what you don't know can hurt you
Showing 1 - 20 of 20 RSS Feed

Files Date: 2019-03-05

Sagemcom Router Insufficient Default PSK Entropy
Posted Mar 5, 2019
Authored by Ryan Delaney

Sagemcom F@st 5260 routers on firmware version 0.4.39 (and possibly others), in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.

tags | exploit
advisories | CVE-2019-9555
MD5 | 1cbafac69bdd059b6ece817e1bd160df
Babel 0.4.1 Open Redirection
Posted Mar 5, 2019
Authored by Jan Kopriva

Babel versions 0.4.1 and below suffer from an open redirection vulnerability.

tags | exploit
MD5 | bb450b93802167f372d4142c3edab611
AIDE 0.16.1
Posted Mar 5, 2019
Authored by Rami Lehti

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Various bug fixes.
tags | tool, intrusion detection
systems | unix
MD5 | 1bb877023500451cbad76c8ab1f3ec55
Red Hat Security Advisory 2019-0457-01
Posted Mar 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0457-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include an off-by-one error.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3813, CVE-2019-3831, CVE-2019-6454
MD5 | 58bc0f9b9a737850e5127803e1bd87f3
Red Hat Security Advisory 2019-0458-01
Posted Mar 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0458-01 - The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3831
MD5 | 1fa5a141e0fa9c9bc9c96d486254ad19
Red Hat Security Advisory 2019-0461-01
Posted Mar 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0461-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include an input validation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-6454
MD5 | 0764d6e91b4c142ee93afb1d9779926a
WordPress WP-Image-News-Slider 3.3 Cross Site Request Forgery / Shell Upload
Posted Mar 5, 2019
Authored by KingSkrupellos

WordPress WP-Image-News-Slider plugin version 3.3 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | 565786e871040f0759e592f8d15a7c02
OpenDocMan 1.3.4 SQL Injection
Posted Mar 5, 2019
Authored by Mehmet Emiroglu

OpenDocMan version 1.3.4 suffers from a remote SQL injection vulnerability in search.php.

tags | exploit, remote, php, sql injection
MD5 | 712535d01e32bd5c701160844148394d
vBulletin 4.2.5 Member Map 1.1.2 Open Redirection
Posted Mar 5, 2019
Authored by KingSkrupellos

vBulletin version 4.2.5 with Member Map version 1.1.2 suffers from an open redirection vulnerability.

tags | exploit
MD5 | e5d8e9e98942245136c5fdadedfba275
vBulletin 4.2.5 vBSuper_PM 1.2.3 Lite Open Redirection
Posted Mar 5, 2019
Authored by KingSkrupellos

vBulletin version 4.2.5 with vBSuper_PM version 1.2.3 Lite suffers from an open redirection vulnerability.

tags | exploit
MD5 | 0f09dab5c61e598ac54da68e40fd7d27
Java Debug Wire Protocol Remote Code Execution
Posted Mar 5, 2019
Authored by hugsy

Java Debug Wire Protocol (JDWP) remote code execution exploit.

tags | exploit, java, remote, code execution, protocol
MD5 | fb1e36e56954213eabe341702f00a37a
vBulletin 4.2.5 Thread Post Bookmarking 1.2.0 Open Redirection
Posted Mar 5, 2019
Authored by KingSkrupellos

vBulletin version 4.2.5 with Thread Post Bookmarking version 1.2.0 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 572c13a3e459417556e8bcffe5eb52ad
vBulletin 4.2.5 Ajax Threads 1.1.3 Lite Open Redirection
Posted Mar 5, 2019
Authored by KingSkrupellos

vBulletin version 4.2.5 with Ajax Threads version 1.1.3 Lite suffers from an open redirection vulnerability.

tags | exploit
MD5 | 295f15202fb9d293b8782e46bd099248
vBulletin 4.x Seo By vBSeo 3.3.2 Open Redirection
Posted Mar 5, 2019
Authored by KingSkrupellos

vBulletin version 4.x Seo by vBSeo version 3.3.2 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 2fd9b8a4a20e182842f32ff7aca38fb6
Splunk Enterprise 7.2.4 Remote Code Execution
Posted Mar 5, 2019
Authored by Matteo Malvica, Lee Mazzoleni

Splunk Enterprise version 7.2.4 custom application remote code execution exploit using a persistent backdoor with a custom binary payload.

tags | exploit, remote, code execution
MD5 | 5a62b4a52d56ebb505b44ba1557ac731
Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 Remote Code Execution
Posted Mar 5, 2019
Authored by Jameel Nabbo

Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 remote code execution proof of concept exploit.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2019-7385
MD5 | 3aee84bd66a663648cc9a1aadcd3d032
Booked Scheduler 2.7.5 Remote Command Execution
Posted Mar 5, 2019
Authored by Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module exploits a file upload vulnerability Booked 2.7.5. In the "Look and Feel" section of the management panel, you can modify the Logo-Favico-CSS files. Upload sections has file extension control except favicon part. You can upload the file with the extension you want through the Favicon field. The file you upload is written to the main directory of the site under the name "custom-favicon". After you upload the php payload to the main directory, the exploit executes the payload and receives a shell.

tags | exploit, shell, php, file upload
MD5 | d99806184924b3c9ff46a07a219526b9
elFinder 2.1.47 Command Injection
Posted Mar 5, 2019
Authored by q3rv0

elFinder versions 2.1.47 and below suffer from a command injection vulnerability in the PHP connector.

tags | exploit, php
advisories | CVE-2019-9194
MD5 | 3d96dc64d2bfb5653afc37faeaeccf4b
Fiberhome AN5506-04-F RP2669 Cross Site Scripting
Posted Mar 5, 2019
Authored by Tauco

Fiberhome AN5506-04-F RP2669 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9556
MD5 | 9836a88eca44abee2a3aa731c7a709af
MarcomCentral FusionPro VDP Creator Directory Traversal
Posted Mar 5, 2019
Authored by 0v3rride

MarcomCentral FusionPro VDP Creator versions prior to 10.0 suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2019-7751
MD5 | 06756d818f5cc3711574cae6adb8815a
Page 1 of 1
Back1Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    15 Files
  • 19
    Jun 19th
    22 Files
  • 20
    Jun 20th
    14 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close