Twenty Year Anniversary
Showing 1 - 20 of 20 RSS Feed

Files Date: 2018-10-16

Microsoft Windows FSCTL_FIND_FILES_BY_SID Information Disclosure
Posted Oct 16, 2018
Authored by James Forshaw, Google Security Research

On Microsoft Windows, the FSCTL_FIND_FILES_BY_SID control code does not check for permissions to list a directory leading to disclosure of file names when a user is not granted FILE_LIST_DIRECTORY access.

tags | exploit
systems | windows
advisories | CVE-2018-8411
MD5 | 1ad1fd11e41df6d259aeb00e3e6cc367
Ubuntu Security Notice USN-3792-2
Posted Oct 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3792-2 - USN-3792-1 fixed a vulnerability in Net-SNMP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18065
MD5 | bbb68331d63976d5a997a0dc75dd3c41
Red Hat Security Advisory 2018-2921-01
Posted Oct 16, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2921-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2018-1336
MD5 | ff8868258d733db9eeb0af659bcbdd85
GIU Gallery Image Upload 0.3.1 SQL Injection
Posted Oct 16, 2018
Authored by Ihsan Sencan

GIU Gallery Image Upload version 0.3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b4147b04b6553a51704799585aace41b
HighPortal 12.5 Cross Site Scripting
Posted Oct 16, 2018
Authored by Ali Abdollahi

HighPortal version 12.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-17964
MD5 | 96715aa5c1d78769498c9dadfc961a89
MV Video Sharing Software 1.2 SQL Injection
Posted Oct 16, 2018
Authored by Ihsan Sencan

MV Video Sharing Software version 1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0ad174012d13e10d8404214629fdd430
Rukovoditel Project Management CRM 2.3 SQL Injection
Posted Oct 16, 2018
Authored by Ihsan Sencan

Rukovoditel Project Management CRM version 2.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1f62d6bd79243759ee523b6e54d6e4a8
Vishesh Auto Index 3.1 SQL Injection
Posted Oct 16, 2018
Authored by Ihsan Sencan

Vishesh Auto Index version 3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5f3ff3098c17830600ee8f4fe611a4a8
Kados R10 GreenBee SQL Injection
Posted Oct 16, 2018
Authored by Ihsan Sencan

Kados R10 GreenBee suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 36a39e7b3ab07b4125f648f2b9242a48
Navigate CMS 2.8.5 Arbitrary File Download
Posted Oct 16, 2018
Authored by Ihsan Sencan

Navigate CMS version 2.8.5 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
MD5 | 3e891bc4623c966e8f7dd6a3f0e372e6
HotelDruid 2.2.4 SQL Injection
Posted Oct 16, 2018
Authored by Ihsan Sencan

HotelDruid version 2.2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 80d1a55cde41a577c9a05ce3877a5802
KORA 2.7.0 SQL Injection
Posted Oct 16, 2018
Authored by Ihsan Sencan

KORA version 2.7.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2578b0a377f4bdfd589d9b68f92d7b8a
Academic Timetable Final Build 7.0a / 7.0b Information Disclosure
Posted Oct 16, 2018
Authored by Ihsan Sencan

Academic Timetable Final Build versions 7.0a through 7.0b suffer from an information leakage vulnerability.

tags | exploit, info disclosure
MD5 | 45758a6aa9398946bad3ad7ba500881b
Digital Whisper Electronic Magazine #99
Posted Oct 16, 2018
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 99. Written in Hebrew.

tags | magazine
MD5 | 915850e7861bd491c6c9a83332b6a7b1
Red Hat Security Advisory 2018-2918-01
Posted Oct 16, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2918-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-10194, CVE-2018-15910, CVE-2018-16509, CVE-2018-16542
MD5 | 85c6890dafacafbf2a1a41398af4739c
Ubuntu Security Notice USN-3793-1
Posted Oct 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3793-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. It was discovered that if a user saved passwords before Thunderbird 58 and then later set a master password, an unencrypted copy of these passwords would still be accessible. A local user could exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2018-12376, CVE-2018-12378, CVE-2018-12383, CVE-2018-12385
MD5 | 87fdc4d5aa1e208196180d7170d8f355
Ubuntu Security Notice USN-3792-1
Posted Oct 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3792-1 - It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18065
MD5 | 3aeb07109a6cf15ff3a438a836d9be6c
WordPress Support Board 1.2.3 Cross Site Scripting
Posted Oct 16, 2018
Authored by Ismail Tasdelen

WordPress Support Board plugin version 1.2.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18373
MD5 | af6a6a0585953fdcb0c07a71f31e0e1a
Library CMS 2.1.1 Cross Site Scripting
Posted Oct 16, 2018
Authored by Ismail Tasdelen

Library CMS version 2.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18372
MD5 | d8e70246bdc81d155913322dd7dfb2c4
Digital Whisper Electronic Magazine #98
Posted Oct 16, 2018
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 98. Written in Hebrew.

tags | magazine
MD5 | bc2ba1979addfbebf587bd271c6d1c31
Page 1 of 1
Back1Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    14 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close