trust is easily compromised
Showing 1 - 25 of 70,025 RSS Feed

Files

QuickShare File Share 1.2.1 Directory Traversal
Posted May 27, 2012
Authored by sinn3r, modpr0be | Site metasploit.com

This Metasploit module exploits a vulnerability found in QuickShare File Share's FTP service. By supplying "../" in the file path, it is possible to trigger a directory traversal flaw, allowing the attacker to read a file outside the virtual directory. By default, the "Writable" option is enabled during account creation, therefore this makes it possible to create a file at an arbitrary location, which leads to remote code execution.

tags | exploit, remote, arbitrary, code execution
advisories | OSVDB-70776
MD5 | f232667933a9b74318156ffe27e5e96c
Conntrack Tools 1.2.0
Posted May 27, 2012
Authored by Pablo Neira Ayuso | Site conntrack-tools.netfilter.org

conntrack-tools is a set of userspace tools for Linux that allow system administrators to interact with the Connection Tracking System, the module which provides stateful packet inspection for iptables. It includes the userspace daemon conntrackd and the commandline interface conntrack.

Changes: This release supports NAT expectations, synchronization of the expectation class, helper names, and expect functions. Filtering by mark is now allowed. Example configurations for Q.931 and H.245 have been added.
systems | linux
MD5 | 8e20330d6ca3a3f23552aa900b1d467c
Linux IPTables Firewall 1.4.14
Posted May 27, 2012
Site iptables.org

iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.

Changes: This release supports the new cttimeout infrastructure. This allows you to attach specific timeout policies to flow via iptables CT targets.
tags | tool, firewall
systems | linux
MD5 | 5ab24ad683f76689cfe7e0c73f44855d
Ekoparty 8 Call For Papers
Posted May 27, 2012
Site ekoparty.com.ar

Call For Papers for the 8th edition of the Ekoparty Security Conference being held from September 17th through the 21st, 2012, in Latin America.

tags | paper, conference
MD5 | 4dc6e51a4158ed3ceda8c21b8b704623
b2ePMS 1.0 SQL Injection
Posted May 27, 2012
Authored by loneferret

b2ePMS version 1.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 42298de74f5e382122bf6d9b2440ee81
WhyWeb SQL Injection
Posted May 27, 2012
Authored by the_cyber_nuxbie

WhyWeb suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6d3ab7b3f1457ff72887080dd37aad19
Santilga CMS 1.2.6.3 Cross Site Request Forgery / SQL Injection
Posted May 27, 2012
Authored by Akastep

Santilga CMS version 1.2.6.3 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
MD5 | faf336b3a1b026bfc8e870b2405b19a6
AzDGDatingMedium 1.9.3 XSS / CSRF / SQL Injection / Directory Traversal
Posted May 27, 2012
Authored by Akastep

AzDGDatingMedium version 1.9.3 suffers from cross site request forgery, cross site scripting, php code execution, remote SQL injection, and directory traversal vulnerabilities.

tags | exploit, remote, php, vulnerability, code execution, xss, sql injection, csrf
MD5 | 6962b986c26730e365d1c16552cababa
iOS 5.1.1 Safari Browser Denial Of Service
Posted May 26, 2012
Authored by Alberto Ortega

iOS versions 5.1.1 and below Safari Browser JS match(), search() crash proof of concept exploit.

tags | exploit, proof of concept
systems | cisco
MD5 | 4c3d65eecf219e11043dc54dccc454f8
Hyperion Runtime Encrypter 1.0
Posted May 26, 2012
Authored by belial | Site nullsecurity.net

Hyperion is a runtime encrypter for 32-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter".

tags | tool, encryption
MD5 | 48c78f07f8d9d8a7e61b055e99290f24
PHP List 2.10.9 PHP Code Injection
Posted May 26, 2012
Authored by L3b-r1'z

PHP List version 2.10.9 suffers from a remote PHP code injection vulnerability.

tags | exploit, remote, php
MD5 | 0242d7481f2a7870b00218bc4efd3a7d
Small CMS PHP Code Injection
Posted May 26, 2012
Authored by L3b-r1'z

Small CMS suffers from a remote PHP code injection vulnerability.

tags | exploit, remote, php
MD5 | cc559ce5b66ce07d448792573d28d86d
Symantec Web Gateway 5.0.2 Local File Inclusion
Posted May 26, 2012
Authored by muts

Symantec Web Gateway version 5.0.2 remote local file inclusion root exploit.

tags | exploit, remote, web, local, root, file inclusion
advisories | CVE-2012-0297
MD5 | e1cd70ed9ddc7db0a7bc45a9ac537159
Ubuntu Security Notice USN-1454-1
Posted May 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1454-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4086
MD5 | 669bfff032cd2b42bbdf149e5ef06a1d
Gekko CMS File Disclosure
Posted May 25, 2012
Authored by L3b-r1'z

