exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2015-07-06

AirLive Remote Command Injection
Posted Jul 6, 2015
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - AirLive MD-3025, BU-3026, BU-2015, WL-2000CAM, and POE-200CAM are IP cameras designed for professional surveillance and security applications. The built-in IR LEDs provide high quality nighttime monitoring. These AirLive devices are vulnerable to an OS Command Injection Vulnerability. In the case of the MD-3025, BU-3026 and BU-2015 cameras, the vulnerability lies in the cgi_test.cgi binary file. In the case of the WL-2000CAM and POE-200CAM cameras, the command injection can be performed using the vulnerable wireless_mft.cgi binary file.

tags | exploit, cgi
advisories | CVE-2014-8389, CVE-2015-2279
SHA-256 | 4f5dfe0ba3159b241b97dd31fdce3b6857722610dfebf00e92c39d6677ccf2b6
phpLiteAdmin 1.1 Cross Site Request Forgery / Cross Site Scripting
Posted Jul 6, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

phpLiteAdmin version 1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, add administrator, csrf
advisories | CVE-2015-6518
SHA-256 | 4283cc61827ee3aa0bb5b327467b0f012ea503321ee6a96b94ce7e7159313d17
ipTIME DHCP Remote Command Execution
Posted Jul 6, 2015
Authored by Pierre Kim

127 ipTIME routers are vulnerable to a DHCP-related remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 865d438b672a41ac61eb57eb48a11d1384ed8671a7926efec5bf3004fedfd4fe
Orchard CMS 1.9.0 / 1.8.2 / 1.7.3 Cross Site Scripting
Posted Jul 6, 2015
Authored by Paris Zoumpouloglou

Orchard CMS versions 1.7.3, 1.8.2, and 1.9.0 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7ff983c48832653c8a02fa6f3cfe44629029272031e2a5f1ac4aea0b203b015d
WordPress S3Bubble Cloud Video With Adverts / Analytics Arbitrary File Download
Posted Jul 6, 2015
Authored by CrashBandicot

WordPress S3Bubble Cloud Video with Adverts and Analytics plugin version 2.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
SHA-256 | d57b649542e4c5d4a0cb2c033844a4320b10785e1a9d189c8cb8e0ecae0b0c4a
WideImage 11.02.19 Cross Site Scripting
Posted Jul 6, 2015
Authored by Mohammad Sikkandar Sha

WideImage version 11.02.19 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 900c12794e1e9d1fb7199b00e2aab8bd40774c04b5c3ac5ffa6e745c499cbb00
WK UDID 1.0.1 Command Injection
Posted Jul 6, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

WK UDID version 1.0.1 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | 92265986e2f75ed3b342490966f7eeba2d2cde8d0548087e8f2e6eb2b30742b0
FreeBSD 10.x Backdoor Module
Posted Jul 6, 2015
Authored by dash | Site hack4.org

This module, once loaded, gives the thread/user calling it root instantly without spawning an extra shell.

tags | tool, shell, root, rootkit
systems | unix
SHA-256 | 18f30618ad3713cc726b74e9d186be2cf70a0e5d6a1cb305881c92ffc22f512b
WordPress ACF Frontend Display Shell Upload
Posted Jul 6, 2015
Authored by TUNISIAN CYBER

WordPress ACF Frontend Display plugin suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | b436367d1b2e6861679d45c236d703fc26b9355258a0a2ab8a23ca34f38c9343
WordPress Vulcan Theme XSS / Disclosure/ DoS
Posted Jul 6, 2015
Authored by MustLive

WordPress Vulcan theme suffers from WAF bypass, cross site scripting, path disclosure, denial of service, and remote file upload vulnerabilities.

tags | exploit, remote, denial of service, vulnerability, xss, file upload
SHA-256 | 8bd7ba052699616ab801ed1ba3417c1b390d988ab10d6e874a2053b9e4e5fc32
Gentoo Linux Security Advisory 201507-01
Posted Jul 6, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-1 - Multiple vulnerabilities have been found in chrony, the worst of which can cause arbitrary code execution. Versions less than 1.31.1 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2015-1821, CVE-2015-1822, CVE-2015-1853
SHA-256 | 2beceab188b5a326f8c1949abab1b3e4e637e4803c1a30abe30fe93b67a275bb
Ebay Magento Cross Site Request Forgery
Posted Jul 6, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Ebay's Magento suffered from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 897b5d8a3313b9d1c287cda6b135e03b5b677c8cd1d0e3cd4bff4881c07c459d
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close