This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise versions 9.1.14 and 9.3.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows XP SP3 and Windows 7 SP1.
303410a6bc0af29da23911eadcd3224ee78a40329f84d26089b70fd706ce9674SunOS version 5.11 remote ICMP weakness kernel denial of service exploit.
95a41460532c231bbc67d78bf29fb5e924fd2abb8eb4b796a6c40bf9539ba715ntopng Web Interface version 2.4.160627 suffers from a cross site request forgery token bypass vulnerability.
34960661f2b3cf38145c6e6f128d9428f6327fb5638ca2374f7ba050e6755cf1Gentoo Linux Security Advisory 201701-48 - Multiple vulnerabilities have been found in Quagga, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 1.1.0-r2 are affected.
861063c13f9959f4be6de59cb33b76191ce13225aeb9a4d4b1bfe06d25f3c2f8Red Hat Security Advisory 2017-0180-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. This issue was addressed by introducing whitelists of classes that can be deserialized by RMI registry or DCG. These whitelists can be customized using the newly introduced sun.rmi.registry.registryFilter and sun.rmi.transport.dgcFilter security properties.
817d786f6fcaf819d3a9638047776f9eaf7da5c64cde447e1fc2ba1a969a4ba5Complain Management System suffers from a remote SQL injection vulnerability.
72392a73e4045bf1dddfcb69cffbe0aa13ca13ab4dfa6444791ffb665d4b1a8bICGames Games Site Script version 1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
1121c70d431b5895577088e01110edfbac4dcaa36b4f523c2cac4f5fe0606f99EasyPHP Webserver version 14.1b2 suffers from a privilege escalation vulnerability.
ac0e7db12787b540f21f069fea597a22a64ff9aa50c249bd597219a1593c91fcDomains Marketplace Script version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
0c34bd51c02224f90370e0475699e7aaa698013d4b60cdfacf93ba79ece8e68fICTutors Tutoring Site Script version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
ea4795fb8a260403770142e2079f86c68cb3e473b7f8b7323b9bf692dafaedd6Mini Blog version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
be73ba98b0b2d9319be14689aa53c1d0846766e16634f6daba09b11314a7969eIC Job Site version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
1d72c286be5e43e9e8b648a69e93db0c954aa8dd4c09a842674da6ab3a554461Music Site Script version 1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
2d60b232e0fd7d29592f5f1c4bc05e98c25b143203d4b40438284aaabfafb43eICAffiliateTracking Affiliate Tracking Script suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e65ead063700a8bf544ecf5c66c168b84e0f147e842bd68cf4f8e6220a344128Mini CMS version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
d3598f3ad978e4fb0d3e9544474973e60ddad0f1d30e002b3291b000de5d931cB2B Alibaba Clone Script suffers from a remote SQL injection vulnerability.
2329c818f5dad0d90b56facb9b5803c85bfb0180975c3ffb6dd7ad6e647070c9Viral Image and Video Sharing GagZone Script suffers from a remote SQL injection vulnerability.
d43dbd77c3f399554af32252a6d8bf1245a22f40718bbc5b23e906d86ddea67dImage and Video Script suffers from a remote SQL injection vulnerability.
1b64c204583ea81c472ebbb10f7e6984241bc28acfe485da3e715e407ea38d00Social News and Bookmarking Script suffers from a remote SQL injection vulnerability.
cc46dbc8d7b19495bb9ff65ca31e4c6f3ba34113f5364621b4a1d0adfb823b96Alps Touchpad Driver version 8.2206.1717.143 suffers from an unquoted service path privilege escalation vulnerability.
558f8855039f5641694ec9903cb121e77ffbe360bbeda9b332dd0ef873962c92Viral Image Sharing Script suffers from a remote SQL injection vulnerability.
aa729a40ff33bec75f29eeccc7f9e9ba4ec34ce25869d6132555650ae2e6bb04HP Hotkey Support Service version 6.2.17.1 suffers from an unquoted service path privilege escalation vulnerability.
dc7d2fd0c62a3d7bb3e72e23da04c7f78b145983528d500e6664d85e637e45f5Vine VideoSite Creator Script suffers from a remote SQL injection vulnerability.
e3374876a05cd3b1422b8203ef5829e3606f483d693eb9a3328d53e9e22fc9eeJob Vacancy Script suffers from a remote SQL injection vulnerability.
df9384eb8420a981614b0cc0d43b3246c2788707a2399647aa345ea20d25d095Home of Viral Images, Videos and Articles Script suffers from a remote SQL injection vulnerability.
c1eb7aca7eeeed3d566aa90d151f7de11a35291e7c3b8b2d846e266286e93b84
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed