Twenty Year Anniversary
Showing 1 - 19 of 19 RSS Feed

Files Date: 2018-08-06

cgit cgit_clone_objects() Directory Traversal
Posted Aug 6, 2018
Authored by Jann Horn, Google Security Research

cgit suffers from a directory traversal vulnerability in cgit_clone_objects().

tags | exploit
advisories | CVE-2018-14912
MD5 | f306e9c0fb056a4bc0fe47e73bb69b90
Ubuntu Security Notice USN-3731-1
Posted Aug 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3731-1 - It was discovered that LFTP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-10196
MD5 | a8de898a21fc0c7256fa96e9770dcf1b
OCS Inventory NG Webconsole Shell Upload
Posted Aug 6, 2018
Authored by Simon Uvarov

OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.

tags | exploit, php, file upload
advisories | CVE-2018-14857
MD5 | f671f8d4d1775a87dfdb4e245c86573a
Open-AudIT Community 2.2.6 Cross Site Scripting
Posted Aug 6, 2018
Authored by Ranjeet Jaiswal

Open-AudIT Community version 2.2.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-14493
MD5 | b63b5e92b84bb9d132ea06a01ab61ab9
Dell EMC Data Protection Advisor XML Injection
Posted Aug 6, 2018
Site emc.com

Dell EMC Data Protection Advisor, versions 6.4 through 6.5, contains a XML External Entity (XXE) Injection vulnerability in the REST API. An authenticated remote malicious user could potentially exploit this vulnerability to read certain system files in the server or cause denial of service by supplying specially crafted Document Type Definitions (DTDs) in an XML request.

tags | advisory, remote, denial of service
advisories | CVE-2018-11048
MD5 | 66b403365b7c8ab139a4ef411025c4a5
Ubuntu Security Notice USN-3730-1
Posted Aug 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3730-1 - Matthias Gerstner discovered that LXC incorrectly handled the lxc-user-nic utility. A local attacker could possibly use this issue to open arbitrary files.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2018-6556
MD5 | 2d49f90b6beba33820201e89a4784c25
Ubuntu Security Notice USN-3729-1
Posted Aug 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3729-1 - It was discovered that libxcursor incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-9262
MD5 | fc34494033b154bb7345e72a057068be
Debian Security Advisory 4262-1
Posted Aug 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4262-1 - Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to open redirects, cross-site request forgery, information disclosure, session fixation or denial of service.

tags | advisory, denial of service, php, vulnerability, info disclosure, csrf
systems | linux, debian
advisories | CVE-2016-2403, CVE-2017-1665, CVE-2017-16653, CVE-2017-16654, CVE-2017-16790, CVE-2018-11385, CVE-2018-11386, CVE-2018-11406
MD5 | 9d90561cb123024abe81fc4647a6aff3
Debian Security Advisory 4265-1
Posted Aug 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4265-1 - It was discovered that the Apache XML Security for C++ library performed insufficient validation of KeyInfo hints, which could result in denial of service via NULL pointer dereferences when processing malformed XML data.

tags | advisory, denial of service
systems | linux, debian
MD5 | 9a90cf56b98b557428b1e5bc125b86d7
CA API Developer Portal Cross Site Scripting
Posted Aug 6, 2018
Authored by Kevin Kotas, Joe Schottman | Site www3.ca.com

CA Technologies Support is alerting customers to a potential risk with CA API Developer Portal. A medium risk vulnerability exists that can allow a remote attacker to conduct reflected cross-site scripting attacks. CA published solutions to address the vulnerability. The vulnerability occurs due to insufficient parameter filtering in the web user interface, which can allow a remote attacker to launch reflected cross-site scripting attacks.

tags | advisory, remote, web, xss
advisories | CVE-2018-6590
MD5 | add512fadcb03afec9eee769e4fca170
Monstra-Dev 3.0.4 Cross Site Scripting
Posted Aug 6, 2018
Authored by Nainsi Gupta

Monstra-Dev version 3.0.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-14922
MD5 | 5cf1b08ab4a7ae57501a50979d3b4c69
LAMS Cross Site Scripting
Posted Aug 6, 2018
Authored by Nikola Kojic

LAMS versions prior to 3.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-12090
MD5 | 4eaa85a9f7a0b6c2c6614980c04bd123
Microsoft Windows SCF File Feature Bypass
Posted Aug 6, 2018
Authored by Eduardo Braun Prado

Microsoft Windows suffers from an SCF open file security warning feature bypass vulnerability.

tags | exploit, bypass
systems | windows
MD5 | 6040e3240487f072def3a3791d8f65ff
onArcade 2.4.2 Cross Site Request Forgery
Posted Aug 6, 2018
Authored by r3m0t3nu11

onArcade version 2.4.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 06113009e88c7cad440b44cdd9e6ccdf
SMPlayer 18.6.0 DLL Hijacking
Posted Aug 6, 2018
Authored by ZwX

SMPlayer version 18.6.0 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | c560ece532c95ec9632fd2dcbade1e00
CMS ISWEB 3.5.3 Directory Traversal
Posted Aug 6, 2018
Authored by Thiago Sena

CMS ISWEB version 3.5.3 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2018-14957
MD5 | e02958b7f06d8396e3b3e92505add5c1
Rufus 3.0 / 3.1 Privilege Escalation
Posted Aug 6, 2018
Authored by Stefan Kanthak

Rufus versions 3.0 and 3.1 suffers from dll hijacking vulnerabilities.

tags | exploit, vulnerability
MD5 | 126457333255fc195b632df825af6a15
Sidify Music Converter 1.2.9 DLL Hijacking
Posted Aug 6, 2018
Authored by ZwX

Sidify Music Converter version 1.2.9 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | bbebec39f6f30063c8482128511ef045
Subrion CMS 4.2.1 Cross Site Scripting
Posted Aug 6, 2018
Authored by Zeel Chavda

Subrion CMS version 4.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-14840
MD5 | 41f6708e0d077e07be42e73e137134e5
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    9 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close