what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-02-20

Micro Focus Filr 3.4.0.217 Path Traversal / Privilege Escalation
Posted Feb 20, 2019
Authored by Leandro Cuozzo, Matias Choren | Site secureauth.com

Micro Focus Filr version 3.4.0.217 suffers from privilege escalation and path traversal vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-3474, CVE-2019-3475
MD5 | 0f5f5a0a0c1393716974e1621adf95ad
Exploitation Framework For STMicroelectronics DVB Chipsets
Posted Feb 20, 2019
Authored by Adam Gowdiak | Site security-explorations.com

A multitude of security issues exist within STMicroelectronics DVB chipsets including, but not limited to credential leakage, buffer overflow, and data leaks. This is the full release of both the whitepaper and dozens of proof of concept details.

tags | exploit, overflow, proof of concept
MD5 | 36463dd0c95db85c29e0f6e7d4033996
Teracue ENC-400 Command Injection / Missing Authentication
Posted Feb 20, 2019
Authored by Stephen Shkardoon

Teracue ENC-400 suffers from hard-coded credential, missing authentication, and command injection vulnerabilities.

tags | exploit, vulnerability, bypass
advisories | CVE-2018-20219, CVE-2018-20220
MD5 | 95463864b7547c7635d21323e2319460
VertrigoServ 2.17 Cross Site Scripting
Posted Feb 20, 2019
Authored by Rafael Pedrero

VertrigoServ version 2.17 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-8938
MD5 | 5de38e9b6646ca12b385d70d1e7bf668
Advanced Comment System 1.0 Cross Site Scripting
Posted Feb 20, 2019
Authored by Rafael Pedrero

Advanced Comment System version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18845
MD5 | 48602f1584c84c8d0e29a07d999f9915
Kanboard 1.2.7 Code Execution / Cross Site Request Forgery
Posted Feb 20, 2019
Authored by Will Boucher | Site pulsesecurity.co.nz

Kanboard version 1.2.7 contains multiple vulnerabilities. The vulnerabilities include CSV account import cross site request forgery which allows an unauthenticated attacker to create a new administrative user. Cross site request forgery 2FA deactivation, allowing an unauthenticated attacker to disable an account's 2FA configuration. A lack of integrity checking or transport layer encryption enforced on plugins enables remote code execution by a malicious admin. Other vulnerabilities include: session privilege retention, 2FA bypass, database user_id and pre-2FA information disclosure.

tags | exploit, remote, vulnerability, code execution, info disclosure, csrf
MD5 | df69e7e6f136931b8bc524474d232e12
Nuuo Central Management Server 2.4 Authenticated Arbitrary File Upload
Posted Feb 20, 2019
Authored by Pedro Ribeiro | Site metasploit.com

The COMMITCONFIG verb is used by a CMS client to upload and modify the configuration of the CMS Server. The vulnerability is in the FileName parameter, which accepts directory traversal (..\\..\\) characters. Therefore, this function can be abused to overwrite any files in the installation drive of CMS Server. This vulnerability is exploitable in CMS versions up to and including 2.4.

tags | exploit
advisories | CVE-2018-17936
MD5 | e4e890bb6cf5b3d4e9da6e61e9d20a09
HotelDruid 2.3 Cross Site Scripting
Posted Feb 20, 2019
Authored by Mehmet Emiroglu

HotelDruid version 2.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-8937
MD5 | bb6f0ac647f0bb871b072ea7758f4b32
Apple macOS 10.13.5 Local Privilege Escalation
Posted Feb 20, 2019
Authored by Synacktiv

Apple macOS version 10.13.5 local privilege escalation exploit.

tags | exploit, local
systems | apple
advisories | CVE-2018-4193
MD5 | 4fb63a016edb0c0b8a0cfef904b84b6e
Tech News 4.3.4 Cross Site Scripting
Posted Feb 20, 2019
Authored by Mr Winst0n

Tech News version 4.3.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | bd842c3ceab60bf9a0c85b1c0c4837f0
Ubuntu Security Notice USN-3892-1
Posted Feb 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3892-1 - Burghard Britzke discovered that GDM incorrectly handled certain configurations. An attacker could possibly use this issue to get unauthorized access to a different user.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-3825
MD5 | 05b6f26f93a9ffb2dac01831fadeece9
Debian Security Advisory 4396-1
Posted Feb 20, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4396-1 - Several vulnerabilities have been found in Ansible, a configuration management, deployment, and task execution system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2018-10855, CVE-2018-10875, CVE-2018-16837, CVE-2018-16876, CVE-2019-3828
MD5 | e731970af38b8a949348da84d1ee14ec
Memu Play 6.0.7 Privilege Escalation
Posted Feb 20, 2019
Authored by Alejandra Sanchez

Memu Play version 6.0.7 privilege escalation proof of concept exploit.

tags | exploit, proof of concept
MD5 | 2f26018a6ea0589879b43a7afef1a851
Social Bookmarking Software 1.2.3 Local File Inclusion
Posted Feb 20, 2019
Authored by Mr Winst0n

Social Bookmarking Software version 1.2.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 72101fb7a6446f6e2f1eb53d5d415aac
FTPShell Sever 6.83 Denial Of Service
Posted Feb 20, 2019
Authored by Victor Mondragon

FTPShell Server version 6.83 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 04f2a824ae2e7f27347115dc21d1e6ca
Page 1 of 1
Back1Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    1 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close