Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-05-18

Microsoft Security Bulletin CVE Revision Increment For May, 2018
Posted May 18, 2018
Site microsoft.com

This Microsoft bulletin summary holds CVE revision updates for CVE-2018-0886.

tags | advisory
advisories | CVE-2018-0886
MD5 | a2edca28de55f1a3095dfe1ebe5e6e57
Healwire Online Pharmacy 3.0 Cross Site Request Forgery / Cross Site Scripting
Posted May 18, 2018
Authored by Borna Nematzadeh

Healwire Online Pharmacy version 3.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 9196695291014c0d67db9bdd80d678ff
HPE iMC 7.3 Remote Code Execution
Posted May 18, 2018
Authored by mr_me, trendytofu | Site metasploit.com

This Metasploit module exploits an expression language injection vulnerability, along with an authentication bypass vulnerability in Hewlett Packard Enterprise Intelligent Management Center before version 7.3 E0504P04 to achieve remote code execution. The HP iMC server suffers from multiple vulnerabilities allows unauthenticated attacker to execute arbitrary Expression Language via the beanName parameter, allowing execution of arbitrary operating system commands as SYSTEM. This service listens on TCP port 8080 and 8443 by default. This Metasploit module has been tested successfully on iMC PLAT v7.3(E0504P02) on Windows 2k12r2 x64 (EN).

tags | exploit, remote, arbitrary, tcp, vulnerability, code execution, bypass
systems | windows
advisories | CVE-2017-12500, CVE-2017-8982
MD5 | 409c199dae62513789f6016cba7903bd
SAP B2B / B2C CRM Local File Inclusion
Posted May 18, 2018
Authored by Richard Alviarez

SAP B2B / B2C CRM versions 2.x up to 4.x suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | d9253407b7b389816488abe6d1a1e481
DynoRoot DHCP Command Injection
Posted May 18, 2018
Authored by Kevin Kirsche

DynoRoot DHCP suffers from a client command injection vulnerability.

tags | exploit
advisories | CVE-2018-1111
MD5 | 2e8a721a5d5bb1c6f66a40274aea5ae1
Infinity Market Classified Ads Script 1.6.2 Cross Site Request Forgery
Posted May 18, 2018
Authored by Borna Nematzadeh

Infinity Market Classified Ads Script version 1.6.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | bd90cdb52547245a61c4cbdb0d6e87ee
Prime95 29.4b8 Stack Buffer Overflow
Posted May 18, 2018
Authored by crash_manucoot

Prime95 version 29.4b8 SEH buffer overflow exploit.

tags | exploit, overflow
MD5 | f8f20d97ff558024599a9ee8ee40f52e
Cisco SA520W Security Appliance Path Traversal
Posted May 18, 2018
Authored by Nassim Asrir

Cisco SA520W Security Appliance suffers from a path traversal vulnerability.

tags | exploit, file inclusion
systems | cisco
MD5 | d8f45b8bfc45f6a23ec142f301ed9a58
Siemens SIMATIC Panels Cross Site Request Forgery / Cross Site Scripting
Posted May 18, 2018
Authored by t4rkd3vilz

Multiple Siemens SIMATIC panels suffer from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 52fd7f7488e289fc4a42c19a2bd6d53b
Linux 4-Byte Information Leak
Posted May 18, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from a 4-byte information leak via an uninitialized struct field in the compat adjtimex syscall.

tags | exploit
systems | linux
MD5 | 3e22473d4edff1e68082884c6f7a235b
Microsoft Edge Chakra JIT Bounce Check Elimination Bug
Posted May 18, 2018
Authored by Google Security Research, lokihardt

Chakra uses the InvariantBlockBackwardIterator class to backpropagate the information about the hoisted bound checks. But the class follows the linked list instead of the control flow. This may lead to incorrectly remove the bound checks.

tags | exploit
advisories | CVE-2018-0980
MD5 | 09442d487262053ca44c67ade9eacecb
MagniComp SysInfo Information Exposure
Posted May 18, 2018
Authored by Harry Sintonen

MagniComp SysInfo contains an information exposure vulnerability through debug functionality.

tags | advisory
advisories | CVE-2018-7268
MD5 | 3224c8cead424f2b911c426520c8d444
Debian Security Advisory 4203-1
Posted May 18, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4203-1 - Hans Jerry Illikainen discovered a type conversion vulnerability in the MP4 demuxer of the VLC media player, which could result in the execution of arbitrary code if a malformed media file is played.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2017-17670
MD5 | 1a4526c34c11cb35227ed75e27ac929f
SAP NetWeaver Web Dynpro Information Disclosure
Posted May 18, 2018
Authored by Richard Alviarez

SAP NetWeaver Web Dynpro versions 6.4 up to 7.5 suffer from an information disclosure vulnerability.

tags | exploit, web, info disclosure
MD5 | 8067c3689144753ad6dd851439ba0e9f
Monstra CMS Cross Site Scripting
Posted May 18, 2018
Authored by Berk Dusunur

Monstra CMS versions prior to 3.0.4 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1f1f0e7cdd0eff105e7fcaf27d217cef
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close