exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-04-10

Horde Form Shell Upload
Posted Apr 10, 2019
Authored by Ratiosec | Site metasploit.com

Horde Groupware Webmail contains a flaw that allows an authenticated remote attacker to execute arbitrary PHP code. The exploitation requires the Turba subcomponent to be installed. This module was tested on Horde versions 5.2.22 and 5.2.17 running Horde Form subcomponent versions prior to 2.0.19.

tags | exploit, remote, arbitrary, php
advisories | CVE-2019-9858
MD5 | 77733e9ad4d5217473e6f849c3b3ec6a
Stegano 0.9.3
Posted Apr 10, 2019
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: It is now possible to either pass the location of an image or directly pass an already opened Image.Image to the hide and reveal methods. Code has been re-formatted a bit with black.
tags | tool, encryption, steganography, python
systems | unix
MD5 | b7d19f78905fb57a5b6dfbcaa8e1cbe4
Chrome FileChooserImpl Use-After-Free
Posted Apr 10, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from a use-after-free vulnerability in FileChooserImpl.

tags | exploit
MD5 | 9482cae8e5970a7f1be1609209542324
Debian Security Advisory 4429-1
Posted Apr 10, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4429-1 - It was discovered that SPIP, a website engine for publishing, did not properly sanitize its user input. This would allow an authenticated user to perform arbitrary command execution.

tags | advisory, arbitrary
systems | linux, debian
MD5 | 32fa8b4a5f010a39a2bfda5a9d308521
Red Hat Security Advisory 2019-0737-01
Posted Apr 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0737-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.171. Issues addressed include code execution and information leakage vulnerabilities.

tags | advisory, web, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-7096, CVE-2019-7108
MD5 | ff90bab22c838505bec333c223869f41
Ubuntu Security Notice USN-3937-2
Posted Apr 10, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3937-2 - USN-3937-1 and USN-3627-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 12.04 ESM. Simon Kappel discovered that the Apache HTTP Server mod_auth_digest module incorrectly handled threads. A remote attacker with valid credentials could possibly use this issue to authenticate using another username, bypassing access control restrictions. Various other issues were also addressed.

tags | advisory, remote, web, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-15710, CVE-2018-1301, CVE-2018-1312, CVE-2019-0217
MD5 | ccdfa30fb29254b4a1179649103fba29
YiiCMS JetBrains PHPStorm 6.0.3 Database Disclosure
Posted Apr 10, 2019
Authored by KingSkrupellos

YiiCMS JetBrains PHPStorm version 6.0.3 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
MD5 | eaf9453f91b7812587d0ed572c96b5f4
Themosis Framework BookStore 1.3.0 Database Disclosure
Posted Apr 10, 2019
Authored by KingSkrupellos

Themosis Framework BookStore version 1.3.0 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
MD5 | d0eca896ea560b9f4d251062db0d45ac
NekoCMS 2.5 Database Disclosure
Posted Apr 10, 2019
Authored by KingSkrupellos

NekoCMS version 2.5 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 834fdab66c7f96d79f8d42e0e8c9c6b6
FTPShell Server 6.83 Account Name To Ban Local Buffer Overflow
Posted Apr 10, 2019
Authored by Dino Covotsos

FTPShell Server version 6.83 Account name to ban local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | f72312aa5b4338768208026da2709235
FTPShell Server 6.83 Virtual Path Mapping Local Buffer Overflow
Posted Apr 10, 2019
Authored by Dino Covotsos

FTPShell Server version 6.83 Virtual Path Mapping local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | 2e94eb3631317d0ae0e34bf110f586ea
D-Link DI-524 2.06RU Cross Site Scripting
Posted Apr 10, 2019
Authored by Semen Alexandrovich Lyhin

D-Link DI-524 version 2.06RU suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-11017
MD5 | 4f32fb60b928f8bf7c467862c210cd05
Dell KACE Systems Management Appliance (K1000) 6.4.120756 Code Execution
Posted Apr 10, 2019
Authored by Julien Ahrens

Dell KACE Systems Management Appliance (K1000) version 6.4.120756 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 11d97e105916bc6eb37052e4bf986a97
Microsoft Windows AppX Deployment Service Privilege Escalation
Posted Apr 10, 2019
Authored by Nabeel Ahmed

Microsoft Windows AppX deployment service privilege escalation exploit.

tags | exploit
systems | windows
advisories | CVE-2019-0841
MD5 | 7bd5fc96e46fc99787efb06cec384938
Apache Axis 1.4 Remote Code Execution
Posted Apr 10, 2019
Authored by David Yesland

Apache Axis version 1.4 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-0227
MD5 | 1d898066a3056b1a2441f0a373a343c8
Page 1 of 1
Back1Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close