seeing is believing
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-12-06

Jamroom 5.0.2 Cross Site Scripting
Posted Dec 6, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Jamroom version 5.0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-6804
MD5 | 63e18a95e0d1d35fd6ce7e97992f77b0
Enorth Webpublisher CMS SQL Injection
Posted Dec 6, 2013
Authored by xin.wang

Enorth Webpublisher CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-6985
MD5 | 5e7f20f95b9966bc014ead1d37072618
Wireless Transfer App 3.7 Command Injection
Posted Dec 6, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Wireless Transfer App version 3.7 suffers from a command injection vulnerability.

tags | exploit
MD5 | a58ea521e9316ea3efd156865e7d20df
Sonicwall GMS 7.x Filter Bypass
Posted Dec 6, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Dell Sonicwall GMS version 7.x suffers from filter bypass and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 8ba2df40fe112f10113ccc857bbc0279
NagiosQL 3.2.0 SP2 Cross Site Scripting
Posted Dec 6, 2013
Authored by William Costa

NagiosQL version 3.2.0 Service Pack 2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-6039
MD5 | 5b23da926d82fe9a9aac2416562deab9
RedAxScript 1.1 SQL Injection
Posted Dec 6, 2013
Authored by KedAns-Dz

RedAxScript version 1.1 suffers from multiple remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | aaae0b9a6888f430683b128cf50bbb25
NeoBill 0.9-alpha eCommerce Command Execution / SQL Injection / LFI
Posted Dec 6, 2013
Authored by KedAns-Dz

NeoBill version 0.9-alpha eCommerce suffers from local file inclusion, remote command execution, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
MD5 | 389b11a49715db0734ad51ef74d26b8b
Red Hat Security Advisory 2013-1790-01
Posted Dec 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1790-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An information leak flaw was found in the way the Xen hypervisor handled error conditions when reading guest memory during certain guest-originated operations, such as port or memory mapped I/O writes. A privileged user in a fully-virtualized guest could use this flaw to leak hypervisor stack memory to a guest.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2013-4355
MD5 | b40ed0715433bff515dd7b63840541aa
Red Hat Security Advisory 2013-1794-01
Posted Dec 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1794-01 - Ruby on Rails is a model-view-controller framework for web application development. Action Pack implements the controller and the view components. A flaw was found in the way Ruby on Rails performed JSON parameter parsing. An application using a third party library, which uses the Rack::Request interface, or custom Rack middleware could bypass the protection implemented to fix the CVE-2013-0155 vulnerability, causing the application to receive unsafe parameters and become vulnerable to CVE-2013-0155.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2013-4491, CVE-2013-6414, CVE-2013-6415, CVE-2013-6417
MD5 | 64416d97c3bb0323fdf7b8979b7e68c1
Ubuntu Security Notice USN-2048-1
Posted Dec 6, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2048-1 - Scott Cantor discovered that libcurl incorrectly verified CN and SAN name fields when digital signature verification was disabled. When libcurl is being used in this uncommon way by specific applications, an attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-4545
MD5 | c5eaa49af71322b8e2fb0a62bff4d62a
Red Hat Security Advisory 2013-1793-01
Posted Dec 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1793-01 - This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.4, 5.5 and 5.6. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-3829, CVE-2013-4041, CVE-2013-5372, CVE-2013-5375, CVE-2013-5457, CVE-2013-5772, CVE-2013-5774, CVE-2013-5776, CVE-2013-5778, CVE-2013-5780, CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5789, CVE-2013-5797, CVE-2013-5801, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5809, CVE-2013-5812, CVE-2013-5814, CVE-2013-5817, CVE-2013-5818, CVE-2013-5819, CVE-2013-5820, CVE-2013-5823
MD5 | 4e16466b04511b6e2f6ea808448fcbb9
Red Hat Security Advisory 2013-1791-01
Posted Dec 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1791-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. It was found that the fix for CVE-2013-1620 released via RHSA-2013:1135 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2013-1739, CVE-2013-1741, CVE-2013-5605, CVE-2013-5606, CVE-2013-5607
MD5 | 028a41e99a7b6679ef72e47f223ac5ae
Red Hat Security Advisory 2013-1792-01
Posted Dec 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1792-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.2 will be retired as of January 7, 2014, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.2 EUS after that date. In addition, technical support through Red Hat's Global Support Services will no longer be provided after January 7, 2014. Note: This notification applies only to those customers subscribed to the Extended Update Support channel for Red Hat Enterprise Linux 6.2.

tags | advisory
systems | linux, redhat
MD5 | ff633d819b042ee8c1d222fd8b03b0bc
Red Hat Security Advisory 2013-1783-01
Posted Dec 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1783-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition was found in the way asynchronous I/O and fallocate() interacted when using the ext4 file system. A local, unprivileged user could use this flaw to expose random data from an extent whose data blocks have not yet been written, and thus contain data from a deleted file. An information leak flaw was found in the way the Linux kernel's device mapper subsystem, under certain conditions, interpreted data written to snapshot block devices. An attacker could use this flaw to read data from disk blocks in free space, which are normally inaccessible.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2012-4508, CVE-2013-2851, CVE-2013-4299
MD5 | b77c4c8ac04f0da3c37f0cdf435ac04a
WordPress Easy Career Openings SQL Injection
Posted Dec 6, 2013
Authored by Iranian_Dark_Coders_Team, Black.Hack3r

WordPress Easy Career Openings plugin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f36cf89cbb17035d125da48836842dc2
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close