Showing 1 - 25 of 193

Files

Packet Storm New Exploits For January, 2016: Posted Feb 1, 2016; Authored by Todd J. | Site packetstormsecurity.com; This archive contains 192 exploits that were added to Packet Storm in January, 2016.; tags | exploit; systems | linux; SHA-256 | e8972021610e567b5f7f912ba7177bf5e7f650b33316959d0898a2f2ddacef7a; Download | Favorite | View

Hippo CMS 10.1 XML External Entity Information Disclosure: Posted Jan 31, 2016; Authored by LiquidWorm | Site zeroscience.mk; Hippo CMS version 10.1 suffers from an XML External Entity information disclosure vulnerability.; tags | exploit, info disclosure, xxe; SHA-256 | c467cf5987ff04b0981c61e79fceeeafe5e7597ea26c5cfec1e21868b1dd6c71; Download | Favorite | View

Hippo CMS 10.1 Stored Cross Site Scripting: Posted Jan 31, 2016; Authored by LiquidWorm | Site zeroscience.mk; Hippo CMS version 10.1 suffers from a stored cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | baa214cc3d18abc9c36401bb6549b75564476366c5d76e56472cf63f81e56474; Download | Favorite | View

WordPress Comment Rating 1.5.0 Cross Site Scripting: Posted Jan 30, 2016; Authored by Rahul Pratap Singh; WordPress Comment Rating plugin version 1.5.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 9f0c5fd1074a6f60a6cbbc7730ec82d55469a4633a9b1c87ce3e6833d4eafce1; Download | Favorite | View

Winhex Editor 18.7 DLL Hijacking: Posted Jan 30, 2016; Authored by Shantanu Khandelwal; Winhex Editor versions 18.7 and below suffer from a dll hijacking vulnerability.; tags | exploit; systems | windows; SHA-256 | a2988b47b6ea70cf272daeceb0baa2837b29c0bb70bff4b67411208fc59918dc; Download | Favorite | View

iScripts EasyCreate 3.0 Remote Code Execution: Posted Jan 29, 2016; Authored by Bikramaditya Guha | Site zeroscience.mk; iScripts EasyCreate version 3.0 remote code execution exploit.; tags | exploit, remote, code execution; SHA-256 | f9eba4403db1851e2983b19c6120edd812642398ce364387499ea02c62b073c8; Download | Favorite | View

iScripts EasyCreate 3.0 XSS / CSRF / SQL Injection: Posted Jan 29, 2016; Authored by Bikramaditya Guha | Site zeroscience.mk; iScripts EasyCreate version 3.0 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection, csrf; SHA-256 | 51ba21e8c993b54fdc5c2aaa20bde5026d37b022b8f86570e770abcecf88e995; Download | Favorite | View

ManageEngine Eventlog Analyzer 10 Privilege Escalation: Posted Jan 29, 2016; Authored by Nicholas Lehman; ManageEngine Eventlog Analyzer versions 4.0 through 10 suffer from a privilege escalation vulnerability.; tags | exploit; SHA-256 | 034c23483e09b9bbd65889d639878efb6d10683ad57d5d65f664f30bd1ef86d5; Download | Favorite | View

ManageEngine Network Configuration Management Build 11000 CSRF: Posted Jan 29, 2016; Authored by Kaustubh G. Padwad; ManageEngine Network Configuration Management build 11000 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | b4748784f8dee5785fb74729ebcd54c6263a9b3b6fefef6c72fb3f86e7114d00; Download | Favorite | View

Avira Cross Site Scripting: Posted Jan 29, 2016; Authored by RootByte; translate.avira.com suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | d71d8ff7e41f6aa75bf4b383a4ad84b35a924e19ee1f73dce983f4e1bc088f07; Download | Favorite | View

WordPress Simple Add Pages Or Posts 1.6 Cross Site Request Forgery: Posted Jan 29, 2016; Authored by ALIREZA_PROMIS; WordPress Simple Add Pages Or Posts plugin version 1.6 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | ab8bac74ee5d413168f78d2233fb3bb883e68e5e590064e748bff8fc30fba72a; Download | Favorite | View

ProjectSend r582 Bypass / SQL Injection / File Read: Posted Jan 29, 2016; Authored by Filippo Cavallarin; ProjetSend version r582 suffers from authentication bypass, remote SQL injection, insecure direct object reference, and directory traversal / arbitrary file read vulnerabilities.; tags | exploit, remote, arbitrary, vulnerability, sql injection; SHA-256 | 30a7ef29c39349514e61a5f8a115ccf83f446d7245c39cf98e1cee88497c7dbe; Download | Favorite | View

Netlife Photosuite Pro Cross Site Scripting: Posted Jan 29, 2016; Authored by Vulnerability Laboratory, Iran Cyber Security Group | Site vulnerability-lab.com; Netlife Photosuite Pro suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 0c7c875acadcc0098213a235d881dab365901c71f67c44cdafe87717db941b99; Download | Favorite | View

Netgear GS105Ev2 Authentication Bypass / XSS / CSRF: Posted Jan 28, 2016; Authored by Benedikt Westermann; The Netgear GS105Ev2 gigabit switch suffers from authentication bypass, cross site request forgery, cross site scripting, and various other vulnerabilities.; tags | exploit, vulnerability, xss, bypass, csrf; advisories | CVE-2014-4864; SHA-256 | 547a1d61069fbbdb42e1980b27eb64a3e37bcac9509fc466da60f318d2788af1; Download | Favorite | View

