Twenty Year Anniversary
Showing 1 - 18 of 18 RSS Feed

Files Date: 2018-01-26

WordPress Splashing Images 2.1 Cross Site Scripting / PHP Object Injection
Posted Jan 26, 2018
Authored by Nicolas Buzy-Debat

WordPress Splashing Images plugin version 2.1 suffers from PHP object injection and cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
advisories | CVE-2018-6194, CVE-2018-6195
MD5 | 2074b9733bf382d13829e0d172ba5646
Gentoo Linux Security Advisory 201801-19
Posted Jan 26, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-19 - Multiple vulnerabilities have been found in ClamAV, the worst of which may allow execution of arbitrary code. Versions less than 0.99.3 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377, CVE-2017-12378, CVE-2017-12379, CVE-2017-12380
MD5 | cdc5df01b180d66f4c94289a819650cb
Sophos Web Gateway 4.4.1 Cross Site Scripting
Posted Jan 26, 2018
Authored by Matthew Bergin | Site korelogic.com

Sophos Web Gateway version 4.4.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | 45f65498ed379818369f240076c5d2c3
BMC Track-It! 11.4 Code Execution / Information Disclosure
Posted Jan 26, 2018
Authored by Pedro Ribeiro

BMC Track-It! version 11.4 suffers from remote code execution and credential disclosure vulnerabilities.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2016-6598, CVE-2016-6599
MD5 | d6507459a64e274eb19ea9d09ebbf627
Dodocool DC38 N300 Cross Site Request Forgery
Posted Jan 26, 2018
Authored by Raffaele Sabato

Dodocool DC38 N300 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-5720
MD5 | 524927f3c926884a4b4f0446ec0c92de
Asus Router Cross Site Script / Authentication Bypass
Posted Jan 26, 2018
Authored by 4TT4CK3R

ASUS router DSL-RT-N13 suffers from an authentication bypass vulnerability. ASUS router DSL-N14U B1 suffers from a cross site scripting vulnerability.

tags | exploit, xss, bypass
MD5 | 2fc150447dc4b5a9529e54a5dc2c5bf9
VMware Security Advisory 2018-0006
Posted Jan 26, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0006 - vRealize Automation, vSphere Integrated Containers, and AirWatch Console updates address multiple security vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2017-4947, CVE-2017-4951
MD5 | fc8c1b25fe9f0e80e4bc7769eee0ffe6
Ubuntu Security Notice USN-3548-2
Posted Jan 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3548-2 - USN-3548-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jay Vosburgh discovered a logic error in the x86-64 syscall entry implementation in the Linux kernel, introduced as part of the mitigations for the Spectre vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, x86, kernel, local, vulnerability
systems | linux, ubuntu
MD5 | 0d470581592ec8daa7fabea36ed96c69
Ubuntu Security Notice USN-3548-1
Posted Jan 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3548-1 - Jay Vosburgh discovered a logic error in the x86-64 syscall entry implementation in the Linux kernel, introduced as part of the mitigations for the Spectre vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux, ubuntu
MD5 | 98e4af140782a4a6f1256006225407f0
WordPress Good LMS SQL Injection
Posted Jan 26, 2018
Authored by Esecurity.ir

WordPress Good LMS Learning Management System plugin suffers from a remote SQL Injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4b544c61613e2cdcaef2eb945ad88037
Microsoft Security Bulletin Updates For January, 2018
Posted Jan 26, 2018
Site microsoft.com

This Microsoft bulletin summary holds CVE revision updates for CVE-2018-0764.

tags | advisory
advisories | CVE-2018-0764
MD5 | 5527c1da4e53dee2dcde539e88a7c34c
BMC BladeLogic 8.3.00.64 Remote Command Execution
Posted Jan 26, 2018
Authored by Paul Taylor

BMC BladeLogic version 8.3.00.64 suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2016-1542, CVE-2016-1543
MD5 | ea127d0bd05261df457df3bc13d2ee7e
LiveCRM SaaS Cloud 1.0 Cross Site Scripting
Posted Jan 26, 2018
Authored by indoushka

LiveCRM SaaS Cloud version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1463511629c9277f38bf3764d3a15d45
Packet Fence 7.4.0
Posted Jan 26, 2018
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: New database access layer (DAL) for upcoming multi-tenancy support. New portal module to permanently set roles. Added portal module for selecting a role for the device being registered on the portal. Various other updates and enhancements.
tags | tool, remote
systems | unix
MD5 | d365a869a5195892e7e2423efd773e46
Clam AntiVirus Toolkit 0.99.3
Posted Jan 26, 2018
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Security patch release.
tags | tool, virus
systems | unix
MD5 | 5272f127312e987b3e10c155cf1d84df
WebKitGTK+ Memory Corruption / Spoofing / Code Execution
Posted Jan 26, 2018
Authored by WebKitGTK+ Team

WebKitGTK+ versions 2.18.x suffer from various memory corruption, user interface spoofing, and code execution vulnerabilities.

tags | advisory, spoof, vulnerability, code execution
advisories | CVE-2017-13884, CVE-2017-13885, CVE-2017-7153, CVE-2017-7160, CVE-2017-7161, CVE-2017-7165, CVE-2018-4088, CVE-2018-4089, CVE-2018-4096
MD5 | 56c7ac8a62544bdad2da9c56c5aff379
AsusWRT Router Remote Code Execution
Posted Jan 26, 2018
Authored by Pedro Ribeiro

AsusWRT Router versions prior to 3.0.0.4.380.7743 suffer from an unauthenticated LAN remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-5999, CVE-2018-6000
MD5 | 76e861a72a3ce836f6c0b5f6dc36b004
Exodus Wallet (ElectronJS Framework) Remote Code Execution
Posted Jan 26, 2018
Authored by Wflki

Exodus Wallet (ElectronJS Framework) suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-1000006
MD5 | b982f016d2e962c8afe4d2c5d3b8ef58
Page 1 of 1
Back1Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    15 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close