what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-10-03

Joomla! Jimtawl 2.2.7 SQL Injection
Posted Oct 3, 2018
Authored by Ihsan Sencan

Joomla! Jimtawl component version 2.2.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d3b79f7c964061c092b60bca81183ea7bc3f07c456c3a397863c6a1c6b13934b
Zechat 1.5 SQL Injection
Posted Oct 3, 2018
Authored by Ihsan Sencan

Zechat version 1.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 84ff6edd4775e29a81b52adbe6edbf25cc7991a3b52797218ac9ee6be0e8c8a3
Red Hat Security Advisory 2018-2868-01
Posted Oct 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2868-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.0 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 5.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include an information leakage vulnerability.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2018-8037
SHA-256 | 7eced1675dc2c952087fc4da02268030fbf94529eba0329937238f9258fefbf9
Red Hat Security Advisory 2018-2867-01
Posted Oct 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2867-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.0 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 5.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include an information leakage vulnerability.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2018-8037
SHA-256 | 1e53207eeb1e3abad71a75447a461b5ee7e4f22670d2d0fefe5f247a0f39bd8d
Ubuntu Security Notice USN-3782-1
Posted Oct 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3782-1 - Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-12085, CVE-2018-17294
SHA-256 | 487abc1a3964d03e149224612c3eaf988c06aa29e13e9a9a28d7bb89115f3eab
Ubuntu Security Notice USN-3781-1
Posted Oct 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3781-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2018-4191, CVE-2018-4209, CVE-2018-4299, CVE-2018-4312, CVE-2018-4317, CVE-2018-4328
SHA-256 | bd154b90a5e93b10a5e86d5ecf677bbf8c984f82ba9cc98a735d91d58039a8c9
Slackware Security Advisory - mozilla-firefox Updates
Posted Oct 3, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-12387
SHA-256 | e409996a93b56a3beccbb769cb31201dc29fd079c498e1cb926597616d9195b0
SQLMAP - Automatic SQL Injection Tool 1.2.10
Posted Oct 3, 2018
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | 7e3a6c3843ecdd95a2d3a6bf4d863e432ed043909ed5c3db2dddf21e2a47c47b
Collaboration Compliance And Quality Management Platform 9.1.1.5482 Improper Access Control
Posted Oct 3, 2018
Authored by Tobias Huppertz | Site syss.de

Collaboration Compliance and Quality Management Platform versions 9.1.1.5482 and below suffer from an improper access control vulnerability.

tags | exploit
advisories | CVE-2018-17872
SHA-256 | 750eb164ea45b8c746c98b5354c209f19dd64366c1af8fd09c78c20f8081542f
Collaboration Compliance And Quality Management Platform 9.1.1.5482 Disclosure
Posted Oct 3, 2018
Authored by Tobias Huppertz | Site syss.de

Collaboration Compliance and Quality Management Platform versions 9.1.1.5482 and below suffer from a password disclosure vulnerability.

tags | exploit
advisories | CVE-2018-17871
SHA-256 | 0018ec5778d402f160a3a47a794d2be0f3045f1ad2e4f4fdefd4292239008402
PTC ThingWorx Password Disclosure / Cross Site Scripting
Posted Oct 3, 2018
Authored by M. Tomaselli | Site sec-consult.com

PTC ThingWorx suffers from cross site scripting and password disclosure vulnerabilities. Versions affected include 6.5 through 7.4, 8.0.x, 8.1.x, and 8.2.x.

tags | advisory, vulnerability, xss
advisories | CVE-2018-17216, CVE-2018-17217, CVE-2018-17218
SHA-256 | 317f2e2b6aaec261a18c273b5fe9dec4ba8d2ee4aba58d901e630188c8d8b97f
nullcon Goa 2019 Call For Papers
Posted Oct 3, 2018
Site nullcon.net

The Call For Papers for nullcon Goa 2019 is now open. Nullcon is an annual Information Security Conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place March 1st through the 2nd, 2019 in Goa, India.

tags | paper, conference
SHA-256 | 18fccbc17caa3e4bb0fd09b38388099b7be8ce3e500f75211479c70804f68d88
OPAC EasyWeb Five 5.7 nome SQL Injection
Posted Oct 3, 2018
Authored by Ihsan Sencan

OPAC EasyWeb Five version 5.7 suffers from a remote SQL injection vulnerability in the nome input.

tags | exploit, remote, sql injection
SHA-256 | d6c97a8f4e0a187395b2b5775240550e6f0253aeef582723813d671c9002ec61
Coaster CMS 5.5.0 Cross Site Scripting
Posted Oct 3, 2018
Authored by Ismail Tasdelen

Coaster CMS version 5.5.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-17876
SHA-256 | 0849b869bee82b63fddc5c4a779ba641150604c464edc36529ef46abcd7e08b3
OPAC EasyWeb Five 5.7 biblio SQL Injection
Posted Oct 3, 2018
Authored by Dino Barlattani

OPAC EasyWeb Five version 5.7 suffers from a remote SQL injection vulnerability in the biblio input.

tags | exploit, remote, sql injection
SHA-256 | 06a064fa6626f63fa9d75e10581ee339fde2278790ee80a59e18cade8135cceb
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close