exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2019-12-30

Thrive Smart Home 1.1 SQL Injection
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

Thrive Smart Home version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | e4aeb323f7e63fc22396a520fa3afe3efdd3c385f4c7d50055f96ddd5dd0ea03
Download | Favorite | View
Thrive Smart Home 1.1 Cross Site Scripting
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

Thrive Smart Home version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 46cea7a8c0bef7c0a74a6327c76ab35c819eb35ee2af2b41e2ed9ae4714f203f
Download | Favorite | View
HomeAutomation 3.3.2 Open Redirect
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 6c400fc7be48ccc34237bf098de7c74f775e8fb6b620c32b76e8751964726b9f
Download | Favorite | View
HomeAutomation 3.3.2 CSRF / Code Execution
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 suffers from a cross site request forgery vulnerability that allows for remote command execution.

tags | exploit, remote, csrf
SHA-256 | cca8b334de34777125e8f2a0950a8442c54a2c5b0d8651006ecec4b614ce177e
Download | Favorite | View
HomeAutomation 3.3.2 Cross Site Request Forgery
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | f23c1aa99af5634149ccf36f6901f15700735c2a52845ce2a65186b287a4ac7b
Download | Favorite | View
Debian Security Advisory 4596-1
Posted Dec 30, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4596-1 - Several issues were discovered in the Tomcat servlet and JSP engine, which could result in session fixation attacks, information disclosure, cross- site scripting, denial of service via resource exhaustion and insecure redirects.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2018-11784, CVE-2018-8014, CVE-2019-0199, CVE-2019-0221, CVE-2019-12418, CVE-2019-17563
SHA-256 | 6ebceaf0d89b2cfd7371e7b66dc4d0a44198b1bc2430ecc38e1dec0541185915
Download | Favorite | View
FreeBSD fd Privilege Escalation
Posted Dec 30, 2019
Authored by Karsten Konig

Local root exploit for the FreeBSD fd vulnerability as disclosed in FreeBSD-SA-19:02.fd.

tags | exploit, local, root
systems | freebsd, bsd
advisories | CVE-2019-5596
SHA-256 | 05adfc97defa9b66032601dddbc7174d89d7c42893b3449bce122d3043b86df0
Download | Favorite | View
HomeAutomation 3.3.2 Authentication Bypass
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 authentication bypass exploit.

tags | exploit
SHA-256 | 32faefa048892c60f350fd14fb7b3dfb9d5189bfa825f6509603127552d92716
Download | Favorite | View
FreeBSD mqueuefs Privilege Escalation
Posted Dec 30, 2019
Authored by Karsten Konig

Local root exploit for the FreeBSD mqueuefs vulnerability as disclosed in FreeBSD-SA-19:15.mqueuefs.

tags | exploit, local, root
systems | freebsd, bsd
SHA-256 | 90adbf6571ee419b5720c2c77c09ae73c0b991d5356d6bf9cdef1949b5a67b6d
Download | Favorite | View
MyDomoAtHome (MDAH) REST API Domoticz ISS Gateway 0.2.40 Information Disclosure
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

MyDomoAtHome REST API is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this, via a specially crafted request to gain access to sensitive information.

tags | exploit, remote, info disclosure
SHA-256 | 357776a2d5aa47ac656833d53b8602fbc35b3aa0ce805316d286d7e1b1dfd90d
Download | Favorite | View
HomeAutomation 3.3.2 Cross Site Scripting
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

HomeAutomation version 3.3.2 suffers from persistent and reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 5bea197f9f58eb7871adf024f5cfc3eba64f2d6e110ef8855ccd8cf44af9dd25
Download | Favorite | View
WEMS BEMS 21.3.1 Undocumented Backdoor Account
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

WEMS BEMS version 21.3.1 has an undocumented backdoor account that is Base64 encoded. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the controller thru the RMI.

tags | exploit
SHA-256 | a5fa2ebe403b9dae6b9fd7464ecc1dbb0eb48cace1ac5d8e6e0170f2583f4c0f
Download | Favorite | View
Debian Security Advisory 4595-1
Posted Dec 30, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4595-1 - It was discovered that debian-lan-config, a FAI config space for the Debian-LAN system, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other user principals.

tags | advisory
systems | linux, debian
advisories | CVE-2019-3467
SHA-256 | 82061cfc85edebc357e70e88bef1a28092a77d75e58404c34d56e60eb1d2f284
Download | Favorite | View
Debian Security Advisory 4594-1
Posted Dec 30, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4594-1 - Guido Vranken discovered an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2019-1551
SHA-256 | a39d0cc9a81c74129e5f00871afb245984b1984fc1e3bd6c3edaaa4475432379
Download | Favorite | View
WEMS Enterprise Manager 2.58 Cross Site Scripting
Posted Dec 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

WEMS Enterprise Manager version 2.58 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 808838c8fe62218d13ec462ebceceec14d3c27579ab0faedf0c2ab8a91a904a1
Download | Favorite | View
Heatmiser Netmonitor 3.03 Hardcoded Credentials
Posted Dec 30, 2019
Authored by Ismail Tasdelen

Heatmiser Netmonitor version 3.03 suffers from a hardcoded credential vulnerability.

tags | exploit
SHA-256 | 4660a59d519385d8cbe9b5ff59c605844c85e61e300d5e806ea6da2939b58d03
Download | Favorite | View
Wing FTP Server 6.0.7 Unquoted Service Path
Posted Dec 30, 2019
Authored by Nawaf Alkeraithe

Wing FTP Server version 6.0.7 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 559fc39363ebeac4e49dba17e94eff68b828a2fdd812f22ec437c92d997c5bf7
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close