exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2017-09-26

WordPress Apartment Management System SQL Injection
Posted Sep 26, 2017
Authored by Ihsan Sencan

WordPress Apartment Management System extension suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 002a3736f35165f27d436158d977314b06faa829c566c2756ff55f4fee8ccbd6
Fibaro Home Center 2 Remote Command Execution
Posted Sep 26, 2017
Authored by forsec

Fibaro Home Center 2 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 11548002a8f3c0fd1ddc06f983086682510f784d6894bcba3fc8b83307255164
WordPress Hospital Management System SQL Injection
Posted Sep 26, 2017
Authored by Ihsan Sencan

WordPress Hospital Management System extension suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 40ead3ade91d7b615cce1d3227bd3c3f2d4c2bc405783359380f4cd69e3108d8
WordPress School Management System SQL Injection
Posted Sep 26, 2017
Authored by Ihsan Sencan

WordPress School Management System extension suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e817b43e8ca7655a2629e011082235e6601d28c409eba2796ca264fb95cca9c8
WordPress Gym Management System SQL Injection
Posted Sep 26, 2017
Authored by Ihsan Sencan

WordPress Gym Management System extension suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 052d648adb46fd7ba11ffd9d1a782e432d4de85708492539e0ec408c2bf20df1
Microsoft Security Bulletin CVE Revision Increment For September, 2017
Posted Sep 26, 2017
Site microsoft.com

This Microsoft bulletin summary lists a CVE that has undergone a major revision increment.

tags | advisory
advisories | CVE-2017-8628
SHA-256 | e281f889a7a07b745c1b41488515c3f3c2cd6505cb30f5abdb08ebf86166cbf7
Red Hat Security Advisory 2017-2810-01
Posted Sep 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2810-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2014-9970, CVE-2015-6644, CVE-2017-2582, CVE-2017-5645, CVE-2017-7536
SHA-256 | 188d12c115cdf70acf53a8c6c015857d0f7f729f6e285cf3d06172bf9b1241d9
Red Hat Security Advisory 2017-2800-01
Posted Sep 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2800-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2017-1000253
SHA-256 | d8a9d0afd413fd3cff47b4b91f265b4ff434e1f1031486cfd195ab8aa5e4cf4d
Gentoo Linux Security Advisory 201709-26
Posted Sep 26, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201709-26 - A vulnerability in libsoup might allow remote attackers to execute arbitrary code. Versions less than 2.56.1 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2017-2885
SHA-256 | 90b31b9d9cea9f8cbe8007c69e4741b088a4bd68896e32121610f754014b02ca
Phrack - Attacking JavaScript Engines
Posted Sep 26, 2017
Authored by phrack, saelo

Phrack: Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622.

tags | javascript, magazine
advisories | CVE-2016-4622
SHA-256 | a2a651765bcc685814d2b564c3c669f0395802f26c4a1113472d38c2118c52fd
Red Hat Security Advisory 2017-2799-01
Posted Sep 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2799-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2017-1000253
SHA-256 | 6e410605a90e5ae5dac226f1c1596223ce521c47926efe91a44e62dae507a90f
HPE Security Bulletin HPESBGN03773 1
Posted Sep 26, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBGN03773 1 - A potential security vulnerability has been identified in Application Performance Management (BSM) Platform. The vulnerability could be remotely exploited to allow code execution. Revision 1 of this advisory.

tags | advisory, code execution
advisories | CVE-2017-14350
SHA-256 | e9c0d18cf651d50a4dee299bf48dc290afb61e9ac7f068fd772a3553a46b4e76
NodeJS Debugger Command Injection
Posted Sep 26, 2017
Authored by Patrick Thomas | Site metasploit.com

This Metasploit module uses the "evaluate" request type of the NodeJS V8 debugger protocol (version 1) to evaluate arbitrary JS and call out to other system commands. The port (default 5858) is not exposed non-locally in default configurations, but may be exposed either intentionally or via misconfiguration.

