what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2019-03-05

Sagemcom Router Insufficient Default PSK Entropy
Posted Mar 5, 2019
Authored by Ryan Delaney

Sagemcom F@st 5260 routers on firmware version 0.4.39 (and possibly others), in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.

tags | exploit
advisories | CVE-2019-9555
SHA-256 | c2db5ec63dcee8bb5c083080884392540c1d051134888b5324d8f89c4c0cb50d
Babel 0.4.1 Open Redirection
Posted Mar 5, 2019
Authored by Jan Kopriva

Babel versions 0.4.1 and below suffer from an open redirection vulnerability.

tags | exploit
SHA-256 | 07505ec0277342f929b6efe5392c8e2091db2c9c19918c8321df41cf5208af62
AIDE 0.16.1
Posted Mar 5, 2019
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Various bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 0f2b7cecc70c1a27d35c06c98804fcdb9f326630de5d035afc447122186010b7
Red Hat Security Advisory 2019-0457-01
Posted Mar 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0457-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include an off-by-one error.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3813, CVE-2019-3831, CVE-2019-6454
SHA-256 | 05240ca35ab0884fd7a25fa142af88cdf00b81ed1453000b8a98e0494394002b
Red Hat Security Advisory 2019-0458-01
Posted Mar 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0458-01 - The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3831
SHA-256 | f052daa877a5823c2c9ffaca0bd238d6a902f660e0b6a979b99d2e827c5ed668
Red Hat Security Advisory 2019-0461-01
Posted Mar 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0461-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include an input validation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-6454
SHA-256 | eae354ccaa916776dcaa9d3e9d6c83e206419765a1f3bcf05c7f67fe5cb6bcf9
WordPress WP-Image-News-Slider 3.3 Cross Site Request Forgery / Shell Upload
Posted Mar 5, 2019
Authored by KingSkrupellos

WordPress WP-Image-News-Slider plugin version 3.3 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
SHA-256 | f305567bbd53d21d7a02d1815f12ebca530383e903aadf9be4dff6dfc2cefdc5
OpenDocMan 1.3.4 SQL Injection
Posted Mar 5, 2019
Authored by Mehmet Emiroglu

OpenDocMan version 1.3.4 suffers from a remote SQL injection vulnerability in search.php.

tags | exploit, remote, php, sql injection
SHA-256 | 77bba293ef60b83e3d9b74479a57f69c2275c51e9a31787a6882e15c27d6fec9
vBulletin 4.2.5 Member Map 1.1.2 Open Redirection
Posted Mar 5, 2019
Authored by KingSkrupellos

vBulletin version 4.2.5 with Member Map version 1.1.2 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | cd24447d5bdc6df376a0c8e592244ce1952be936784b89cfd7169666074f1b88
vBulletin 4.2.5 vBSuper_PM 1.2.3 Lite Open Redirection
Posted Mar 5, 2019
Authored by KingSkrupellos

vBulletin version 4.2.5 with vBSuper_PM version 1.2.3 Lite suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 337b52dd897eae9edf84f2c1fefeb81f0b4459305ddf01c6badb1b904d4b4990
Java Debug Wire Protocol Remote Code Execution
Posted Mar 5, 2019
Authored by hugsy

Java Debug Wire Protocol (JDWP) remote code execution exploit.

tags | exploit, java, remote, code execution, protocol
SHA-256 | 41e06237e80e41d159f68ebe351dc2b371f483d6f2f1f8c2316858e9cacb0cc2
vBulletin 4.2.5 Thread Post Bookmarking 1.2.0 Open Redirection
Posted Mar 5, 2019
Authored by KingSkrupellos

vBulletin version 4.2.5 with Thread Post Bookmarking version 1.2.0 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 99f1a237812d994d339caac57f876dd0be4c979f258f6166cf91876b60a63385
vBulletin 4.2.5 Ajax Threads 1.1.3 Lite Open Redirection
Posted Mar 5, 2019
Authored by KingSkrupellos

vBulletin version 4.2.5 with Ajax Threads version 1.1.3 Lite suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 92ec38604b3a7a0f1933fa1bcb7b7d1367f1f21b037743720431a6c365480bdf
vBulletin 4.x Seo By vBSeo 3.3.2 Open Redirection
Posted Mar 5, 2019
Authored by KingSkrupellos

vBulletin version 4.x Seo by vBSeo version 3.3.2 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 3669bb4deadc40930e9d2251455fc9eddaf8dc47a5b4fe8393f38c538ab155c0
Splunk Enterprise 7.2.4 Remote Code Execution
Posted Mar 5, 2019
Authored by Matteo Malvica, Lee Mazzoleni

Splunk Enterprise version 7.2.4 custom application remote code execution exploit using a persistent backdoor with a custom binary payload.

tags | exploit, remote, code execution
SHA-256 | 409a62d7cf31cbc8fd45c944b0cc9a10a0a308719ab65e9a92813651a3d8b393
Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 Remote Code Execution
Posted Mar 5, 2019
Authored by Jameel Nabbo

Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 remote code execution proof of concept exploit.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2019-7385
SHA-256 | 31c08ad51e70c858c747f8a3e114b52182812ad082a81b7165a6962c2efaac0c
Booked Scheduler 2.7.5 Remote Command Execution
Posted Mar 5, 2019
Authored by Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module exploits a file upload vulnerability Booked 2.7.5. In the "Look and Feel" section of the management panel, you can modify the Logo-Favico-CSS files. Upload sections has file extension control except favicon part. You can upload the file with the extension you want through the Favicon field. The file you upload is written to the main directory of the site under the name "custom-favicon". After you upload the php payload to the main directory, the exploit executes the payload and receives a shell.

tags | exploit, shell, php, file upload
SHA-256 | fd1000e5cac89ace858ec8875c56402a580102eca4787adce2c81e8909ed4842
elFinder 2.1.47 Command Injection
Posted Mar 5, 2019
Authored by q3rv0

elFinder versions 2.1.47 and below suffer from a command injection vulnerability in the PHP connector.

tags | exploit, php
advisories | CVE-2019-9194
SHA-256 | c18a99273f5751aac3069a948d7904a72a24ff8573296cdae06be2c2d58ce090
Fiberhome AN5506-04-F RP2669 Cross Site Scripting
Posted Mar 5, 2019
Authored by Tauco

Fiberhome AN5506-04-F RP2669 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9556
SHA-256 | 3c7362c8972634b05aaa51838c2ee7e321da879525c3a7b61b9d0b1674ec5a1c
MarcomCentral FusionPro VDP Creator Directory Traversal
Posted Mar 5, 2019
Authored by 0v3rride

MarcomCentral FusionPro VDP Creator versions prior to 10.0 suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2019-7751
SHA-256 | eb98b706c6a8ecb272d16cccee6ec91d15662dabdb4e48c5e6b36280d4b885e3
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close