exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-10-03

Joomla! Jimtawl 2.2.7 SQL Injection
Posted Oct 3, 2018
Authored by Ihsan Sencan

Joomla! Jimtawl component version 2.2.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b78ce044f19e73f69dd504328d9ba357
Zechat 1.5 SQL Injection
Posted Oct 3, 2018
Authored by Ihsan Sencan

Zechat version 1.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 25114efba66cf4bd278bad80483f2fe3
Red Hat Security Advisory 2018-2868-01
Posted Oct 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2868-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.0 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 5.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include an information leakage vulnerability.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2018-8037
MD5 | c7ef7eab42953ebab1c816b029115ddf
Red Hat Security Advisory 2018-2867-01
Posted Oct 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2867-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.0 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 5.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include an information leakage vulnerability.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2018-8037
MD5 | 4a60c4dfbc4ce4112d5fbd7c85c19701
Ubuntu Security Notice USN-3782-1
Posted Oct 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3782-1 - Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-12085, CVE-2018-17294
MD5 | 9a34ad0773c5d4ae726d218ab924dedd
Ubuntu Security Notice USN-3781-1
Posted Oct 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3781-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2018-4191, CVE-2018-4209, CVE-2018-4299, CVE-2018-4312, CVE-2018-4317, CVE-2018-4328
MD5 | b9204d5224fba5ea1f9e172cb10b6dda
Slackware Security Advisory - mozilla-firefox Updates
Posted Oct 3, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-12387
MD5 | 7f98aa721388c5dcd0fd1d76ab08d71a
SQLMAP - Automatic SQL Injection Tool 1.2.10
Posted Oct 3, 2018
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 55e5aa88807d9ea720edd95792a335a6
Collaboration Compliance And Quality Management Platform 9.1.1.5482 Improper Access Control
Posted Oct 3, 2018
Authored by Tobias Huppertz

Collaboration Compliance and Quality Management Platform versions 9.1.1.5482 and below suffer from an improper access control vulnerability.

tags | exploit
advisories | CVE-2018-17872
MD5 | b4997151293b1d4ea2c85bf071fdf146
Collaboration Compliance And Quality Management Platform 9.1.1.5482 Disclosure
Posted Oct 3, 2018
Authored by Tobias Huppertz

Collaboration Compliance and Quality Management Platform versions 9.1.1.5482 and below suffer from a password disclosure vulnerability.

tags | exploit
advisories | CVE-2018-17871
MD5 | 8c2c144527683a6ee8c113de96b6ad60
PTC ThingWorx Password Disclosure / Cross Site Scripting
Posted Oct 3, 2018
Authored by M. Tomaselli | Site sec-consult.com

PTC ThingWorx suffers from cross site scripting and password disclosure vulnerabilities. Versions affected include 6.5 through 7.4, 8.0.x, 8.1.x, and 8.2.x.

tags | advisory, vulnerability, xss
advisories | CVE-2018-17216, CVE-2018-17217, CVE-2018-17218
MD5 | cf3dfdaedc433d702cffb055aaf2357a
nullcon Goa 2019 Call For Papers
Posted Oct 3, 2018
Site nullcon.net

The Call For Papers for nullcon Goa 2019 is now open. Nullcon is an annual Information Security Conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place March 1st through the 2nd, 2019 in Goa, India.

tags | paper, conference
MD5 | cc5b4ca9c7e13666c4265f48f28a65eb
OPAC EasyWeb Five 5.7 nome SQL Injection
Posted Oct 3, 2018
Authored by Ihsan Sencan

OPAC EasyWeb Five version 5.7 suffers from a remote SQL injection vulnerability in the nome input.

tags | exploit, remote, sql injection
MD5 | 59930364faec2d28d7fac489d53dc43d
Coaster CMS 5.5.0 Cross Site Scripting
Posted Oct 3, 2018
Authored by Ismail Tasdelen

Coaster CMS version 5.5.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-17876
MD5 | 14daa87959cbcc25a19b464f0b4a9c33
OPAC EasyWeb Five 5.7 biblio SQL Injection
Posted Oct 3, 2018
Authored by Dino Barlattani

OPAC EasyWeb Five version 5.7 suffers from a remote SQL injection vulnerability in the biblio input.

tags | exploit, remote, sql injection
MD5 | cf789e7de0548ecc95ec6719a74447dd
Page 1 of 1
Back1Next

File Archive:

January 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    15 Files
  • 2
    Jan 2nd
    15 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    1 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    24 Files
  • 8
    Jan 8th
    15 Files
  • 9
    Jan 9th
    16 Files
  • 10
    Jan 10th
    23 Files
  • 11
    Jan 11th
    17 Files
  • 12
    Jan 12th
    3 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    33 Files
  • 16
    Jan 16th
    23 Files
  • 17
    Jan 17th
    29 Files
  • 18
    Jan 18th
    15 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close