On some default Linux installations of PostgreSQL, the postgres service account may write to the /tmp directory, and may source UDF Shared Libraries from there as well, allowing execution of arbitrary code. This Metasploit module compiles a Linux shared object file, uploads it to the target host via the UPDATE pg_largeobject method of binary injection, and creates a UDF (user defined function) from that shared object. Because the payload is run as the shared object's constructor, it does not need to conform to specific Postgres API versions.
c51dddadd2b2d88c86fc65284de0c6ecc7a31786c8b947b7ba7c753e87036e3fPayPal Community Forums suffered from an open redirection vulnerability.
da62009cdea92dc82ba2895b0dd479190833d31a9304a4504e58806e3949fef4PayPal suffered from a persistent cross site scripting vulnerability.
e3a53bf9a3cb0081fa271e9eece1789f2586fde29ba667218e8a35540c8d0a25MyBB Social Sites plugin version 0.2.2 suffers from a cross site scripting vulnerability.
a0e24edd3dd9a51028135bcd60e969fabcbfbbeab5e7a36e267ae93717f7cc90OpenDocMan version 1.2.6.2 suffers from remote SQL injection and multiple access bypass vulnerabilities.
b865110065c53e1f31eed37d7378c899a40f17fdecd48dbbcec488cf1491d1beAddressbook versions 8.1.24.1 and 8.2.5 suffer from a cross site scripting vulnerability in Group Name.
20aebf2bfe9b011017e46733e1177c025ebc2f405f02f295a97fb67315a1919dMyBB Facebook Profile plugin version 2.4 suffers from a persistent cross site scripting vulnerability.
b596494df8015a26ec8281a40e0e59804e68ace1412db001cdfc5f9f92f4775eMyBB MyYoutube plugin version 1.0 suffers from a remote SQL injection vulnerability.
96237158a6461e3346db891e94efe14ff8eaa4cfef063fddd459847dee10f323Cisco Wireless Lan Controller version 7.2.110.0 suffers from cross site request forgery, cross site scripting, and denial of service vulnerabilities.
7f735255a4061458df999f6cd3debd65949064ebec7a5945f03af105fd41ea9fMyBB DyMy User Agent plugin suffers from a remote SQL injection vulnerability.
a8a2eb2944aa5dcefd861c252a254b4563f92ce0c1586963e669bcfbf992580dCentreon versions 2.3.3 through 2.3.9-4 menuXML.php remote blind SQL injection exploit.
d04b644c764a41f28eca2c71a041e69645a678273c302fafa28bfe8fac2f9c4aWordPress portable-phpMyAdmin plugin version 1.3.0 fails to validate the existing session allowing a user to navigate directly to the interface.
635ba61336555a6ec94b472a5ccf980487338b18f6471804097b5b53d1873419Novell File Reporter agent XML parsing remote code execution exploit.
d97019b8d30cf82a531d15b67988c264ae384da68ddc63da71ca44d3e9fc1cd0The MyBB TipsOfTheDay plugin version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
3f3e2279dc77a79ff331918ccf4d8bac17b1fe7e1b582d104f49f4bc4a6e401bOracleBI Discoverer version 10.1.2.48.18 suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
c58ffd83bc1d7695546e8dcb6e1cb866aa14898088f3a34b7212334f210fd971This Metasploit module exploits a stack buffer overflow in HP Data Protector 4.0 SP1. The overflow occurs during the login process, in the DtbClsLogin function provided by the dpwindtb.dll component, where the Utf8Cpy (strcpy like function) is used in an insecure way with the username. A successful exploitation will lead to code execution with the privileges of the "dpwinsdr.exe" (HP Data Protector Express Domain Server Service) process, which runs as SYSTEM by default.
5f48e6eddcdea7f49b54140b15408fdea2d0b9f566799a073770127a3896e0b8Axway suffers from a directory traversal vulnerability.
04f8c9608f7b081b5b9f36da218554d16571200bee8fe3757da362b47b6ab9b5A security vulnerability in Internet Explorer, versions 6 through 10, allows your mouse cursor to be tracked anywhere on the screen, even if the Internet Explorer window is inactive, unfocused or minimized. The vulnerability is notable because it compromises the security of virtual keyboards and virtual keypads.
9620aa1b047f609f033a379bbdd5599317f9e375d596dca4ac5843568aa76fa3MyBB Profile Blogs plugin version 1.2 suffers from cross site scripting and remote SQL injection vulnerabilities.
99365166b379b24a1e62bdad682fab348042ecd9020dad7c86223aa0e2485beaIrfanView version 4.33 suffers from a code execution vulnerability in IMXCF.DLL.
0a1f142ba76135c7bcf860c32266bf1a855ad2cd191192fcf8ec2176558f0b9cMyBB Bank v3 plugin suffers from a remote SQL injection vulnerability.
8b7b4808b066772f9bf0187917fb4d6afe4c2c05f6c110e936183f8394da4506Smartphone Pentest Framework (SPF) versions 0.1.3 and 0.1.4 suffer from an OS command injection vulnerability.
906c7eea1fe12f12b9b25999c7595434ecd7575528a011fedfc47fad23b37053Joomla Jooproperty component version 1.13.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
ecb0bb0f7042b4fec4ad2c830d6701de883a1b4f5539f0e112f83b938f85f6b0SimpleInvoices version 2011.1 suffers from multiple cross site scripting vulnerabilities.
3ecfc994ac4e984591a3608e192e99266ae5c16efedfadf34bdef7ec941368bbSnare for Linux suffers from a cross site scripting vulnerability via log injection. All versions prior to 1.7.0 are vulnerable.
d22ada759dcbc1d17dafab44a19f943b1bb0c438c37fb13503433ad75f387109
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed