exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-01-01

SugarCRM Web Logic Hooks Module Path Traversal
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.5.0, 8.0.2, and 8.2.0 suffer from a path traversal vulnerability. User input passed through the "webhook_target_module" parameter is not properly sanitized before being used to save PHP code into the hooks file through the Web Logic Hooks module. This can be exploited to carry out path traversal attacks and e.g. create arbitrary directories. Successful exploitation of this vulnerability requires admin privileges.

tags | exploit, web, arbitrary, php
MD5 | 0a73c52a5465fdc38ae3bede2f424098
Debian Security Advisory 4362-1
Posted Jan 1, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4362-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
MD5 | 80dcf628f232bfe02e71774b9db016be
SugarCRM Web Logic Hooks Module PHP Code Injection
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.5.0, 8.0.2, and 8.2.0 suffer from a PHP code injection vulnerability. User input passed through the "trigger_event" parameter is not properly sanitized before being used to save PHP code into the 'logic_hooks.php' file through the Web Logic Hooks module. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires admin privileges.

tags | exploit, web, arbitrary, php
MD5 | bc08aaf51fef23154d37431b75e27168
SugarCRM addLabels PHP Code Injection
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.5.0, 8.0.2, and 8.2.0 suffer from a PHP code injection vulnerability. User input passed through key values of the 'labels_' parameters is not properly sanitized before being used to save PHP code within the "ParserLabel::addLabels()" method when saving labels through the Module Builder. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires admin privileges.

tags | exploit, arbitrary, php
MD5 | a185f42ec61a0417ce4c9024f155944a
Oracle Application Express AnyChart Flash-Based Cross Site Scripting
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

Oracle Application Express versions prior to 5.1.4.00.08 suffer from a cross site scripting vulnerability. The vulnerability is located in the OracleAnyChart.swf file. User input passed through the "__externalobjid" GET parameter is not properly sanitized before being passed to the "ExternalInterface.call" method.

tags | exploit, xss
advisories | CVE-2018-2699
MD5 | 1878f1ac9c3a185afe84dab79f99b4fe
SugarCRM WorkFlow PHP Code Injection
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.4.0 and 7.11.0.0 suffer from a PHP code injection vulnerability in the WorkFlow module. User input passed through the $_POST['base_module'] parameter to the "Save" action of the WorkFlow module is not properly sanitized before being used to write data into the 'workflow.php' file. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires admin privileges.

tags | exploit, arbitrary, php
MD5 | 695389da1dad0e4c2419d379b1d1e132
SugarCRM SaveDropDown PHP Code Injection
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.5.0, 8.0.2, and 8.2.0 suffer from a PHP code injection vulnerability. User input passed through key values of the 'list_value' JSON parameter is not properly sanitized before being used to save PHP code when adding/saving dropdowns through the Module Builder. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires admin privileges.

tags | exploit, arbitrary, php
MD5 | d7144a03e522ca3b40f5f45efbaea7dd
SugarCRM portal_get_related_notes SQL Injection
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.4.0 and 7.11.0.0 suffer from a remote SQL injection vulnerability. The vulnerability is located within the SOAP API, specifically into the "portal_get_related_notes()" SOAP function. User input passed through the "order_by" parameter is not properly sanitized before being used to construct an "ORDER BY" clause of a SQL query from within the "get_notes_in_contacts()" or "get_notes_in_module()" functions. This can be exploited by Portal API Users to e.g. read sensitive data from the database through time-based SQL injection attacks.

tags | exploit, remote, sql injection
MD5 | 61b9e60763ce19a37159b100d11ccf2b
SugarCRM ConnectorsController Server-Side Request Forgery
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.4.0 and 7.11.0.0 suffer from a server-side request forgery vulnerability. The vulnerability is located within the "ConnectorsController::action_CallRest()" method. User input passed through the "url" request parameter is not properly sanitized before being used in a call to the "file_get_contents" function.

tags | exploit
MD5 | e437e1ac25dea0512229ef9d9063a774
ForkCMS 5.0.6 Cross Site Scripting
Posted Jan 1, 2019
Authored by Omer Citak | Site netsparker.com

ForkCMS version 5.0.6 suffers from persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 98602a5387fea2a4942718a799f776f9
GMP Library Information Disclosure
Posted Jan 1, 2019
Authored by Jeffrey Walton

The GMP library uses asserts to crash a program at runtime when presented with data it did not anticipate. The library also ignores user requests to remove asserts using Posix's -DNDEBUG. Asserts are a debugging aide intended for development, and using them in production software ranges from questionable to insecure.

tags | exploit
MD5 | 40a20c35d0d04249741aea20ddc88174
Micro Focus Security Bulletin MFSBGN03838 1
Posted Jan 1, 2019
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03838 1 - A potential security vulnerability has been identified in UCMDB. The vulnerability could be remotely exploited to Remote Directory Traversal and Remote Disclosure of Privileged Information. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2018-18593
MD5 | e49154a544701f2ca8280bce56097096
Archer GRC Platform Improper Access Control
Posted Jan 1, 2019
Authored by Dell Product Security Incident Response Team | Site dellemc.com

RSA Archer versions prior to 6.5.0.1 contain an improper access control vulnerability. A remote malicious user could potentially exploit this vulnerability to bypass authorization checks and gain read access to restricted user information.

tags | advisory, remote
advisories | CVE-2018-15780
MD5 | 7664a0a4edde8d4ac426902578044399
Voyager 1.1.3 Shell Upload
Posted Jan 1, 2019
Authored by Deyaa Muhammad

Voyager version 1.1.3 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | ed1461b3f6f2ee8dd59a5d3f83a93329
Gold Movies 1.0.4 Cross Site Scripting
Posted Jan 1, 2019
Authored by Deyaa Muhammad

Gold Movies version 1.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ad162c27111af7270e671704ba6cdccd
Page 1 of 1
Back1Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close