what you don't know can hurt you
Showing 1 - 13 of 13 RSS Feed

Files Date: 2015-04-20

HP Security Bulletin HPSBMU03321 1
Posted Apr 20, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03321 1 - Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
advisories | CVE-2015-2116
MD5 | 2c0894e2e64449b5e1264c64c737b5f0
WordPress Community Events 1.3.5 SQL Injection
Posted Apr 20, 2015
Authored by Hannes Trunde

WordPress Community Events plugin version 1.3.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2015-3313
MD5 | a4131a9874e62b588538f121de82c5f7
Ubuntu Security Notice USN-2572-1
Posted Apr 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2572-1 - It was discovered that PHP incorrectly handled cleanup when used with Apache 2.4. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled opening tar, zip or phar archives through the PHAR extension. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2015-2305, CVE-2015-2348, CVE-2015-2783, CVE-2015-2787, CVE-2015-3329, CVE-2015-3330
MD5 | 9ba5a8c6e40b951f999961ef7908933f
WordPress SlideShow Gallery Authenticated File Upload
Posted Apr 20, 2015
Authored by Jesus Ramirez Pichardo | Site metasploit.com

The WordPress SlideShow Gallery plugin contains an authenticated file upload vulnerability. You can upload arbitrary files to the upload folder, because the plugin also uses it's own file upload mechanism instead of the WordPress API it's possible to upload any file type.

tags | exploit, arbitrary, file upload
advisories | CVE-2014-5460
MD5 | bed8ce8d9e0bf1129e31a3a28f54f9ea
Red Hat Security Advisory 2015-0858-01
Posted Apr 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0858-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491
MD5 | 584f9db04101bfaee3892f56f8670850
Red Hat Security Advisory 2015-0857-01
Posted Apr 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0857-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0484, CVE-2015-0488, CVE-2015-0491, CVE-2015-0492
MD5 | ece22e5302345f9a2ac7d61dd12d375f
Laravel Framework PHP Object Injection
Posted Apr 20, 2015
Authored by Scott Arciszewski

Laravel Framework versions since 4.1 suffer from a PHP objection injection vulnerability when encryption is turned off.

tags | advisory, php
MD5 | 2f8b59eea540734519c42eff4dd3b7ad
Red Hat Security Advisory 2015-0856-01
Posted Apr 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0856-01 - PostgreSQL is an advanced object-relational database management system. An information leak flaw was found in the way the PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to execute by observing the constraint violation error messages produced when the query was executed. A buffer overflow flaw was found in the way PostgreSQL handled certain numeric formatting. An authenticated database user could use a specially crafted timestamp formatting template to cause PostgreSQL to crash or, under certain conditions, execute arbitrary code with the permissions of the user running PostgreSQL.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2014-8161, CVE-2015-0241, CVE-2015-0243, CVE-2015-0244
MD5 | 0ee920603e067598dd1ab749384f1e53
Debian Security Advisory 3230-1
Posted Apr 20, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3230-1 - James P. Turk discovered that the ReST renderer in django-markupfield, a custom Django field for easy use of markup in text fields, didn't disable the ..raw directive, allowing remote attackers to include arbitrary files.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2015-0846
MD5 | 7cbfe9820bb8b73469bdd4cfc126aa50
Debian Security Advisory 3229-1
Posted Apr 20, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3229-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.43. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-0433, CVE-2015-0441, CVE-2015-0499, CVE-2015-0501, CVE-2015-0505, CVE-2015-2568, CVE-2015-2571, CVE-2015-2573
MD5 | 2e5562f3ff74bef46ccd9dfb359c0fd6
MediaSuite.ca File Disclosure
Posted Apr 20, 2015
Authored by KnocKout

Sites designed by MediaSuite.ca appear to suffer from a file disclosure vulnerability. Note that this finding houses site-specific data.

tags | exploit, info disclosure
MD5 | 18d2e8f22fa2df58e370a57162d216a6
Free Text-To-Speech 2.0 Cross Site Scripting
Posted Apr 20, 2015
Authored by TUNISIAN CYBER

Free Text-To-Speech version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 87bd594b75aea5bc2afa62d54dfd9e66
T35T-SSH Password Cracker / Scanner
Posted Apr 20, 2015
Authored by Cleiton Pinheiro

This is a php script that uses a pre-defined set of possible passwords and tries them against a given ssh server.

tags | tool, cracker, php
MD5 | cb724d4a5264e145a0b756229dbfa95a
Page 1 of 1
Back1Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    14 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close