exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 40 RSS Feed

Files Date: 2018-05-22

Slackware Security Advisory - Slackware 14.2 kernel Updates
Posted May 22, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix a regression in the getsockopt() function and to fix two denial-of-service security issues.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2018-1000004, CVE-2018-1092
SHA-256 | 1256fc37bd7798ca0038f9ea2c63351eac1f24df934e86d4c82697a7436ab1e3
Epic Games Launcher 7.9.4-4058369 Insecure File Permissions
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Epic Games Launcher version 7.9.4-4058369 suffers from an insecure file permissions vulnerability.

tags | exploit
SHA-256 | 35af3e355a869f4fe36fe821e7896477dc9771a67740fc68f1b82e8653dc2005
Epic Games Fortnite 4.2-CL-4072250 Insecure File Permissions
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Epic Games Fortnite version 4.2-CL-4072250 suffers from an insecure file permissions vulnerability.

tags | exploit
SHA-256 | 82e1a10d5236259fccb3a81757ea9d23ed75cd14df44d99e2f2baf0d3be46b8d
Procps-ng Audit Report
Posted May 22, 2018
Site qualys.com

Qualys performed an extensive audit of procps-ng. They discovered hundreds of bugs and vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2018-1120, CVE-2018-1121, CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-1125, CVE-2018-1126
SHA-256 | 6d895899f31fb860118c7f19ea72747036e5eb147127ca183af8defd7ed85eff
Feedy RSS News Ticker 2.0 SQL Injection
Posted May 22, 2018
Authored by Ozkan Mustafa Akkus

Feedy RSS News Ticker version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8cf08676d5ed7a336c93d2791ece1db513560228c9cf7ca4c053f947c622fc16
QNAP PhotoStation Cross Site Scripting
Posted May 22, 2018
Authored by SaeedReza Zamanian

QNAP PhotoStation versions prior to 5.x suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 52812aac543d17d1afa1a4789a77b9d3c4cef54c6a2c6e28c3dcb857dce53824
Debian Security Advisory 4207-1
Posted May 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4207-1 - Matthias Gerstner discovered that PackageKit, a DBus abstraction layer for simple software management tasks, contains an authentication bypass flaw allowing users without privileges to install local packages.

tags | advisory, local
systems | linux, debian
advisories | CVE-2018-1106
SHA-256 | 62b118d487e09c2247075e70088dbe07c6b76b4fde60cac976ef6049f72d6450
Debian Security Advisory 4208-1
Posted May 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4208-1 - The Qualys Research Labs discovered multiple vulnerabilities in procps, a set of command line and full screen utilities for browsing procfs.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-1125, CVE-2018-1126
SHA-256 | e68fd20d426ce3b9af8dba966514831f2fd6dce2e702836ab9c951452f1788a8
EasyService Billing 1.0 SQL Injection / Cross Site Scripting
Posted May 22, 2018
Authored by Ozkan Mustafa Akkus

EasyService Billing version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 5e0c599cdc7c6893419a5b4dbfa859bdc71d855ca1c7b03b2de1125a87f17fdc
FTPShell Server 6.80 Local Buffer Overflow
Posted May 22, 2018
Authored by Hashim Jawad

FTPShell Server version 6.80 local buffer overflow exploit with SafeSEH bypass.

tags | exploit, overflow, local
SHA-256 | 5a9b8d94cdc7bf869d728e88d88191c7eb6ff2150dccc21aad6fd4d4bc4fdc41
Teradek VidiU Pro 3.0.3 (snapshot.cgi) Stream Disclosure
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek VidiU Pro version 3.0.3 suffers from a stream disclosure vulnerability in snapshot.cgi.

tags | exploit, cgi
SHA-256 | 1ec16c77ff64530a16f5ee014a1d612f9f673ff0d860df47d7438147ddb9ecf5
Teradek Slice 7.3.15 (snapshot.cgi) Stream Disclosure
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek Slice version 7.3.15 suffers from a stream disclosure vulnerability in snapshot.cgi.

tags | exploit, cgi
SHA-256 | 526c66045fa6be523cc8edfa55dcf7233f85933c7c408e5105ac9f7a66500f44
Teradek T-RAX 7.3.2 (snapshot.cgi) Stream Disclosure
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek T-RAX version 7.3.2 suffers from a stream disclosure vulnerability in snapshot.cgi.

tags | exploit, cgi
SHA-256 | 69d8a2bfab670f5bce274a6f980f3cf8b6cd28a765740ec72516f1a6fc6cb370
PaulPrinting CMS Printing 1.0 SQL Injection
Posted May 22, 2018
Authored by Mehmet Onder Key