Gekko CMS appears to suffer from a file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | fc10d007f192d991f48cc9832fb49312
WeBid converter.php Remote PHP Code Injection
Posted May 25, 2012
Authored by EgiX, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in WeBid version 1.0.2. By abusing the converter.php file, a malicious user can inject PHP code in the includes/currencies.php script without any authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
advisories | OSVDB-73609
MD5 | 8dc19f398388284a81cf2ecae5005436
RabidHamster R4 Log Entry sprintf() Buffer Overflow
Posted May 25, 2012
Authored by Luigi Auriemma, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in RabidHamster R4's web server. By supplying a malformed HTTP request, it is possible to trigger a stack-based buffer overflow when generating a log, which may result in arbitrary code execution under the context of the user.

tags | exploit, web, overflow, arbitrary, code execution
advisories | OSVDB-79007
MD5 | d5c7b728cc34e438d56471e6fbda49bd
GreHack 2012 Call For Papers
Posted May 25, 2012
Site ensiwiki.ensimag.fr

The GreHack 2012 Call For Papers has been announced. It will be held in Grenoble, France on October 19th, 2012.

tags | paper, conference
MD5 | 77c4584bf8b850f6540301a838dd4258
ResEdit 1.5.11-win32 Buffer Overflow
Posted May 25, 2012
Authored by Walied Assar

ResEdit version 1.5.11-win32 suffers from a buffer overflow. Proof of concept denial of service exploits included.

tags | exploit, denial of service, overflow, proof of concept
systems | linux, windows
MD5 | 6f23782d3add86957f122b199a5849ec
Kolkata Web Application Fingerprinting
Posted May 25, 2012
Authored by ErrProne | Site blackhatacademy.org

Kolkata is a tool for IDS evading web application fingerprinting. It is written in perl and uses LibWhisker.

tags | tool, web, scanner, perl
systems | linux, unix
MD5 | bb2c661a62752b3093161dc4ad3b29ba
DornCMS 1.4 (add_page.php) Arbitrary File Upload
Posted May 25, 2012
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a vulnerability found in Dorn Content Management Script (CMS), version 1.4. By abusing the add_page.php file, the attacker can upload/add a new file (.php) to the /cms/pages/ directory without any authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
MD5 | c93d65487a1c0efc12fc9a8a68adc5db
Hacktivity 2012 Call For Papers
Posted May 25, 2012
Site hacktivity.com

The Hacktivity 2012 Call For Papers has been announced. It will be held from October 12th through the 13th, 2012 in Budapest, Hungary.

tags | paper, conference
MD5 | c4e46f46fe62ec6961a307d6fb8167af
LogAnalyzer 3.4.2 Cross Site Scripting / SQL Injection / File Read
Posted May 25, 2012
Authored by Filippo Cavallarin

LogAnalyzer version 3.4.2 suffers from cross site scripting, arbitrary file reading, and remote SQL injection vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, xss, sql injection
MD5 | 2427d2cf98e92db38be0f21c58da1065
Pligg CMS 1.2.1 Cross Site Scripting / Local File Inclusion
Posted May 25, 2012
Authored by High-Tech Bridge SA | Site htbridge.ch

Pligg CMS version 1.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
advisories | CVE-2012-2435, CVE-2012-2436
MD5 | 7b79d17eacb9df80bafc88ab8fbbdabc
pragmaMx 1.12.1 Cross Site Scripting
Posted May 25, 2012
Authored by High-Tech Bridge SA | Site htbridge.ch

pragmaMx version 1.12.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2452
MD5 | 5433c6278bfe6b6212f911b0a46eda42
Page 1 of 2,801
Back12345Next

File Archive:

May 2012

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    37 Files
  • 2
    May 2nd
    53 Files
  • 3
    May 3rd
    33 Files
  • 4
    May 4th
    4 Files
  • 5
    May 5th
    10 Files
  • 6
    May 6th
    17 Files
  • 7
    May 7th
    19 Files
  • 8
    May 8th
    36 Files
  • 9
    May 9th
    34 Files
  • 10
    May 10th
    35 Files
  • 11
    May 11th
    20 Files
  • 12
    May 12th
    18 Files
  • 13
    May 13th
    11 Files
  • 14
    May 14th
    27 Files
  • 15
    May 15th
    58 Files
  • 16
    May 16th
    54 Files
  • 17
    May 17th
    25 Files
  • 18
    May 18th
    53 Files
  • 19
    May 19th
    9 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    25 Files
  • 22
    May 22nd
    32 Files
  • 23
    May 23rd
    35 Files
  • 24
    May 24th
    26 Files
  • 25
    May 25th
    25 Files
  • 26
    May 26th
    11 Files
  • 27
    May 27th
    8 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2012 Packet Storm. All rights reserved.

close