exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2016-06-23 to 2016-06-24

EdgeCore ES3526XA Manager CSRF / Access Bypass / Weak Credentials
Posted Jun 23, 2016
Authored by Karn Ganeshen

EdgeCore ES3526XA Manager suffers from weak credential, access bypass, and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, bypass, csrf
SHA-256 | 4c554624c94b5f4cf21ee4495b9c4e0f66a5180eb79df24623c95cf9103237bc
WordPress Ultimate Product Catalog 3.8.6 Shell Upload
Posted Jun 23, 2016
Authored by Joaquin Ramirez Martinez

WordPress Ultimate Product Catalog plugin version 3.8.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | d5d2b6345ca7d0fde8061b241864354a010b8de0d20146ab1dc71c6e78336944
vPet Engine 2.1 SQL Injection / Backdoor Account
Posted Jun 23, 2016
Authored by indoushka

vPet Engine version 2.1 suffers from remote SQL injection and default backdoor admin account vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 08d39470cbc25319403472e611c9ec681e4e89fbc69cceceafd8d9dd7b97dbc9
Sierra Wireless AirLink Raven XE Industrial 3G Gateway CSRF / File Upload
Posted Jun 23, 2016
Authored by Karn Ganeshen

Sierra Wireless AirLink Raven XE Industrial 3G Gateway suffers from cross site request forgery, information disclosure, and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, info disclosure, file upload, csrf
SHA-256 | cf133ee4a7539de41de8f9b10bd820c5bdadc47e30cbefba82a1519fcb4b5918
Packet Fence 6.1.1
Posted Jun 23, 2016
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Fixed missing schema version update statement. Various other changes.
tags | tool, remote
systems | unix
SHA-256 | 8df070696b0cc54f7458ad845c421d4417dcb7ab69a5053d5e403580619a5510
Windows Local WebDAV NTLM Reflection Elevation Of Privilege
Posted Jun 23, 2016
Authored by Google Security Research, forshaw

A default installation of Windows 7/8 can be made to perform a NTLM reflection attack through WebDAV which allows a local user to elevate privileges to local system.

tags | exploit, local
systems | linux, windows
advisories | CVE-2016-3225
SHA-256 | 38a08b6ee37889a0cd9d35ed8ee32279823b97688768df81253865add1d05bf8
Red Hat Security Advisory 2016-1292-01
Posted Jun 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1292-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449
SHA-256 | f71832d18eb162dc5fa8c15b9bf6f44e5899fa4cbb3450d0443c272d19d2db1f
Red Hat Security Advisory 2016-1293-01
Posted Jun 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1293-01 - The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution. The setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-4444, CVE-2016-4446, CVE-2016-4989
SHA-256 | f1fefa3c6150138e6c35d3a12c0085abef4c3c956a18293274ec8285c20af129
FinderView Path Traversal / Cross Site Scripting
Posted Jun 23, 2016
Authored by HaHwul

FinderView suffers from path traversal and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion
SHA-256 | 6f0343e72d022fbf8ca84c53fac312b430c2903c7ac17c64256d39c5523fe9ab
XuezhuLi FileSharing Cross Site Request Forgery
Posted Jun 23, 2016
Authored by HaHwul

XuezhuLi FileSharing suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | f60fc03551aa9903def6dd34f7141d7b2309b7088993125112f90e91777bb33f
XuezhuLi FileSharing Path Traversal
Posted Jun 23, 2016
Authored by HaHwul

XuezhuLi FileSharing suffers from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | a4e2043fbe4468389cbc326931a2c4f78de8ef1102c6a13daece3a4b7aa8b215
Getsimple CMS 3.3.10 Shell Upload
Posted Jun 23, 2016
Authored by s0nk3y

Getsimple CMS versions 3.3.10 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
SHA-256 | e533c4e4ee4a7310978c28f7f540538a929f153e141561dd80c4d128d1c5fa32
Dolibarr CRM Command Injection
Posted Jun 23, 2016
Authored by David Silveiro

Dolibarr CRM versions prior to 3.9.1 suffer from a command injection vulnerability.

tags | exploit
SHA-256 | 72598740c36ce33bbbb05e4e0c1eab2ccda56772b3cadd684a9b6e1a93d60723
Quick.Cart.Ext 6.7 Cross Site Request Forgery
Posted Jun 23, 2016
Authored by s0nk3y

Quick.Cart.Ext versions 6.7 and below remote admin add cross site request forgery exploit.

tags | exploit, remote, csrf
SHA-256 | cdc2fb719137f7fda0879b5a08fdda22d982ee74b7962be63484b876663356d3
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close