Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-10-03

Joomla! Jimtawl 2.2.7 SQL Injection
Posted Oct 3, 2018
Authored by Ihsan Sencan

Joomla! Jimtawl component version 2.2.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b78ce044f19e73f69dd504328d9ba357
Zechat 1.5 SQL Injection
Posted Oct 3, 2018
Authored by Ihsan Sencan

Zechat version 1.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 25114efba66cf4bd278bad80483f2fe3
Red Hat Security Advisory 2018-2868-01
Posted Oct 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2868-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.0 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 5.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include an information leakage vulnerability.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2018-8037
MD5 | c7ef7eab42953ebab1c816b029115ddf
Red Hat Security Advisory 2018-2867-01
Posted Oct 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2867-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.0 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 5.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include an information leakage vulnerability.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2018-8037
MD5 | 4a60c4dfbc4ce4112d5fbd7c85c19701
Ubuntu Security Notice USN-3782-1
Posted Oct 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3782-1 - Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-12085, CVE-2018-17294
MD5 | 9a34ad0773c5d4ae726d218ab924dedd
Ubuntu Security Notice USN-3781-1
Posted Oct 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3781-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2018-4191, CVE-2018-4209, CVE-2018-4299, CVE-2018-4312, CVE-2018-4317, CVE-2018-4328
MD5 | b9204d5224fba5ea1f9e172cb10b6dda
Slackware Security Advisory - mozilla-firefox Updates
Posted Oct 3, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-12387
MD5 | 7f98aa721388c5dcd0fd1d76ab08d71a
SQLMAP - Automatic SQL Injection Tool 1.2.10
Posted Oct 3, 2018
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 55e5aa88807d9ea720edd95792a335a6
Collaboration Compliance And Quality Management Platform 9.1.1.5482 Improper Access Control
Posted Oct 3, 2018
Authored by Tobias Huppertz

Collaboration Compliance and Quality Management Platform versions 9.1.1.5482 and below suffer from an improper access control vulnerability.

tags | exploit
advisories | CVE-2018-17872
MD5 | b4997151293b1d4ea2c85bf071fdf146
Collaboration Compliance And Quality Management Platform 9.1.1.5482 Disclosure
Posted Oct 3, 2018
Authored by Tobias Huppertz

Collaboration Compliance and Quality Management Platform versions 9.1.1.5482 and below suffer from a password disclosure vulnerability.

tags | exploit
advisories | CVE-2018-17871
MD5 | 8c2c144527683a6ee8c113de96b6ad60
PTC ThingWorx Password Disclosure / Cross Site Scripting
Posted Oct 3, 2018
Authored by M. Tomaselli | Site sec-consult.com

PTC ThingWorx suffers from cross site scripting and password disclosure vulnerabilities. Versions affected include 6.5 through 7.4, 8.0.x, 8.1.x, and 8.2.x.

tags | advisory, vulnerability, xss
advisories | CVE-2018-17216, CVE-2018-17217, CVE-2018-17218
MD5 | cf3dfdaedc433d702cffb055aaf2357a
nullcon Goa 2019 Call For Papers
Posted Oct 3, 2018
Site nullcon.net

The Call For Papers for nullcon Goa 2019 is now open. Nullcon is an annual Information Security Conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place March 1st through the 2nd, 2019 in Goa, India.

tags | paper, conference
MD5 | cc5b4ca9c7e13666c4265f48f28a65eb
OPAC EasyWeb Five 5.7 nome SQL Injection
Posted Oct 3, 2018
Authored by Ihsan Sencan

OPAC EasyWeb Five version 5.7 suffers from a remote SQL injection vulnerability in the nome input.

tags | exploit, remote, sql injection
MD5 | 59930364faec2d28d7fac489d53dc43d
Coaster CMS 5.5.0 Cross Site Scripting
Posted Oct 3, 2018
Authored by Ismail Tasdelen

Coaster CMS version 5.5.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-17876
MD5 | 14daa87959cbcc25a19b464f0b4a9c33
OPAC EasyWeb Five 5.7 biblio SQL Injection
Posted Oct 3, 2018
Authored by Dino Barlattani

OPAC EasyWeb Five version 5.7 suffers from a remote SQL injection vulnerability in the biblio input.

tags | exploit, remote, sql injection
MD5 | cf789e7de0548ecc95ec6719a74447dd
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close