what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-10-03

Joomla! Jimtawl 2.2.7 SQL Injection
Posted Oct 3, 2018
Authored by Ihsan Sencan

Joomla! Jimtawl component version 2.2.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d3b79f7c964061c092b60bca81183ea7bc3f07c456c3a397863c6a1c6b13934b
Zechat 1.5 SQL Injection
Posted Oct 3, 2018
Authored by Ihsan Sencan

Zechat version 1.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 84ff6edd4775e29a81b52adbe6edbf25cc7991a3b52797218ac9ee6be0e8c8a3
Red Hat Security Advisory 2018-2868-01
Posted Oct 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2868-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.0 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 5.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include an information leakage vulnerability.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2018-8037
SHA-256 | 7eced1675dc2c952087fc4da02268030fbf94529eba0329937238f9258fefbf9
Red Hat Security Advisory 2018-2867-01
Posted Oct 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2867-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.0 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 5.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include an information leakage vulnerability.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2018-8037
SHA-256 | 1e53207eeb1e3abad71a75447a461b5ee7e4f22670d2d0fefe5f247a0f39bd8d
Ubuntu Security Notice USN-3782-1
Posted Oct 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3782-1 - Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-12085, CVE-2018-17294
SHA-256 | 487abc1a3964d03e149224612c3eaf988c06aa29e13e9a9a28d7bb89115f3eab
Ubuntu Security Notice USN-3781-1
Posted Oct 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3781-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2018-4191, CVE-2018-4209, CVE-2018-4299, CVE-2018-4312, CVE-2018-4317, CVE-2018-4328
SHA-256 | bd154b90a5e93b10a5e86d5ecf677bbf8c984f82ba9cc98a735d91d58039a8c9
Slackware Security Advisory - mozilla-firefox Updates
Posted Oct 3, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-12387
SHA-256 | e409996a93b56a3beccbb769cb31201dc29fd079c498e1cb926597616d9195b0
SQLMAP - Automatic SQL Injection Tool 1.2.10
Posted Oct 3, 2018
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | 7e3a6c3843ecdd95a2d3a6bf4d863e432ed043909ed5c3db2dddf21e2a47c47b
Collaboration Compliance And Quality Management Platform 9.1.1.5482 Improper Access Control
Posted Oct 3, 2018
Authored by Tobias Huppertz | Site syss.de

Collaboration Compliance and Quality Management Platform versions 9.1.1.5482 and below suffer from an improper access control vulnerability.

tags | exploit
advisories | CVE-2018-17872
SHA-256 | 750eb164ea45b8c746c98b5354c209f19dd64366c1af8fd09c78c20f8081542f
Collaboration Compliance And Quality Management Platform 9.1.1.5482 Disclosure
Posted Oct 3, 2018
Authored by Tobias Huppertz | Site syss.de

Collaboration Compliance and Quality Management Platform versions 9.1.1.5482 and below suffer from a password disclosure vulnerability.

tags | exploit
advisories | CVE-2018-17871
SHA-256 | 0018ec5778d402f160a3a47a794d2be0f3045f1ad2e4f4fdefd4292239008402
PTC ThingWorx Password Disclosure / Cross Site Scripting
Posted Oct 3, 2018
Authored by M. Tomaselli | Site sec-consult.com

PTC ThingWorx suffers from cross site scripting and password disclosure vulnerabilities. Versions affected include 6.5 through 7.4, 8.0.x, 8.1.x, and 8.2.x.

tags | advisory, vulnerability, xss
advisories | CVE-2018-17216, CVE-2018-17217, CVE-2018-17218
SHA-256 | 317f2e2b6aaec261a18c273b5fe9dec4ba8d2ee4aba58d901e630188c8d8b97f
nullcon Goa 2019 Call For Papers
Posted Oct 3, 2018
Site nullcon.net

The Call For Papers for nullcon Goa 2019 is now open. Nullcon is an annual Information Security Conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place March 1st through the 2nd, 2019 in Goa, India.

tags | paper, conference
SHA-256 | 18fccbc17caa3e4bb0fd09b38388099b7be8ce3e500f75211479c70804f68d88
OPAC EasyWeb Five 5.7 nome SQL Injection
Posted Oct 3, 2018
Authored by Ihsan Sencan

OPAC EasyWeb Five version 5.7 suffers from a remote SQL injection vulnerability in the nome input.

tags | exploit, remote, sql injection
SHA-256 | d6c97a8f4e0a187395b2b5775240550e6f0253aeef582723813d671c9002ec61
Coaster CMS 5.5.0 Cross Site Scripting
Posted Oct 3, 2018
Authored by Ismail Tasdelen

Coaster CMS version 5.5.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-17876
SHA-256 | 0849b869bee82b63fddc5c4a779ba641150604c464edc36529ef46abcd7e08b3
OPAC EasyWeb Five 5.7 biblio SQL Injection
Posted Oct 3, 2018
Authored by Dino Barlattani

OPAC EasyWeb Five version 5.7 suffers from a remote SQL injection vulnerability in the biblio input.

tags | exploit, remote, sql injection
SHA-256 | 06a064fa6626f63fa9d75e10581ee339fde2278790ee80a59e18cade8135cceb
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close