what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2018-01-03

Wapiti Web Application Vulnerability Scanner 3.0.0
Posted Jan 3, 2018
Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Ported to Python3. Added --list-modules and --resume-crawl options. Persister rewritten to use sqlite3 databases (for session management). Many other additions, updates, and improvements.
tags | tool, web, scanner, vulnerability
systems | unix
MD5 | 011ea6c1e9be485704224f719397d198
Joomla Advertisement Board Classifieds 3.2.0 Shell Upload
Posted Jan 3, 2018
Authored by Bilal Kardadou

Joomla Advertisement Board Classifieds extension version 3.2.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 5566dbf7ceb43e0efc8de705db6f1e52
Froxlor 0.9.37 HTML Injection
Posted Jan 3, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Froxlor version 0.9.37 suffers from an html injection vulnerability.

tags | exploit
MD5 | 98db6fb9a97c1f47d6516d13ba25a380
Atlassian Bamboo Code Execution / Argument Injection
Posted Jan 3, 2018
Authored by Atlassian

Atlassian Bamboo versions prior to 6.1.6 and 6.2.0 through 6.2.5 suffer from code execution and argument injection vulnerabilities.

tags | advisory, vulnerability, code execution
advisories | CVE-2017-14589, CVE-2017-14590
MD5 | 146a1874f481e9313c0913a2206b4eb4
EMC xPression 4.5SP1 Patch 13 SQL Injection
Posted Jan 3, 2018
Authored by Pawel Gocyla

EMC xPression version 4.5SP1 Patch 13 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-14960
MD5 | 848088a219c1ff22c596c32a3eac17fb
b2evolution CMS 6.8.10 PHP Code Execution
Posted Jan 3, 2018
Authored by Anti Rais

b2evolution CMS versions 6.6.0 through 6.8.10 suffer from a php code execution vulnerability.

tags | exploit, php, code execution
advisories | CVE-2017-1000423
MD5 | 2ca4c469ed9373d047c433e8983b7855
Red Hat Security Advisory 2018-0005-01
Posted Jan 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0005-01 - The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.9.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2017-12165, CVE-2017-12167, CVE-2017-12189, CVE-2017-12629, CVE-2017-7559, CVE-2017-7561
MD5 | aac8a37c771d15022754d85ed843305a
Red Hat Security Advisory 2018-0004-01
Posted Jan 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0004-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2017-12165, CVE-2017-12167, CVE-2017-12189, CVE-2017-12629, CVE-2017-7559, CVE-2017-7561
MD5 | 2ca6effdab3cd5decbed50e07509a63b
Red Hat Security Advisory 2018-0002-01
Posted Jan 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0002-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2017-12165, CVE-2017-12167, CVE-2017-12189, CVE-2017-12629, CVE-2017-7559, CVE-2017-7561
MD5 | 0894af1f635e49e7a3ce1d8a874115ef
Red Hat Security Advisory 2018-0003-01
Posted Jan 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0003-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2017-12165, CVE-2017-12167, CVE-2017-12189, CVE-2017-12629, CVE-2017-7559, CVE-2017-7561
MD5 | 0a5412e7af365baf178d6fd067479b13
Ubuntu Security Notice USN-3477-4
Posted Jan 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3477-4 - USN-3477-1 fixed vulnerabilities in Firefox. The update introduced a crash reporting issue where background tab crash reports were sent to Mozilla without user opt-in. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-7828, CVE-2017-7830, CVE-2017-7831, CVE-2017-7832, CVE-2017-7833, CVE-2017-7834, CVE-2017-7835, CVE-2017-7837, CVE-2017-7838, CVE-2017-7839, CVE-2017-7840, CVE-2017-7842
MD5 | 752ba5a2397fdce5c95ee5e6d29bb7de
WordPress Smart Google Code Inserter SQL Injection
Posted Jan 3, 2018
Authored by Benjamin Lim

WordPress Smart Google Code Inserter plugin versions prior to 3.5 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
advisories | CVE-2018-3810, CVE-2018-3811
MD5 | 87c0b3ef2f9392d5bb2525066eec4dc1
Joomla EXP Auto 4.2.3 SQL Injection
Posted Jan 3, 2018
Authored by Bilal Kardadou

Joomla EXP Auto extension version 4.2.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 53024eef2082d9ee0e7cebb6165631a2
Joomla RealEstateManager 4.2.0 SQL Injection
Posted Jan 3, 2018
Authored by Bilal Kardadou

Joomla RealEstateManager extension version 4.2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5c8066eaded80973d1e608671882abe2
Joomla VehicleManager 3.9.15 SQL Injection
Posted Jan 3, 2018
Authored by Bilal Kardadou

Joomla VehicleManager extension version 3.9.15 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | bb63e0e2208ec12bb296390ba31de4c2
Fortinet Installer Client 5.6 DLL Hijacking
Posted Jan 3, 2018
Authored by Souhardya Sardar, Rohit Bankoti

Fortinet Installer Client 5.6 for Windows PC suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | ad19e95dcf9ca5912fd831d8d424966d
Page 1 of 1
Back1Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    23 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close