Router P.DG-A4001N WPA Key Reverse Engineering Rev 2
Posted May 8, 2015
Authored by Eduardo Novella

This is proof of concept code that demonstrates reverse-engineering of the default WPA key generation algorithm used in ADB broadband Pirelli routers in Argentina and Portugal. Model P.DG-A4001N is affected. This is the second version of the exploit and adds support for MEO routers in Portugal.

tags | exploit, proof of concept
SHA-256 | 713f565efa26dec0805186efd4a9a990744451458398ddb642832bd8ba3c8cce
Capstone 3.0.3
Posted May 8, 2015
Authored by Nguyen Anh Quynh | Site capstone-engine.org

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

Changes: Release 3.0.3 is a stable version with important fixes in the core and Python bindings.
tags | tool
systems | linux, unix
SHA-256 | fc2741e7bc5fb23e2f960a54da3fe9858cf01ff45a1cf9bacb88a5870d0dec6e
Pimcore CMS 3.0.5 XSS / SQL Injection / Command Execution
Posted May 8, 2015
Authored by Vulnerability Laboratory, Alain Homewood | Site vulnerability-lab.com

Pimcore CMS version 3.0.5 suffers from command execution, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | b719015dc04a6baf76b9db2543926798410e1538960d36fc5ca33f2fa2be3b77
Windows Media Player MediaInfo 0.7.61 Buffer Overflow
Posted May 8, 2015
Authored by Mohammad Reza Espargham

Windows Media Player MediaInfo version 0.7.61 buffer overflow exploit.

tags | exploit, denial of service, overflow
systems | windows
SHA-256 | 7a57ca5f54aa1397281c140c3de574a7fab60e11bf67595d325e95d4b9d43c6b
WordPress Yet Another Related Posts 4.2.4 CSRF / XSS / Code Execution
Posted May 8, 2015
Authored by Evex

WordPress Yet Another Related Posts plugin versions 4.2.4 and below suffer from cross site request forgery, remote code execution, and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, csrf
SHA-256 | 35afdb8d38644ef3657288d6e17f966e9fc4f0349858bab68ec3c2c3e99d31b9
MacKeeper URL Handler Remote Code Execution
Posted May 8, 2015
Authored by Braden Thomas, SecureMac

MacKeeper suffers from a remote code execution vulnerability in the URL handler. Included in this bundle is the advisory and the source code to the proof of concept.

tags | exploit, remote, code execution, proof of concept
systems | linux
SHA-256 | 61bda7a68f01c57e6a1218642d9c2734402cd77fd0a5dd7e9a66def9858f7316
Feed2JS 1.7 Cross Site Scripting
Posted May 8, 2015
Authored by Jing Wang

Feed2JS version 1.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3ba37dbd97b4ca44a37bbd7c4e925e5531e0610cb4344a659ee3720d4398706f
Mandriva Linux Security Advisory 2015-232
Posted May 8, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-232 - A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function _asn1_extract_der_octet().

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2015-3622
SHA-256 | ec326717f181b47c6bed3f888aa55e2c20fbd5905b5a06673a291b04b2841d52
Debian Security Advisory 3251-2
Posted May 8, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3251-2 - The update for dnsmasq issued as DSA-3251-1 introduced a regression for the armel and armhf builds causing dnsmasq failing to start under certain configurations. Updated packages are now available to address this regression. Additionally dnsmasq was patched to handle the case were the libc headers defined SO_REUSEPORT, but is not supported by the running kernel.

tags | advisory, kernel
systems | linux, debian
SHA-256 | c079f27400285ce160def0dff4ce99357d3614e7a234b2d7ea47e70e91304226
Debian Security Advisory 3253-1
Posted May 8, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3253-1 - Pound, a HTTP reverse proxy and load balancer, had several issues related to vulnerabilities in the Secure Sockets Layer (SSL) protocol.

tags | advisory, web, vulnerability, protocol
systems | linux, debian
advisories | CVE-2009-3555, CVE-2012-4929, CVE-2014-3566
SHA-256 | 09deb636c70138068c014c0f9575be8db21fe581187a43aab3741e4a8320f77f
Zeeways CMS Cross Site Scripting / Traversal
Posted May 8, 2015
Authored by Bikramaditya Guha

Zeeways CMS suffers from cross site scripting and traversal vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion
SHA-256 | 25f2882778c7764dfb5ea41846a44afd5013bb2e206de28d9a888cc2287aa58c
Artnana Webboard 1.4 Cross Site Scripting
Posted May 8, 2015
Authored by Jing Wang

Artnana Webboard version 1.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 8082e8417b52547e10b16cc60069df540752b87d02b6fe52d97be523c7d601d4
Mt. Vernon Media 1.12 SQL Injection
Posted May 8, 2015
Authored by Jing Wang

Mt. Vernon Media web design products version 1.12 suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, sql injection
SHA-256 | 0a871b9a22537c21d6c285297e8011b215d8acd4776da1c465b224137b80e2b5
Mt. Vernon Media 1.12 Cross Site Scripting
Posted May 8, 2015
Authored by Jing Wang

Mt. Vernon Media web design products version 1.12 suffer from multiple cross site scripting vulnerabilities.

tags | exploit, web, xss
SHA-256 | f9662defaf91a5df0b46ea41d3f488460c74933b3b07ac06746e26894dd528d1
Mt. Vernon Media 1.12 HTML Injection
Posted May 8, 2015
Authored by Jing Wang

Mt. Vernon Media web design products version 1.12 suffer from a html injection vulnerability.

tags | exploit, web
SHA-256 | bebb2aef18c7a2bcf384218bc8a70bba6a3caba28de4fffcab06bd26bba2117b
DAVOSET 1.2.4
Posted May 8, 2015
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Added support of site's engine in subfolder to WP method (for the cases where WordPress is not in the root folder). Also there were added new services into full list of zombies and removed non-working services from full list of zombies.
tags | tool, denial of service
SHA-256 | c14a6bfd1f4f5b1061dca8fc34cb2c791ae0c1ed43acc667f7b7f7869e89f161
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close