tags | exploit, arbitrary, protocol
SHA-256 | adadef46d17f23a8273875e47105d4c982677c671f4c6a529a53ced4c60f4c7a
Adobe Flash appleToRange Out-Of-Bounds Read
Posted Sep 26, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from an out-of-bounds read in applyToRange.

tags | exploit
advisories | CVE-2017-11282
SHA-256 | 5e0bd97867ee024b64d5b21e7b16d1b5b79eb64bc8157ffbfb7124ffb02f80c2
Adobe Flash MP4 Edge Processing Out-Of-Bounds Write
Posted Sep 26, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from an out-of-bounds write vulnerability in MP4 Edge Processing.

tags | exploit
advisories | CVE-2017-11281
SHA-256 | 6a0ec7b291326f89c01175887700ac01309acd9de42118c3db6c61b84cbe77fc
Adobe Flash MP4 Parsing Out-Of-Bounds Read
Posted Sep 26, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from an out-of-bounds memory read vulnerability in MP4 parsing.

tags | exploit
advisories | CVE-2017-11281
SHA-256 | f7d793f8cf0aa2a5d67b77d14544b392ce57bd7068e9f531d5568ffdd3041d83
Broadcom 802.11r (FT) Reassociation Response Overflows
Posted Sep 26, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from multiple overflow vulnerabilities when handling 802.11r (FT) Reassociation Response.

tags | advisory, overflow, vulnerability
advisories | CVE-2017-11121
SHA-256 | 4e4363e0afff7c0a8c3e6b53d804a1172c36d104c17e2a3b7c6eebe8edf51451
Broadcom 802.11k Neighbor Report Response Out-Of-Bounds Write
Posted Sep 26, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from an out-of-bounds write when handling 802.11k Neighbor Report Response.

tags | exploit
advisories | CVE-2017-11120
SHA-256 | 82fc971e12c2491131ffec544a1ec8c4c1c02697141d693f357d4951ceab15ce
Broadcom 802.11v WNM Sleep Mode Response Heap Overflow
Posted Sep 26, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from a heap overflow vulnerability when handling 802.11v WNM Sleep Mode Response.

tags | advisory, overflow
advisories | CVE-2017-7065
SHA-256 | bfafe6c08335222f164c3154a1ec33d8b038b473faa28bc94fc7946a6d0e9bba
CyberLink LabelPrint Buffer Overflow
Posted Sep 26, 2017
Authored by f3ci

CyberLink LabelPrint versions prior to 2.5 SEH unicode buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2017-14627
SHA-256 | 38a22e671f25d00ad5c85db271ec90594e8f7dfbb16305379d99e2185f8a26cd
JitBit Helpdesk 9.0.2 Broken Authentication
Posted Sep 26, 2017
Authored by Kc57

JitBit Helpdesk versions 9.0.2 and below suffer from a broken authentication vulnerability.

tags | exploit
SHA-256 | 5a8b981a7137a51ecb068371a6339f09239659eb8f9f9c8e7c532a66e9e3bc4b
Solarwinds LEM Insecure Update Process
Posted Sep 26, 2017
Authored by Hank Leininger

Software updates for Solarwinds products are packaged and delivered insecurely, leading to root compromise of Solarwinds devices.

tags | advisory, root
SHA-256 | 2a9df79c742962870c74939e16e4499331d3b9dcdf53b4c3fe83b8d82173b94e
Oracle 9i XDB 9.2.01 HTTP PASS Buffer Overflow
Posted Sep 26, 2017
Authored by Charles Dardaman

Oracle 9i XDB version 9.2.0.1 HTTP PASS buffer overflow exploit.

tags | exploit, web, overflow
advisories | CVE-2003-0727
SHA-256 | c3cbbb2ab10205e64ab02e00aa07202452c7cff903104fa689d7c7cb11d92a46
Disk Pulse Enterprise 10.0.12 GET Buffer Overflow
Posted Sep 26, 2017
Authored by sickness

Disk Pulse Enterprise version 10.0.12 GET buffer overflow SEH exploit.

tags | exploit, overflow
SHA-256 | 2ec52d52a2d7920391601670f498eac12a8d4246552fdb38dcfc0a43511bb00a
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close