Twenty Year Anniversary
Showing 1 - 19 of 19 RSS Feed

Files Date: 2018-10-22

Ubuntu Security Notice USN-3796-3
Posted Oct 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3796-3 - USN-3796-1 fixed a vulnerability in Paramiko. This update provides the corresponding update for Ubuntu 18.10. Daniel Hoffman discovered that Paramiko incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2018-1000805
MD5 | bd9323b300f55025ce3f4e55310f69cc
Ubuntu Security Notice USN-3792-3
Posted Oct 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3792-3 - USN-3792-1 fixed a vulnerability in Net-SNMP. This update provides the corresponding update for Ubuntu 18.10. It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18065
MD5 | 6922096eae4f9412061212a2f8908aeb
Ubuntu Security Notice USN-3795-2
Posted Oct 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3795-2 - USN-3795-1 fixed a vulnerability in libssh. This update provides the corresponding update for Ubuntu 18.10. Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2018-10933
MD5 | e89cc04e069eca9525fb55fb63903774
Ubuntu Security Notice USN-3790-2
Posted Oct 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3790-2 - USN-3790-1 fixed vulnerabilities in Requests. This update provides the corresponding update for Ubuntu 18.10 It was discovered that Requests incorrectly handled certain HTTP headers. An attacker could possibly use this issue to access sensitive information. Various other issues were also addressed.

tags | advisory, web, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-18074
MD5 | 1b19f7fc14a933f4057623fbde241997
Chrome Debugger Extension API Is Too Powerful
Posted Oct 22, 2018
Authored by Jann Horn, Google Security Research

The Chrome debugger extension API appears to have more power than necessary, including the ability to bypass the check for disabled natives.

tags | advisory
MD5 | 7f04b4dbaa37e47793da6858cb2f0661
VestaCP 0.9.8-22 Cross Site Scripting
Posted Oct 22, 2018
Authored by Numan OZDEMIR

VestaCP versions 0.9.8-22 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-18547
MD5 | 383e89ec1c0ee9282adbe48bc69bb406
Viva Visitor And Volunteer ID Tracking 0.95.1 SQL Injection
Posted Oct 22, 2018
Authored by Ihsan Sencan

Viva Visitor and Volunteer ID Tracking version 0.95.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a7bdb1af85aa0c2d43e314a0d6343f09
Traq 3.7.1 CSRF / XSS / SQL Injection
Posted Oct 22, 2018
Authored by Matt Landers

Traq version 3.7.1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
MD5 | 0aef457c83d6fd108fe4b17521b80e1b
eNdonesia Portal 8.7 SQL Injection
Posted Oct 22, 2018
Authored by Ihsan Sencan

eNdonesia Portal version 8.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3cc4ca7ebbc356b5f8a59b1fbde6e3f1
AjentiCP 1.2.23.13 Cross Site Scripting
Posted Oct 22, 2018
Authored by Numan OZDEMIR

AjentiCP versions 1.2.23.13 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18548
MD5 | 295c5f4546a49a27b9be3056bdeb12f1
The Open ISES Project 3.30A Arbitrary File Download
Posted Oct 22, 2018
Authored by Ihsan Sencan

The Open ISES Project version 3.30A suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
MD5 | 021b5f4026c133b8b2fbc315e632216b
School ERP Ultimate 2018 SQL Injection
Posted Oct 22, 2018
Authored by Ihsan Sencan

School ERP Ultimate version 2018 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 895a26f1d022712bfe28574ffce213ee
The Open ISES Project 3.30A SQL Injection
Posted Oct 22, 2018
Authored by Ihsan Sencan

The Open ISES Project version 3.30A suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 177af646b329a8c58f5910646e929802
Oracle Siebel CRM 8.1.1 CSV Injection
Posted Oct 22, 2018
Authored by Sarath Nair

Oracle Siebel CRM version 8.1.1 suffers from a CSV injection vulnerability.

tags | exploit
MD5 | 14b6181049d2b8b95e64fbe8aea5fdef
School ERP Ultimate 2018 Arbitrary File Download
Posted Oct 22, 2018
Authored by Ihsan Sencan

School ERP Ultimate version 2018 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
MD5 | a0d372c5ad93a099be337afdcb50514c
MySQL Edit Table 1.0 SQL Injection
Posted Oct 22, 2018
Authored by Ihsan Sencan

MySQL Edit Table version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 19c3b4630111dd4e32c4693e85b43bd9
Modbus Poll 7.2.2 Denial Of Service
Posted Oct 22, 2018
Authored by Cemal Cihad CiFTCi

Modbus Poll version 7.2.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 87bf262caddd533fef12dd918ea17f86
AudaCity 2.3 Denial Of Service
Posted Oct 22, 2018
Authored by Kagan Capar

AudaCity version 2.3 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 577194ca6c017ec013387cbdb4a19365
Microsoft Windows 10 UAC Bypass By computerDefault
Posted Oct 22, 2018
Authored by Fabien Dromas

This exploit permits an attacker to bypass UAC by hijacking a registry key during computerSecurity.exe (auto elevate windows binary) execution.

tags | exploit, registry
systems | windows
MD5 | 2c1515d3cf000e306d865e349594543c
Page 1 of 1
Back1Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    15 Files
  • 14
    Dec 14th
    14 Files
  • 15
    Dec 15th
    2 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    15 Files
  • 18
    Dec 18th
    1 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close