Showing 1 - 25 of 201

Files

Packet Storm New Exploits For August, 2018: Posted Sep 2, 2018; Authored by Todd J. | Site packetstormsecurity.com; This archive contains all of the 201 exploits added to Packet Storm in August, 2018.; tags | exploit; SHA-256 | 546dd3cf0b3601a0c9d32210b6cd1c20035ca0416383071b8efc39da27b874ec; Download | Favorite | View

Linux reiserfs listxattr_filler() Heap Overflow: Posted Aug 31, 2018; Authored by Jann Horn, Google Security Research; Linux suffers from a reiserfs listxattr_filler() heap overflow vulnerability.; tags | exploit, overflow; systems | linux; SHA-256 | bda8cff2fd8a8c683d0b06a45887982f218af840ef2b2e66113c85ebc43d76eb; Download | Favorite | View

DamiCMS 6.0.0 Cross Site Request Forgery: Posted Aug 31, 2018; Authored by Autism_JH; DamiCMS version 6.0.0 change administrative password cross site request forgery proof of concept exploit.; tags | exploit, proof of concept, csrf; advisories | CVE-2018-15844; SHA-256 | c64f583df2199c7fe4254d38572104c3d2476164b43f76ec9deb32b708ac2020; Download | Favorite | View

Vox TG790 ADSL Router Cross Site Scripting: Posted Aug 31, 2018; Authored by Cakes; The Vox TG790 ADSL router suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 717552a1ef7035d3e690e5b4d070714826cd3b55c01ad8f8d9bb7544d6f8014d; Download | Favorite | View

Acunetix WVS Reporter 10.0 Denial Of Service: Posted Aug 31, 2018; Authored by Ali Alipour; Acunetix WVS Reporter version 10.0 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | f99437e7dbb525c610fa5d7015e4693fadd0e49fcca2b81f85c551bec17fb8e8; Download | Favorite | View

AZORult Stealer 2 Botnet SQL Injection: Posted Aug 31, 2018; Authored by Bilal Kardadou; AZORult Stealer version 2 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 674810906207e9407a36c925c186d9b8619229225cf8ba7ac0793ba7e833cfe1; Download | Favorite | View

Network Manager VPNC Username Privilege Escalation: Posted Aug 31, 2018; Authored by Brendan Coles, Denis Andzakovic | Site metasploit.com; This Metasploit module exploits an injection vulnerability in the Network Manager VPNC plugin to gain root privileges. This Metasploit module uses a new line injection vulnerability in the configured username for a VPN network connection to inject a `Password helper` configuration directive into the connection configuration. The specified helper is executed by Network Manager as root when the connection is started. Network Manager VPNC versions prior to 1.2.6 are vulnerable. This Metasploit module has been tested successfully with VPNC versions: 1.2.4-4 on Debian 9.0.0 (x64); and 1.1.93-1 on Ubuntu Linux 16.04.4 (x64).; tags | exploit, root; systems | linux, debian, ubuntu; advisories | CVE-2018-10900; SHA-256 | 07e3f24f0ba44622e12961448bb4ae2cacb1f01c983cf368bc94c3c2107fbe4a; Download | Favorite | View

ownCloud 0.1.2 User Impersonation Authorization Bypass: Posted Aug 31, 2018; Authored by Thierry Viaccoz; ownCloud version 0.1.2 suffers from a user impersonation authorization bypass vulnerability.; tags | exploit, bypass; SHA-256 | 29b952619c8992a8a4ce5753eaedfa7b6eaafa33618c92674d49b3731375dc42; Download | Favorite | View

WordPress Jibu Pro 1.7 Cross Site Scripting: Posted Aug 31, 2018; Authored by Renos Nikolaou; WordPress Jibu Pro plugin version 1.7 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 18c1194e869784b9a96a05527b9decfd9b972dec28496a9cb4a9df608b8a85da; Download | Favorite | View

WordPress Quizlord 2.0 Cross Site Scripting: Posted Aug 31, 2018; Authored by Renos Nikolaou; WordPress Quizlord plugin version 2.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 62f0455ed5e3caa433f776afbd757a6ace1243aa45ddf39b3f26277ba9762848; Download | Favorite | View

Cybrotech CyBroHttpServer 1.0.3 Cross Site Scripting: Posted Aug 31, 2018; Authored by Emre OVUNC; Cybrotech CyBroHttpServer version 1.0.3 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2018-16134; SHA-256 | 149e18fdc58e7ab10a560a31539fb56b08816845e01114abfa7a0b7a31ad5ba8; Download | Favorite | View

Cybrotech CyBroHttpServer 1.0.3 Directory Traversal: Posted Aug 31, 2018; Authored by Emre OVUNC; Cybrotech CyBroHttpServer version 1.0.3 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; advisories | CVE-2018-16133; SHA-256 | 7b9c732ab95b49391cb25a863aa1969ba51ecb15bd4a8a0e7caeab1076eeef91; Download | Favorite | View

