ownCloud version 10.0.1 appears to be missing multiple patches for cross site scripting and more.
e3c48c0271c0c89ae80ecf8f0d0ab034e903539703cefb633858b163ea696d4bAcoem 01dB CUBE Smart Noise Monitoring Terminal suffers from a remote password change vulnerability.
4dd7294ed2880c398067b21bcfb2c8cc07b8f38d4984f6fa4a6df92f82c918a6Acoem 01dB DUO Smart Noise Monitor suffers from a remote password change vulnerability.
9239f9b9ccb65830020e710a86a10e00e8fdd77ce254a91a8deb32e4fea8cfc5Schoolhos CMS version 2.29 suffers from a remote SQL injection vulnerability.
dff4ef63c4cd69b55e7f96efc87672be31a43094156fbfd68facf37893fc668fEdusson (Robotdon) BB suffers from a filter bypass vulnerability that allows for script insertion.
2669014b8cef44bc077c8e8f8a5aee2b711bb62154fb9c3c971ff3c6ee2c7d1bEdusson (Robotdon) BB suffers from a client-side script insertion vulnerability.
e835f9d0eb31298cb8e637e204789b3bf737256389fb38987aac74dce015b4d2Actiontec WCB3000N with firmware version 0.16.2.5 suffers from a privilege escalation vulnerability.
d334325a801f0f16ab6691fb7928af2b8fe205c07c1792c6af3ddad17a84e3ebSimple PHP Blog version 0.4.0 suffers from a cross site scripting vulnerability.
7a1ae84baee4ee6749d39f834be9e1f4da95a10952d8041cf099d050921a795aSweetRice version 1.5.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
3006a2095f7167c7a5bfdd1656dca78a766236c79dc9780e2f0844ca32f9841fImperva version 11.5 suffers from a bypass vulnerability by confusing the HTTP Pollution Normalization Engine.
c1845736edccc05e8e6bb4f56dd3eb91847af8259987c552787c86651ae76fbaLanWhoIs.exe version 1.0.1.120 SEH local buffer overflow exploit.
bdb97f7946d5a2a59cf24986b7e835686f00bdbf87ac4c633490caea87e87858SweetRice version 1.5.1 suffers from a backup disclosure vulnerability.
db644cedfe04e8c0fe58b3adcab057b9c28f0c023c1138fb94aafb0f8761788eGrimbb version 1.3 suffers from a username and password hash disclosure vulnerability.
cb1da872a1bdab61a8fca9ab3b8b9d2a25b3543c63e5462396e1f7ac5dc8e5bbMicrosoft Internet Explorer 9 suffers from a MSHTML CPtsTextParaclient::CountApes out-of-bounds read vulnerability.
99089ae366a7f7d4e65b3282f45f00fb4bd55bb17255adf843050757f6024bd8eFront version 3.6.15 suffers from a code execution vulnerability.
c6e64f257f167f7852a80672b6b5fc8b3f905cade9a0fe5ef321c1c60367e8baRapid PHP Editor IDE version 14.1 suffers from a cross site request forgery vulnerability that can result in remote code execution.
6ee0d5202fb29796edbb6a1380e3dd34bd93375481ef39f7911a9b77db867d09Sophos Web Appliance version 4.2.1.3 suffers from a remote code execution vulnerability.
63701a9eb15e305ac51389eaeadb3b1a48ad8b7a79c8e2be9b6f3fa830db7304Sophos Web Appliance version 4.2.1.3 suffers from a privilege escalation vulnerability. An unprivileged user can obtain an MD5 hash of the administrator password which can then be used to discover the plain-text password.
6c3a7db5cb2b8006c493d363dd8ec25ba892a528fb9c8d8faf875f49faee60aaMicrosoft Windows Server AD LDAP RootDSE Netlogon (CLDAP "AD Ping") query reflection denial of service proof of concept exploit.
fd13733c886474c28d4cb1051b620bdfe6ff808ee27e89d220108f9ddab1fdeeThis exploit takes advantage of known issues with debugging functions within the AIX linker library. It takes advantage of known functionality, and focuses on badly coded SUID binaries which do not adhere to proper security checks prior to seteuid/open/writes.
d21d10df2cfdef2edda230cf874c57b4ad9963ec7cc4c0c55f438103a6d3725cFreefloat FTP server version 1.0 SITE ZONE command buffer overflow exploit.
de7cb3d2ae3f1178602b88bf6b9d9dc83456a63bacd6b23ad9eaaed93d269534PCMan FTP Server version 2.0.7 SITE CHMOD command buffer overflow exploit.
d575991d525bcfdf89c2cb2f600a22c46c2bc57140ab8c8a67c3379eacd88d1cAIX versions 6.1, 7.1, and 7.2.0.2 lsmcode local root exploit.
bf3e83aa09cc8aa3291c39d62e561c7bce0ae117171ff19a6b828b29da6e7d8dBolinTech DreamFTP version 1.02 RETR command buffer overflow exploit.
23d2f68463014c2760fb147044db34b8a7f075964029fa3fccbe886b65eb96a5This proof of concept is an LDAP Distributed Reflective Denial of Service/Bandwidth Amplification Attack, similar to DNS and NTP amplification attacks where the target of the DoS is spoofed as the source IP in a request to the reflectors(In this case, LDAP servers). The reflectors then respond to the spoofed target IP with a bigger answer than the original question, resulting in the target experiencing what appears to be a distributed denial of service attack, even though there may only be one true source. suffers from a denial of service vulnerability.
2d0188ea5dfc88ba53477d4affef50c7d2694d8f6c6ee1be7ce0517a277d71fb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed