exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2018-01-28

Oracle WebLogic wls-wsat Component Deserialization Remote Code Execution
Posted Jan 28, 2018
Authored by Alexey Tyurin, Federico Dotta, Kevin Kirsche, Luffin | Site metasploit.com

The Oracle WebLogic WLS WSAT component is vulnerable to an XML deserialization remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0.

tags | exploit, remote, code execution
advisories | CVE-2017-10271
SHA-256 | 4ec37da27b4c2bc377cee005689b9de7e837a03542a60ce1130758c857cb9228
Lynis Auditing Tool 2.6.1
Posted Jan 28, 2018
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Tests can have more than 1 required OS (e.g. Linux OR NetBSD). Added 'system-groups' option to profile (Enterprise users). Overhaul of default profile and migrate to new style (setting=value). Show warning if old profile options are used. Improved detection of binaries. New group 'usb' for tests related to USB devices.
tags | tool, scanner
systems | unix
SHA-256 | f2d64c708752ad3e068313998edc5a88bd530b017e771918db72e89acf5e2cad
Blue Team Training Toolkit (BT3) 2.6
Posted Jan 28, 2018
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: This release introduces multiple new API-related commands, UI improvements and other minor adjustments.
tags | tool, python
systems | unix
SHA-256 | 4240ea8c17816129fd4b8407b02fe427cc3e858dc7d9f96b40b33de1cc2d9f8f
Joomla! Jtag Members Directory 5.3.7 Arbitrary File Download
Posted Jan 28, 2018
Authored by Ihsan Sencan

Joomla! Jtag Members Directory component version 5.3.7 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
advisories | CVE-2018-6008
SHA-256 | b3c650eda5b1320889be902af43e61bbe672b52ef83b4fa414b3a84a7a3d4244
Vastal I-Tech Facebook Clone 2.9.9 SQL Injection
Posted Jan 28, 2018
Authored by Ihsan Sencan

Vastal I-Tech Facebook Clone version 2.9.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6a4bea54f96a5388d0ed25f3ed57426f8302b6dd95638d6d8757dfbebc4c3bd1
Joomla! JS Support Ticket 1.1.0 Cross Site Request Forgery
Posted Jan 28, 2018
Authored by Ihsan Sencan

Joomla! JS Support Ticket component version 1.1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-6007
SHA-256 | ce31c0f8fae594bdf237ff159fc0abe2483f66c6f5f97714b20b2d1a73960d47
Rapid7 Nexpose 6.4.65 Cross Site Request Forgery
Posted Jan 28, 2018
Authored by Shwetabh Vishnoi

Rapid7 Nexpose version 6.4.65 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-5264
SHA-256 | e7c745111bca375c04ee03dcf7781e4229cfd0f896ab6adfb526dd9f0698eb8a
Task Rabbit Clone 1.0 SQL Injection
Posted Jan 28, 2018
Authored by Ihsan Sencan

Task Rabbit Clone version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 28acaa8464d5d53ee96e286187504a97412ced591ecad0cdbb48285e0f4e9eb1
Multilanguage Real Estate MLM Script 3.0 SQL Injection
Posted Jan 28, 2018
Authored by Ihsan Sencan

Multilanguage Real Estate MLM Script version 3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c124e5e6f20a1618178278f76123c575b5f215dbb28f05ba794538b649452c9b
Hot Scripts Clone Script 1.0 SQL Injection
Posted Jan 28, 2018
Authored by Ihsan Sencan

Hot Scripts Clone Script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8d87d3513f657395cefd5f7bd541b0222e61264c0b030d61d099872254ca733e
TSiteBuilder 1.0 SQL Injection
Posted Jan 28, 2018
Authored by Ihsan Sencan

TSiteBuilder version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3d6dc767a3f5bd4a4522a01989d30d6b425b38117b8dbc8dad253b7e4b58c1b6
PACSOne Server 6.6.2 DICOM Web Viewer Directory Traversal
Posted Jan 28, 2018
Authored by Carlos Avila

PACSOne Server version 6.6.2 DICOM Web Viewer suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
SHA-256 | 8d5c8c155ad89a7a3044e6f849518130dbd7b096229f94fb11378d78060247cb
PACSOne Server 6.6.2 DICOM Web Viewer SQL Injection
Posted Jan 28, 2018
Authored by Carlos Avila

PACSOne Server version 6.6.2 DICOM Web Viewer suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 77e4372120a491026617430c318387596bd299311ac58c8535102f7e06d9757f
Trend Micro Threat Discovery Appliance 2.6.1062r1 dlp_policy_upload.cgi Remote Code Execution
Posted Jan 28, 2018
Authored by mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a dlp_policy_upload.cgi remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
SHA-256 | 8320cd451f55d0feeed44694d94eb4d4ebd31a347fc8e66647043d1614a99308
Gnew 2018.1 Cross Site Request Forgery
Posted Jan 28, 2018
Authored by Cyril Vallicari

Gnew version 2018.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 79f94ef3e3938a950bb5097bfaf05e55dbfbde4779f1e1fa4d82f7faff04414e
Linux/ARM Reverse TCP Shell Null Free Shellcode
Posted Jan 28, 2018
Authored by rtmcx

80 byte small Linux/ARM reverse TCP shell (192.168.1.1:4444/TCP) null-free shellcode.

tags | shell, tcp, shellcode
systems | linux
SHA-256 | 35f7e7e1877ddd7a520bce4c884f5cc2589318752de95be4a47de363ee722110
Linux/x86 Egghunter Shellcode
Posted Jan 28, 2018
Authored by Nipun Jaswal

12 bytes small Linux/x86 egghunter shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | fe608657531464244ba0fcdcaf55bcdccafd471e55a385c7e7fa19e06d8989ab
Netis-WF2419 Cross Site Request Forgery
Posted Jan 28, 2018
Authored by Sajibe Kanti

Netis-WF2419 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 6313ad8b216f8f105926c36e32be0fe6d548167e3d020d1c809948b4e8ce2ec7
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close