Nord VPN 6.14.31 Denial Of Service: Posted Aug 31, 2018; Authored by Borna Nematzadeh; Nord VPN version 6.14.31 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | e951f9644cbc57d0201f5a33382c0a9749c60a07708c0f9afcdce018e593e9dd; Download | Favorite | View

NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 Denial Of Service: Posted Aug 31, 2018; Authored by Victor Mondragon; NetworkActiv Web Server version 4.0 Pre-Alpha-3.7.2 suffers from a denial of service vulnerability.; tags | exploit, web, denial of service; SHA-256 | ae999e04a2d6cad2f4feb9936d0cb7e68ca145d2af8ae75cb601034d777d684b; Download | Favorite | View

Trillian 6.1 Build 16 Denial Of Service: Posted Aug 31, 2018; Authored by Jose Miguel Gonzalez; Trillian version 6.1 build 16 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | de1c928ac823ef63b75409805f390d7d899c22b7b4ae83f2cae9493ef4cc2258; Download | Favorite | View

Easy PhotoResQ 1.0 Denial Of Service: Posted Aug 31, 2018; Authored by Gionathan Reale; Easy PhotoResQ version 1.0 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | 530ffacf17eccf9b46ccbaa478307f09bd9e22ddc709d82f9b9879aec197f45d; Download | Favorite | View

Episerver 7 Patch 4 XML Injection: Posted Aug 31, 2018; Authored by Jonas Lejon; Episerver version 7 patch 4 suffers from an XML external entity injection vulnerability.; tags | exploit; advisories | CVE-2017-17762; SHA-256 | 8b0f7b7fc99768f17578cf411177580b97484e0238721108b9bab21d6906bb9f; Download | Favorite | View

phpMyAdmin 4.7.x Cross Site Request Forgery: Posted Aug 31, 2018; Authored by VulnSpy; phpMyAdmin version 4.7.x suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; advisories | CVE-2017-1000499; SHA-256 | e63d2dcc5948a45882c170f9e3e441a265cf1233d27f4dee8c082aeef27611e0; Download | Favorite | View

Skype Empresarial Office 365 16.0.10730.20053 Denial Of Service: Posted Aug 31, 2018; Authored by Samuel Cruz; Skype Empresarial Office 365 version 16.0.10730.20053 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | 3e7987d784144b91aefb2a14f3e9d598157afc82ba38c417a05ee061228b522d; Download | Favorite | View

Fathom 2.4 Denial Of Service: Posted Aug 31, 2018; Authored by Gionathan Reale; Fathom version 2.4 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | 0dec82d3853c0206aa051f2aebab003420da2318e53ea332a230c36bf05ba7ad; Download | Favorite | View

ipPulse 1.92 TCP Port Denial Of Service: Posted Aug 31, 2018; Authored by Diego Santamaria; ipPulse version 1.92 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | 757fca11190a6eac91650bbc13c30d046a73066d838969ef7a2d7e9bc3bb73bd; Download | Favorite | View

Immunity Debugger 1.85 Denial Of Service: Posted Aug 31, 2018; Authored by Gionathan Reale; Immunity Debugger version 1.85 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | 55126f64cfe33eccb0e42675260573e41004a57ba71a958ab55396c33a918134; Download | Favorite | View

NASA openVSP 3.16.1 Denial Of Service: Posted Aug 31, 2018; Authored by Borna Nematzadeh; NASA openVSP version 3.16.1 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | c5f81ebe30b415e4cbcb3fcee74be259abeee38d52ae92b7e454cc67a9980aef; Download | Favorite | View

Android OS WiFi Broadcast Sensitive Data Exposure: Posted Aug 30, 2018; Authored by Yakov Shafranovich, Vilius Kraujutis | Site wwws.nightwatchcybersecurity.com; System broadcasts by Android OS expose information about the user's device to all applications running on the device. This includes the WiFi network name, BSSID, local IP addresses, DNS server information and the MAC address. Some of this information (MAC address) is no longer available via APIs on Android 6 and higher, and extra permissions are normally required to access the rest of this information. However, by listening to these broadcasts, any application on the device can capture this information thus bypassing any permission checks and existing mitigations.; tags | exploit, local, info disclosure; advisories | CVE-2018-9489; SHA-256 | 523ebc0e6847c2ff3858fa671185f0aded4e77fd712ecd694c1d059ae8df9760; Download | Favorite | View

Eaton Xpert Meter 13.4.0.10 SSH Private Key Disclosure: Posted Aug 30, 2018; Authored by BrianWGray; Eaton Xpert Meter version 13.4.0.10 suffers from an SSH private key disclosure vulnerability.; tags | exploit, info disclosure; SHA-256 | 9202527e403cd306b11b2ac0811f1dc28ab8b48ecd31c595d94593d5a1c8db5b; Download | Favorite | View

Page 1 of 9 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 286 files
Ubuntu 65 files
Debian 25 files
Gentoo 16 files
LiquidWorm 10 files
nu11secur1ty 6 files
Milad Karimi 4 files
Google Security Research 3 files
Adam Gowdiak 3 files
kai6u 3 files

Files

Top Authors In Last 30 Days

Recent News