what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-04-10

Horde Form Shell Upload
Posted Apr 10, 2019
Authored by Ratiosec | Site metasploit.com

Horde Groupware Webmail contains a flaw that allows an authenticated remote attacker to execute arbitrary PHP code. The exploitation requires the Turba subcomponent to be installed. This module was tested on Horde versions 5.2.22 and 5.2.17 running Horde Form subcomponent versions prior to 2.0.19.

tags | exploit, remote, arbitrary, php
advisories | CVE-2019-9858
SHA-256 | 612b3d1040426906f9ecf9282768acae87d4201e1009859a877feab335c41aa4
Stegano 0.9.3
Posted Apr 10, 2019
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: It is now possible to either pass the location of an image or directly pass an already opened Image.Image to the hide and reveal methods. Code has been re-formatted a bit with black.
tags | tool, encryption, steganography, python
systems | unix
SHA-256 | 02d50fafa7afa15affc9d2a910ba52a7906c1a7771884976926c3e1e9b326884
Chrome FileChooserImpl Use-After-Free
Posted Apr 10, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from a use-after-free vulnerability in FileChooserImpl.

tags | exploit
SHA-256 | 0ecbde145d35a4fdef837ba560c9160db3335f5c84f0365d90e9552d8eb3e971
Debian Security Advisory 4429-1
Posted Apr 10, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4429-1 - It was discovered that SPIP, a website engine for publishing, did not properly sanitize its user input. This would allow an authenticated user to perform arbitrary command execution.

tags | advisory, arbitrary
systems | linux, debian
SHA-256 | 4c8e164f2c1b3ed2602c6336b4f61fec545fefae033805137757f62795649cc6
Red Hat Security Advisory 2019-0737-01
Posted Apr 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0737-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.171. Issues addressed include code execution and information leakage vulnerabilities.

tags | advisory, web, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-7096, CVE-2019-7108
SHA-256 | f8314d3afe67ae77cfd388e36a385495c1ea0e964e066f3808b2c2fec28ec1af
Ubuntu Security Notice USN-3937-2
Posted Apr 10, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3937-2 - USN-3937-1 and USN-3627-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 12.04 ESM. Simon Kappel discovered that the Apache HTTP Server mod_auth_digest module incorrectly handled threads. A remote attacker with valid credentials could possibly use this issue to authenticate using another username, bypassing access control restrictions. Various other issues were also addressed.

tags | advisory, remote, web, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-15710, CVE-2018-1301, CVE-2018-1312, CVE-2019-0217
SHA-256 | 84ba48eb8961200abc8d263519dda08492c73f9a414994b448a649f3e2f95cc6
YiiCMS JetBrains PHPStorm 6.0.3 Database Disclosure
Posted Apr 10, 2019
Authored by KingSkrupellos

YiiCMS JetBrains PHPStorm version 6.0.3 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 6796f35e6f9d3cb976e4ec479d154a909d63e78d55737e9f48fd348dc93ea559
Themosis Framework BookStore 1.3.0 Database Disclosure
Posted Apr 10, 2019
Authored by KingSkrupellos

Themosis Framework BookStore version 1.3.0 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | e7d984dd83585e36817afdb40e14758be22454ca6afbe461ecaf3131117f5d2c
NekoCMS 2.5 Database Disclosure
Posted Apr 10, 2019
Authored by KingSkrupellos

NekoCMS version 2.5 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | cd468aaec923d430810ed0967307205d9e760270d7e73b6ab5f346d91256bd9d
FTPShell Server 6.83 Account Name To Ban Local Buffer Overflow
Posted Apr 10, 2019
Authored by Dino Covotsos

FTPShell Server version 6.83 Account name to ban local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 0103d38b2c7038d9675cec12825180d27cb3877000d5630b501b92e494d707f8
FTPShell Server 6.83 Virtual Path Mapping Local Buffer Overflow
Posted Apr 10, 2019
Authored by Dino Covotsos

FTPShell Server version 6.83 Virtual Path Mapping local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | b248948dec16aaf4914136ef9f42d2199554d52e55dbc3162d171fc4450663a4
D-Link DI-524 2.06RU Cross Site Scripting
Posted Apr 10, 2019
Authored by Semen Alexandrovich Lyhin

D-Link DI-524 version 2.06RU suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-11017
SHA-256 | 94a6f0876dbfb6cb3eb82db104d083f62cf4504bbc57680ce733218f87d09cfb
Dell KACE Systems Management Appliance (K1000) 6.4.120756 Code Execution
Posted Apr 10, 2019
Authored by Julien Ahrens

Dell KACE Systems Management Appliance (K1000) version 6.4.120756 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 3eb5dff93e50fbe23fbc7494f2ff3a530986ae8dffc834f971baafeb16a34e1a
Microsoft Windows AppX Deployment Service Privilege Escalation
Posted Apr 10, 2019
Authored by Nabeel Ahmed

Microsoft Windows AppX deployment service privilege escalation exploit.

tags | exploit
systems | windows
advisories | CVE-2019-0841
SHA-256 | 1460b5312b5682cc658f0829b40c8e8711a2d4883539bf45739ebf57d5a634a3
Apache Axis 1.4 Remote Code Execution
Posted Apr 10, 2019
Authored by David Yesland

Apache Axis version 1.4 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-0227
SHA-256 | 43fdbd4445757874d097a1fddc91c93ec8a4d38cfb81f1581551cc008f2f8b94
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close