what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-09-05

Datalogicco CMS SQL Injection
Posted Sep 5, 2013
Authored by Hossein Hezami

Datalogicco CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0d9d6735bcbdfe67fde4a393e4bc16cb3db6813608ca59eeaaa2797fe1c8dbee
Grouplink Everything Helpdesk 10.0.3 XSS / Admin Takeover
Posted Sep 5, 2013
Authored by Johannes Greil, V. Paulikas | Site sec-consult.com

Grouplink Everything HelpDesk versions 10.0.3 and below suffers from cross site scripting and password reset vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 0e11f563d1566704eb5a0ee34b573581a9cbbfbbc50c6d757da046e0bdf19595
Linux/ARM execve("/bin/sh", [], [0 vars]) Shellcode
Posted Sep 5, 2013
Authored by gunslinger

35 bytes small Linux/ARM execve("/bin/sh", [], [0 vars]) shellcode.

tags | shellcode
systems | linux
SHA-256 | 89c1a18e24a7a81072205b390306915abb23b47c063886479071e74b7b6f7204
Linux/ARM creat("/root/pwned", 0777) Shellcode
Posted Sep 5, 2013
Authored by gunslinger

39 bytes small Linux/ARM creat("/root/pwned", 0777) shellcode.

tags | root, shellcode
systems | linux
SHA-256 | 692a848e31de49bad68fe20d79d4b502bf9e11b361107a0a93344361c7b1dd62
Linux/ARM chmod("/etc/passwd", 0777) Shellcode
Posted Sep 5, 2013
Authored by gunslinger

39 bytes small Linux/ARM chmod("/etc/passwd", 0777) shellcode.

tags | shellcode
systems | linux
SHA-256 | 86897b2416eb669566e9a42a981282fa4a6a3bcc420df8d38f78eafa306f03fb
Debian Security Advisory 2751-1
Posted Sep 5, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2751-1 - Several vulnerabilities have been discovered in libmodplug, a library for mod music based on ModPlug, that might allow arbitrary code execution when processing specially-crafted ABC files through applications using the library, such as media players.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, debian
advisories | CVE-2013-4233, CVE-2013-4234
SHA-256 | baf1fa731bea9147f75f600419189a80bebbe0e384112c2cc28f69b775045516
Mandriva Linux Security Advisory 2013-226
Posted Sep 5, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-226 - Multiple vulnerabilities has been discovered and corrected in Multiple cross-site scripting vulnerabilities in Roundcube webmail before 0.9.3 allow user-assisted remote attackers to inject arbitrary web script or HTML via the body of a message visited in new or might allow remote authenticated users to inject arbitrary web script or HTML via an HTML signature, related to save_identity.inc. The updated packages have been patched to correct these issues.

tags | advisory, remote, web, arbitrary, vulnerability, xss
systems | linux, mandriva
advisories | CVE-2013-5645
SHA-256 | 8012cdf47e0a6c8a13625cb4738a4b9a2831626e64326a79e8a04bbd4b443855
Nimbostratus d900c27
Posted Sep 5, 2013
Authored by Andres Riancho | Site andresriancho.github.io

Nimbostratus is the first toolset to help you in the process of pivoting in Amazon AWS clouds. it allows you to enumerate permissions to AWS services for current IAM role, clone DB to access information stored in snapshot, inject raw Celery task for pickle attack, and much more.

tags | tool
systems | unix
SHA-256 | 29efa9f8132f0b764d96905af99f64914c6de0ebe5aec38f267d7df09b9660c7
KingView 6.53 Active-X File Copy
Posted Sep 5, 2013
Authored by Blake

KingView version 6.53 has an insecure active-x control that allows for arbitrary file copying.

tags | exploit, arbitrary, activex
SHA-256 | b16413ec1271c3727d0068f3aaa5e74cf60deb2c6fcbdfbe249e49df7374ffa2
Drupal Make Meeting Scheduler 6.x Access Bypass
Posted Sep 5, 2013
Authored by rhatto | Site drupal.org

Drupal Make Meeting Scheduler third party module version 6.x suffers from an access bypass vulnerability due to insufficient checks.

tags | advisory, bypass
SHA-256 | 3e7265c87484b0bc4f73d45d0829750a02c43294ea2519e3357d622caa10c463
Drupal Core 6.x / 7.x Information Disclosure
Posted Sep 5, 2013
Authored by Aaron Weiss | Site drupal.org

Drupal core versions 6.x and 7.x suffer from an information disclosure vulnerability.

tags | advisory, info disclosure
SHA-256 | d6b9175b4fe7d2cf479272239c936cb726c738b518c09e466fc28b3a4afc3d18
KingView 6.53 Active-X File Overwrite / Creation
Posted Sep 5, 2013
Authored by Blake

KingView version 6.53 has an insecure active-x control that allows for arbitrary file creation and overwrite.

tags | exploit, arbitrary, activex
SHA-256 | 785c1ed4650168b152eb1ff73cd68727e7dd22759c9a9b2913d8f8f3b8aa9c10
Prestige Software CMS Local File Disclosure
Posted Sep 5, 2013
Authored by bie gabby

This is an exploit that leverages a local file disclosure vulnerability in systems running Prestige Software CMS in order to gain database information and credentials.

tags | exploit, local, info disclosure
SHA-256 | 27a08ed1766b1a787e4d304b3c3b415e4c40310fa22976f85822c4bacc05b08e
jetAudio 8.0.16.2000 Plus VX Crash Proof Of Concept
Posted Sep 5, 2013
Authored by ariarat

jetAudio version 8.0.16.2000 Plus VX crash proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | b4cc4bfa960e8ac12d716968e1c41fdfac0206843b0e35cef19b6bb6ac71d0e1
Cisco Security Advisory 20130904-webex
Posted Sep 5, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. Exploitation of these vulnerabilities could allow a remote attacker to crash an affected player, and in some cases, could allow a remote attacker to execute arbitrary code on the system of a targeted user. The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server. Cisco has updated affected versions of the Cisco WebEx Business Suite meeting sites, Cisco WebEx 11 meeting sites, Cisco WebEx Meetings Server, and Cisco WebEx WRF and ARF Players to address these vulnerabilities. Cisco has released free software updates that address these vulnerabilities.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | cisco
SHA-256 | 342d46de5f78edbc761109696573e53451c5dce2e0777e60e410a1d16f533fe1
GOMPlayer 2.2.53.5169 Crash Proof Of Concept
Posted Sep 5, 2013
Authored by ariarat

GOMPlayer version 2.2.53.5169 crash proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 578d87b105f6db9450c49555f33d684c2ee59ef8983ee4da6ff0d46129c9a913
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close