Log2Space Central 6.2 Cross Site Scripting: Posted Jan 28, 2016; Authored by Rahul Pratap Singh; Log2Space Central version 6.2 suffers from multiple reflective cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | dba77879de8c9efbd44b477ecd995853b0c1e6b8aff0aaba5e2d0c6d5ec3134f; Download | Favorite | View

Ipswitch MOVEit DMZ 8.1 Information Disclosure: Posted Jan 28, 2016; Authored by Profundis Labs, Philipp Rocholl | Site profundis-labs.com; Ipswitch MOVEit DMZ versions 8.1 and below suffer from an information disclosure vulnerability.; tags | exploit, info disclosure; advisories | CVE-2015-7680; SHA-256 | 44acfddeae314bf640341e1d035600360526ebee3cfa583373ecc064e38a9291; Download | Favorite | View

Ipswitch MOVEit Mobile 1.2.0.962 Cross Site Scripting: Posted Jan 28, 2016; Authored by Profundis Labs, Philipp Rocholl | Site profundis-labs.com; Ipswitch MOVEit Mobile versions 1.2.0.962 and below suffer from a reflective cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2015-7679; SHA-256 | 431564f9b2c85919d2b89891be620bd6c2fb9795285b0460d5dd50f30016763c; Download | Favorite | View

Ipswitch MOVEit Mobile 1.2.0.962 Cross Site Request Forgery: Posted Jan 28, 2016; Authored by Profundis Labs, Philipp Rocholl | Site profundis-labs.com; Ipswitch MOVEit Mobile versions 1.2.0.962 and below suffer from a cross site request forgery vulnerability.; tags | exploit, csrf; advisories | CVE-2015-7678; SHA-256 | 75cb6f19cbf811fba6518faa4bb2a4e0c0b6a1f47f2e6248d45ee2f121fc0bff; Download | Favorite | View

Ipswitch MOVEit DMZ 8.1 File ID Enumeration: Posted Jan 28, 2016; Authored by Profundis Labs, Philipp Rocholl | Site profundis-labs.com; Ipswitch MOVEit DMZ versions 8.1 and below suffer from a file id enumeration vulnerability.; tags | exploit; advisories | CVE-2015-7677; SHA-256 | 07d2065a2651c61d15713c82deb5316a3decf15512ab4b96f6f9d122beaea8e3; Download | Favorite | View

Ipswitch MOVEit DMZ 8.1 Persistent Cross Site Scripting: Posted Jan 28, 2016; Authored by Profundis Labs, Philipp Rocholl | Site profundis-labs.com; Ipswitch MOVEit DMZ versions 8.1 and below suffer from a persistent cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2015-7676; SHA-256 | 75d345e15be5e9a09d0d8466d7299dfe4062a18f3cc2482fbfaf1bd9439fddf1; Download | Favorite | View

Ipswitch MOVEit DMZ 8.1 Authorization Bypass: Posted Jan 28, 2016; Authored by Profundis Labs, Philipp Rocholl | Site profundis-labs.com; Ipswitch MOVEit DMZ versions 8.1 and below suffer from an authorization bypass vulnerability.; tags | exploit, bypass; advisories | CVE-2015-7675; SHA-256 | 0c6c3fa941b2112ee4be3c318d22e87d05cf584bc71e375f4bde79ce23e727e9; Download | Favorite | View

Horizon HD / WiFi Weak WiFi Passphrase Generation: Posted Jan 28, 2016; Authored by Ivan Almuina; Horizon HD / WiFi suffers from a weak wifi passphrase generation vulnerability.; tags | exploit; SHA-256 | 078e609265d0354d2c20ab26b50fe6f37418e788f664f00ad8e155e3244bb7b5; Download | Favorite | View

WordPress Appointment Booking Calendar 1.1.24 SQL Injection: Posted Jan 28, 2016; Authored by Joaquin Ramirez Martinez; WordPress Appointment Booking Calendar plugin version 1.1.24 suffers from a remote SQL injection through addslashes.; tags | exploit, remote, sql injection; SHA-256 | f50b726fd5aa53e19ad3f34f743c544fe51d0489b26fd23bee63b91da753dccc; Download | Favorite | View

VLC Media Player 2.2.1 Heap Memory Corruption: Posted Jan 28, 2016; Authored by Francis Provencher; VLC Media Player version 2.2.1 suffers from a heap memory corruption vulnerability when handling malformed mp4 files.; tags | exploit; systems | linux; SHA-256 | 43dc83338e58a0b5197ace97ec0c305748e3b03d919076f55f3174e828eb1787; Download | Favorite | View

Trend Micro Direct Pass Filter Bypass / CSRF: Posted Jan 28, 2016; Authored by Vulnerability Laboratory, Karim Rahal | Site vulnerability-lab.com; Trend Micro Direct Pass suffers from filter bypass and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 427ee5ce8144ceff06d82ae31e267ce7cab12ba8ddde6940b78a4dc9125c6c9e; Download | Favorite | View

Page 1 of 8 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 290 files
Ubuntu 63 files
Debian 20 files
Gentoo 8 files
Apple 6 files
LiquidWorm 4 files
Google Security Research 4 files
Alter Prime 3 files
Spencer McIntyre 3 files
Jann Horn 3 files

Files

Top Authors In Last 30 Days

Recent News