what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2012-05-12

Free Reality 3.1-0.6 XSS / CSRF / SQL Injection
Posted May 12, 2012
Authored by the_storm, Vulnerability Laboratory | Site vulnerability-lab.com

Free Reality version 3.1-0.6 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
SHA-256 | 493f04f3ec7af900fb32e04bb9d6040d9d5478aa3e1ab908625ea0aa19e36bbd
SSLsplit 0.4.4
Posted May 12, 2012
Site roe.ch

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

Changes: This release adds improvements to OCSP denial and bugfixes.
tags | encryption
SHA-256 | 10da16c1be95d20157145da3dd5e9ffea69818889a25c2c134fcd14c97fbf6a3
AnvSoft Any Video Conveter 4.3.6 Unicode Buffer Overflow
Posted May 12, 2012
Authored by h1ch4m

AnvSoft Any Video Converter version 4.3.6 unicode buffer overflow exploit that creates a malicious .reg file.

tags | exploit, overflow
SHA-256 | c532021cc23d12aa672117669ee1f244c0d5045941bccdba57ba511e3b959328
Sockso 1.51 Cross Site Scripting
Posted May 12, 2012
Authored by Ciaran McNally

Sockso versions 1.51 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ce4130dfcdd5f03d5815606f2541cae70de1c7e752e6e762e838a81b94563ec2
GENU CMS 2012.4 CSRF / SQL Injection
Posted May 12, 2012
Authored by Chokri Ben Achor, Vulnerability Laboratory | Site vulnerability-lab.com

GENU CMS version 2012.4 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
SHA-256 | 6bddc2191901810274fa3dc11c1b25d1771893d78a5b2233469550f82f00e35d
The Hackers Conference 2012 Call For Papers
Posted May 12, 2012
Site thehackersconference.com

The Hackers Conference 2012 Call For Papers has been announced. It will take place in New Delhi, India on July 29th, 2012.

tags | paper, conference
SHA-256 | 2df905cfab372c60d91883baf18207d362798725de61105f13e35ec782b04499
Serendipity CMS 1.6 Cross Site Scripting
Posted May 12, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Serendipity CMS version 1.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 10b7368991d50674bb817ccf140405847e9ce14c0a0c273269026118e68149f0
GetSimple CMS 3.1 Cross Site Scripting
Posted May 12, 2012
Authored by Chokri Ben Achor, Vulnerability Laboratory | Site vulnerability-lab.com

GetSimple CMS version 3.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 907c8b643da2c6b6cde7782c0dc396629ae2402f8972644e23c2e574d7f1ee23
Indexa SQL Injection
Posted May 12, 2012
Authored by Th4 MasK

Indexa suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dc8c877edeeba28ad84395fbc9eaec87591e83a222a3bfec24a3f4e87705371a
Cura 0.4.0
Posted May 12, 2012
Site github.com

Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).

Changes: Nmap is now fully functional.
tags | tool, remote, wireless
systems | unix
SHA-256 | 7535e3c956995ec088e0036a3ecb227af85f7e7498611ed214ba05bc70a26996
NEC Backdoor Administrative Account
Posted May 12, 2012
Authored by Djamshut Saarash

It appears that high performance servers from NEC suffer from a hard-coded administrative account that can manipulate memory.

tags | exploit
SHA-256 | eb4272908d1ad7c1709578a39de60f3cbe679c413cb078dd31662645958fdcb3
Secunia Security Advisory 49070
Posted May 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the Contact Forms module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | 2d7957eed9cae4272fb424a07a0763daf8e104bdad6080dcf04c8917a877074b
Secunia Security Advisory 49098
Posted May 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for linux-2.6. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, debian
SHA-256 | eb30cb580a5c754fd27800e532e3a01a0dfcc39f0b8cee2e71d4f6d78b29f0de
Secunia Security Advisory 49116
Posted May 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in OpenSSL, which can be exploited by malicious people to cause a DoS (Denial of Service) of the application using the library.

tags | advisory, denial of service
SHA-256 | e35898a18b7ce00d4c782c320c6a6f07ce7af0807f27b37b33ab01bf5c26bb4b
Secunia Security Advisory 49093
Posted May 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM Rational ClearQuest, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | cb36fefe3371aaf80086f856acbcd4decad100f1f27a753233d7b2746b79db60
Secunia Security Advisory 49106
Posted May 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Galette, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 744c9bf680c97719ff18b193d831b2c7dbfdd361ff7cab53708d0ad1236965b6
Secunia Security Advisory 49081
Posted May 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Opera, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | bdf54e6e2d114ed5d815b03cda2f40c9b9ffb492fb769598c0472a9033490255
Secunia Security Advisory 49136
Posted May 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for puppet. This fixes two security issues and two vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and perform certain actions with escalated privileges and by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, suse
SHA-256 | 105f5bfdddfee5649d03653b620d229812f34bf99fbde0c1e90212c1a88f3666
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close