PaulPrinting CMS Printing version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 42d1956fe499cfd87e3740f5b19397ac6574a273c8af4f314072356c9180a777
Siemens SIMATIC S7-1200 CPU Cross Site Scripting
Posted May 22, 2018
Authored by Jameel Nabbo, t4rkd3vilz

Siemens SIMATIC S7-1200 CPU suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-2908
SHA-256 | 1702461e2f3509bc3cc061c3ff42fe5455c97f574a8755c76dd490aab176cbbf
Teradek Slice 7.3.15 Change Password Cross Site Request Forgery
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek Slice version 7.3.15 suffers from a password changing cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 9fe24e1a2cc0e89eb5a248f50e361796e26513a7c452b93aaa4937d78c971e0d
Teradek Cube 7.3.6 Change Password Cross Site Request Forgery
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek Cube version 7.3.6 suffers from a password changing cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 78335d35d86d8f1850259a01ed658fd8b03cc60b1814ca7a7fd3138c40564a2e
NewsBee CMS 1.4 SQL Injection
Posted May 22, 2018
Authored by Ozkan Mustafa Akkus

NewsBee CMS version 1.4 suffers from a remote SQL injection vulnerability in home-text-edit.php.

tags | exploit, remote, php, sql injection
SHA-256 | c4158a46d7fd0b3c6941b48e20cb79c818fbcd34a48b3a0b38b600c4e1c094aa
Teradek Cube 7.3.6 (snapshot.cgi) Stream Disclosure
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek Cube version 7.3.6 suffers from a stream disclosure vulnerability in snapshot.cgi.

tags | exploit, cgi
SHA-256 | 88954f646ded8b7e83029b9f42aae86899a385a53ce2d403178347c0cae7ba17
ERPnext 11.x.x Cross Site Scripting
Posted May 22, 2018
Authored by Veerababu Penugonda

ERPnext version 11.x.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-11339
SHA-256 | 1404a458e609e9aabc984ca6b4e14dcef6d973f1faa805f617a0c6cd220e7621
Siemens SIMATIC S7-1200 CPU Cross Site Request Forgery
Posted May 22, 2018
Authored by Jameel Nabbo, t4rkd3vilz

Siemens SIMATIC S7-1200 suffers from a CPU functionality related cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-5698
SHA-256 | 8c2e5fb98b7508c36b55a7b3e06dc592c881362ae41570c7b65c00ae8e74bb36
Nordex N149/4.0-4.5 Wind Turbine Web Server SQL Injection
Posted May 22, 2018
Authored by t4rkd3vilz

Nordex N149/4.0-4.5 Wind Turbine Web Server suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 3ed62c4798ef52c9e786e8bf7c7d8bad6f15ef2f24c371b9f9ba0773331447c9
AF_PACKET chocobo_root Privilege Escalation
Posted May 22, 2018
Authored by rebel, Brendan Coles | Site metasploit.com

This Metasploit module exploits a race condition and use-after-free in the packet_set_ring function in net/packet/af_packet.c (AF_PACKET) in the Linux kernel to execute code as root (CVE-2016-8655). The bug was initially introduced in 2011 and patched in 2016 in version 4.4.0-53.74, potentially affecting a large number of kernels; however this exploit targets only systems using Ubuntu (Trusty / Xenial) kernels 4.4.0 < 4.4.0-53, including Linux distros based on Ubuntu, such as Linux Mint. The target system must have unprivileged user namespaces enabled and two or more CPU cores. Bypasses for SMEP, SMAP and KASLR are included. Failed exploitation may crash the kernel. This Metasploit module has been tested successfully on Linux Mint 17.3 (x86_64); Linux Mint 18 (x86_64); and Ubuntu 16.04.2 (x86_64) with kernel versions 4.4.0-45-generic and 4.4.0-51-generic.

tags | exploit, kernel, root
systems | linux, ubuntu
advisories | CVE-2016-8655
SHA-256 | 2c972042e97ba752bad7ba25468c594d74162a227ca514649eb33c75bf60c5e6
ILIAS 5.3.2 / 5.2.14 / 5.1.25 Cross Site Scripting
Posted May 22, 2018
Authored by Moritz Bechler | Site syss.de

ILIAS versions 5.3.2, 5.2.14, and 5.1.25 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-10428
SHA-256 | 2aac0222aebf2e7413630a3b07065dedd067ddc45d6a86a9fc12a1676428cf5d
Red Hat Security Advisory 2018-1630-01
Posted May 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1630-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-3639
SHA-256 | 7e70f12e450e11a411755e67c7bdc3b92d6061f604dfc7dec95f44ae514ce60e
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close