This archive contains all of the 180 exploits added to Packet Storm in November, 2019.
748d5fe134eca74ab21a6089ed971c4aa53159defadc9f9e96cc82609687a397Carlo Gavazzi SmartHouse version 6.5.33 suffers from cross site request forgery along with both reflective and persistent cross site scripting vulnerabilities.
4853055373917d744c7670ff8d4660feef8574919a15a2e1d5777cca98ae1825Microsoft Excel 2016 version 1901 suffers from an XML external entity injection vulnerability.
e44c33d8e03b25f973e061cc13989210104717a2cc6f7198f78cc1802ddf7edeMax Secure Anti Virus Plus version 19.0.4.020 suffers from an insecure permission vulnerability.
76f4e179622075025b7eb99563a43f43d4f74eb445470abbb8a207a9f416a093NAPC Xinet (interface) Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginForm[username] field when double quotes are used.
861555c2816d3e8545ed29c5458dbc9afd6526714f4d2b3d853f8b78e2022d5dAllied Telesis AT-GS950/8 up until firmware AT-S107 version 1.1.3 [1.00.047] suffers from a directory traversal vulnerability.
422b9c7ed7d41d2043906b03440133f19f70b9d3ce5345d8615b0e80edadfe03WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on the underlying system. Application passes unsafe user supplied data to ip parameter into activities_overview.php. Privileges are required in order to exploit this vulnerability. Vulnerable plugin version: 20161228 and possibly prior. Fixed plugin version: 20180826.
7ec3e2886cfeb10934e1758d21c4a3b07426bc1755426426441b88d92cfd7024OwnCloud version 8.1.8 suffers from a username disclosure vulnerability.
0307de97c325435adcb9198b8abdd9f7094e634c0324db4c86daa7772020153aAn issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.
506feee71f53fac76413f6d8f5b4cad88bddee539003ffcdf0c54f19b9a741ecOnline Inventory Manager version 3.2 suffers from a persistent cross site scripting vulnerability.
2a17665cc12bcb9f3faa72d4270155382c77fe2c2ddc086fe1084d45f5d4bb75SpotAuditor version 5.3.2 Name and Key proof of concept denial of service exploits.
def21425b191e4950249069aa03b8a79033e22714038a46149d3ba19c72fa84bMersive Solstice version 2.8.0 suffers from a remote code execution vulnerability.
41ae2404927a39e963d537c545ef3a3209ea223a6fe1314299241b67ec6d3047GHIA CamIP version 1.2 for iOS suffers from a denial of service vulnerability.
c3d5b41413dbf51de10e6b4f74f2284ed66cdd73572462d61d68618f2210df64TexasSoft CyberPlanet version 6.4.131 suffers from a CCSrvProxy unquoted service path vulnerability.
94c1d807c9a0501d3748f8c41652394f08c36679caea0fdb76a866533ce69dedWordPress version 5.3 suffers from a username enumeration vulnerability.
617224266959f06915a164de940bc67b50871dfdb40fbe6b480e2dc7741ec028Grub2 has grub2-set-bootflag setuid in the new Fedora release and has the ability to corrupt the environment.
8b02b403cb65d197b55d479f14ebd82a934af9eca331f69bc357e66acc8a31b2The vulnerability allows rescaling and corrupting the Xiaomi Mi Box (model: MIBOX3, build.id : MHC19) display without any privilege requirement, thus creating an opportunity for a non-privilege malicious app to disable the basic functionalities that the TV box is offering or can even be used for ransomware purpose - e.g., each time a target streaming app is launched, the malicious app can corrupt the display.
e3d8df083eeb13cc51a2757aa687d0e3a726620f82fe26776aef9ee56634e546SpotAuditor version 5.3.2 suffers from a denial of service vulnerability.
978407ee340b95fa4b09bb3152f890d72c691b862c9c74423625ff1e758deb66Microsoft DirectX SDK 2010 suffers from a denial of service vulnerability.
85027970bc8614d80e0b59ffa521da2a5836108f419a2d1d1b4fcdf99ed64c0apari/gp versions 2.9.1 on Debian Stretch and 2.11 on Debian Buster allow arbitrary file write and hence arbitrary code execution.
ffffda78c0913f524e10b48ae7dd7f2a88fb017e7d948c4b48b4348c11a63e02Fortinet products, including FortiGate and Forticlient, regularly send information to Fortinet servers using XOR "encryption" with a static key. FortiClientWindows versions 6.0.6 and below, and FortiClientMac versions 6.2.1 and below. After this advisory was released, Fortinet has confirmed that only FortiOS version 6.2.0 includes the patch.
8dc47eb79b4cc21fe29d2fa486d30fd36bd9bb27983db8a7c9f4ea84620972f0iNetTools for iOS version 8.20 suffers from a denial of service vulnerability.
2d6f29f1dd6aa8f4c79f15e1cfe1e0fec8e9d8376f819cf783b6c200b49d4312InduSoft Web Studio version 8.1 SP1 suffers from a denial of service vulnerability.
6366535aefb1f96747e1775600301c88409b37c3364ba70eb9ddde8e3efd6dcbWaves MaxxAudio Drivers version 1.1.6.0 suffers from an unquoted service path vulnerability.
d9a785f0cc29b82091e884c52a3c1a2f45dabc8c9489b5345e2c38acfaf64a20InTouch Machine Edition version 8.1 SP1 denial of service proof of concept exploit.
ec77e960829caa7b23c3294df2aa687ebe99b5283cb9df0050fd00aa8ec7aaa4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed