Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-10-14

VendHQ Cross Site Request Forgery
Posted Oct 14, 2016
Authored by Ahsan Tahir

VendHQ suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 692b245f38647d8aae1cd01e098f52a4
Oneblog 2.0 Cross Site Scripting
Posted Oct 14, 2016
Authored by Nassim Asrir

Oneblog version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6d1164ed42d4edb3da0165c56ad8e452
Simple Forum PHP 2.4 Cross Site Request Forgery
Posted Oct 14, 2016
Authored by Ehsan Hosseini

Simple Forum PHP version 2.4 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf
MD5 | 348a8f2f3d740d821d6525a1e1b06c55
HP Security Bulletin HPSBNS03661 1
Posted Oct 14, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBNS03661 1 - A security vulnerability in OpenSSL was addressed by NonStop Backbox. The vulnerability could be exploited resulting in remote disclosure of information. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2016-0800
MD5 | f0e82caa396014b909d38e7d7e0f2fdd
Ubuntu Security Notice USN-3097-2
Posted Oct 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3097-2 - Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-6136, CVE-2016-6480, CVE-2016-6828
MD5 | 5bfc16d8b3a737ef00ff4133ad234e42
Red Hat Security Advisory 2016-2062-01
Posted Oct 14, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2062-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix: A permissions flaw was discovered in the MySQL logging functionality, which allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly exploit this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2016-6662
MD5 | 5c9710bbcc47b4a640998dee04c6285f
Red Hat Security Advisory 2016-2061-01
Posted Oct 14, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2061-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2016-6662
MD5 | d6fb5ac3c67dc3a73ad716b5c1e59542
Red Hat Security Advisory 2016-2060-01
Posted Oct 14, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2060-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2016-6662
MD5 | 526dacc1fb53faaca9c7d379c602c685
Red Hat Security Advisory 2016-2059-01
Posted Oct 14, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2059-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2016-6662
MD5 | e65c62ee38845379ee65e757333470fd
Red Hat Security Advisory 2016-2058-01
Posted Oct 14, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2058-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2016-6662
MD5 | 1371b086f14f97346dfad6eb72bf0954
Simple Forum PHP 2.4 SQL Injection
Posted Oct 14, 2016
Authored by Ehsan Hosseini

Simple Forum PHP version 2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 0c8f36bfef1f552bf65a54beeed6c4e8
Simple Forum PHP 2.4 Cross Site Scripting
Posted Oct 14, 2016
Authored by Ehsan Hosseini

Simple Forum PHP version 2.4 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | 850c0f31b9ac3a5c355e15cec10233de
Evernote 6.1.2.2292 DLL Hijacking
Posted Oct 14, 2016
Authored by Himanshu Mehta

Evernote version 6.1.2.2292 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | eab285e80402430b0c3928fc7d1bc7c3
NO-IP DUC 4.1.1 Privilege Escalation
Posted Oct 14, 2016
Authored by Ehsan Hosseini

NO-IP DUC version 4.1.1 suffers from an unquoted service path privilege escalation vulnerability.

tags | exploit
MD5 | d3162133f1f6173610a67e862dae0825
Pluck 4.7.3 Delete Files Cross Site Request Forgery
Posted Oct 14, 2016
Authored by ZwX

Pluck version 4.7.3 suffers from a cross site request forgery vulnerability that can delete files.

tags | exploit, csrf
MD5 | cb9baa5414e21740bc792d5ea0f82abe
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    1 Files
  • 18
    Nov 18th
    1 Files
  • 19
    Nov 19th
    3 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    7 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close