Showing 1 - 15 of 15

Files Date: 2013-08-15

Ubuntu Security Notice USN-1928-1: Posted Aug 15, 2013; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1928-1 - It was discovered that Puppet incorrectly handled the resource_type service. A local attacker on the master could use this issue to execute arbitrary Ruby files. It was discovered that Puppet incorrectly handled permissions on the modules it installed. Modules could be installed with the permissions that existed when they were built, possibly exposing them to a local attacker. Various other issues were also addressed.; tags | advisory, arbitrary, local, ruby; systems | linux, ubuntu; advisories | CVE-2013-4761, CVE-2013-4956, CVE-2013-4761, CVE-2013-4956; SHA-256 | cdcde70f2713266a5b8a4ed92df915a902df42405d256a043c28743f4e1f6c7b; Download | Favorite | View

OpenX 2.8.10 Cross Site Scripting / SQL Injection: Posted Aug 15, 2013; Authored by Esac; OpenX version 2.8.10 suffers from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | e63af2e9b896b7c8eb47ee1b85fb36653f9042c5e5e8c8e23dcad89dcee326f8; Download | Favorite | View

Photo Transfer Upload 1.0 LFI / Shell Upload / XSS: Posted Aug 15, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; Photo Transfer Upload version 1.0 for iOS suffers from cross site scripting, local file inclusion, and remote shell upload vulnerabilities.; tags | exploit, remote, shell, local, vulnerability, xss, file inclusion; systems | cisco, ios; SHA-256 | 9797a90f4d101bc559e0e7a955fc1029afada224bfd37dbdb8bd0fc40a9ac16e; Download | Favorite | View

w-CMS 2.0.1 Remote Code Execution: Posted Aug 15, 2013; Authored by ICheer_No0M; w-CMS version 2.0.1 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | efd54a5c7bc5ea4e8df8a03491a7815ef4eef5419d77a00351892d85ee2c964e; Download | Favorite | View

Quark Chat 1.0 XSS / SQL Injection / Path Disclosure: Posted Aug 15, 2013; Authored by Dylan Irzi; Quark Chat version 1.0 suffers from cross site scripting, path disclosure, and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection, info disclosure; SHA-256 | 929e0896aa251b1adeffa2a27dd9e8623dd08b30f77b7b4491b9812d99c37c56; Download | Favorite | View

Copy To WebDAV 1.1 LFI / Shell Upload / Command Injection: Posted Aug 15, 2013; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; Copy to WebDAV version 1.1 for iOS suffers from local file inclusion, command injection, and remote shell upload vulnerabilities.; tags | exploit, remote, shell, local, vulnerability, file inclusion; systems | cisco, ios; SHA-256 | 23dcf46f528554d76be9439abab500204ea1dfc338b343174897859c0b85f712; Download | Favorite | View

ACal 2.2.6 Local File Inclusion: Posted Aug 15, 2013; Authored by ICheer_No0M; ACal version 2.2.6 suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; SHA-256 | 8b456bbad7110133d868847964b7235eced3a31ddeaaf9bd88a99a1f357c20b0; Download | Favorite | View

Alibaba Clone Tritanium SQL Injection: Posted Aug 15, 2013; Authored by IRAQ_JAGUAR; Alibaba Clone Tritanium suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 9a89ea61a2acad21e0d3dbbc3e015e8b67228a2e028c4fdb115add3c71cb033b; Download | Favorite | View

PhpVibe 3.1 Cross Site Scripting / SQL Injection: Posted Aug 15, 2013; Authored by Esac; PhpVibe version 3.1 suffers from cross site scripting and remote error-based blind SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | 712c25d819fd4f4f6c21ec1943c96c94f720cf0849291307b5cf92da7117b004; Download | Favorite | View

Linksys Access Bypass: Posted Aug 15, 2013; Authored by Kyle Lovett; On various Linksys devices, an unspecified bug can cause an unsafe/undocumented TCP port to open allowing for unauthenticated remote access to the device.; tags | advisory, remote, tcp, bypass; advisories | CVE-2013-5122; SHA-256 | 498c65c860fe5d919123b02b7dda83e1dd02868d0b1adb1db402354c60007bd1; Download | Favorite | View

Exploiting Add-Ons In Mozilla Firefox: Posted Aug 15, 2013; Authored by SixP4ck3r; These are presentation slides for Explotando Add-On's de Mozilla Firefox, or Exploiting Add-Ons in Mozilla Firefox. Written in Spanish.; tags | paper; SHA-256 | be5a0d2d8734ba09d02081c9ed082df4f7e9d69db609f8de7bd83cb6ceeee9dc; Download | Favorite | View

Pligg CMS 2.0.0rc2 Cross Site Request Forgery: Posted Aug 15, 2013; Authored by DaOne; Pligg CMS versions 2.0.0rc2 and below suffer from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | ff92bd903b53f3d80aaea2d128b6371304d4ac04de3a162a6b5413b95625956a; Download | Favorite | View

MIT Directory Information Disclosure: Posted Aug 15, 2013; Authored by Juan Carlos Garcia; Massachusetts Institute of Technology suffers form a parent directory information disclosure issue.; tags | exploit, info disclosure; SHA-256 | 25c4c820de4680add586c4f667935a3834dbffdb67c3acffb1699c117aa0e5ac; Download | Favorite | View

HP Security Bulletin HPSBMU02915: Posted Aug 15, 2013; Authored by HP | Site hp.com; HP Security Bulletin HPSBMU02915 - A potential security vulnerability has been identified with HP Service Manager. The vulnerability could be exploited to allow remote unauthenticated access and elevation of privilege. Revision 1 of this advisory.; tags | advisory, remote; advisories | CVE-2013-4808; SHA-256 | 4aab2f4cbd7c2757d6b058eab56f90b8b510cfd70e2155b22d407190fbcdb86b; Download | Favorite | View

KCFinder 2.51 Local File Disclosure: Posted Aug 15, 2013; Authored by DaOne; KCFinder version 2.51 suffers from a local file disclosure vulnerability.; tags | exploit, local, info disclosure; SHA-256 | e5b2f68a7dbe3eea0f99b54f87d0dd99dde65a924630d4d71713a48fe3378434; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days