exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-08-05

SQLMAP - Automatic SQL Injection Tool 1.3.8
Posted Aug 5, 2019
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | 3b3fb0f213139efb76e7a95ebcd6e3790c70a23fca8f3c753ef14f72ea7fdf01
Clam AntiVirus Toolkit 0.101.3
Posted Aug 5, 2019
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: ClamAV 0.101.3 is a patch release to address a vulnerability to non-recursive zip bombs.
tags | tool, virus
systems | unix
SHA-256 | 68d42aac4a9cbde293288533a9a3c3d55863de38f2b8707c1ef2d987b1260338
Active PHP Bookmarks 1.3 SQL Injection
Posted Aug 5, 2019
Authored by Todor Donev

Active PHP Bookmarks version 1.3 suffer from a cookie_auth error-based remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | bc6c261640dc9ec14bbb6fb90549a793ad4f78ba2cbdeb8d88bdf7997814b910
Phishing Simulation
Posted Aug 5, 2019
Authored by Jeny Raval | Site github.com

Phishing Simulation mainly aims to increase phishing awareness by providing an intuitive tutorial and customized assessment (without any actual setup - no domain, no infrastructure, no actual email address) to assess people's action on any given situation and gives ability to understand what is the current awareness posture. A presentation for Phishing Simulation will be at Defcon 27.

tags | tool
SHA-256 | f3dbdecca062fb9116c5844f62eab08929b20b39c684907e9359ccd7f2b6d8a9
CentOS-WebPanel.com Control Web Panel 0.9.8.846 Cross Site Scripting
Posted Aug 5, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.846 suffers from a reflective cross site scripting vulnerability.

tags | exploit, web, xss
systems | linux, centos
advisories | CVE-2019-13387
SHA-256 | 8b1c696a73f9bac0e96c917432a4e295ca1c20adf0976f10d1b7af7562e21405
CentOS-WebPanel.com Control Web Panel 0.9.8.840 User Enumeration
Posted Aug 5, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS-WebPanel.com Control Web Panel (CWP) versions 0.9.8.836 through 0.9.8.840 suffer from a user enumeration vulnerability.

tags | exploit, web
systems | linux, centos
advisories | CVE-2019-13385
SHA-256 | 249523e5b9f8b707a9f33250984e1a77d557a89613eb737528f2c8b3cd52a307
CentOS-WebPanel.com Control Web Panel 0.9.8.836 Remote Command Execution
Posted Aug 5, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.836 suffers from a remote command execution vulnerability.

tags | exploit, remote, web
systems | linux, centos
advisories | CVE-2019-13386
SHA-256 | f863e7a790b489ddb7c3a435fcfb5db2ed269f587f3614f2de0db4a51a1190fc
iMessage URL Deserializing Heap Overflow
Posted Aug 5, 2019
Authored by Google Security Research, natashenka

iMessage suffers from a heap overflow vulnerability when deserializing a URL. This affects Macs only.

tags | exploit, overflow
advisories | CVE-2019-8661
SHA-256 | 2f5c0ce4f32d1e01da4624b1c0fc401f0c5871abc917b01bf2bfc9d63f3d6a34
KDE 4/5 KDesktopFile Command Injection
Posted Aug 5, 2019
Authored by Dominik Penner

KDE 4/5 is vulnerable to a command injection vulnerability in the KDesktopFile class. When a .desktop or .directory file is instantiated, it unsafely evaluates environment variables and shell expansions using KConfigPrivate::expandString() via the KConfigGroup::readEntry() function. Using a specially crafted .desktop file a remote user could be compromised by simply downloading and viewing the file in their file manager, or by drag and dropping a link of it into their documents or desktop. Versions 5.60.0 and below are affected.

tags | exploit, remote, shell
SHA-256 | b976357316212f652d1a32df71b0bd1aeac8e5a5a6fef96198aa227ed6d6f007
Ubuntu Security Notice USN-4049-3
Posted Aug 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4049-3 - USN-4049-1 fixed a vulnerability in GLib. The update introduced a regression in Ubuntu 16.04 LTS causing a possibly memory leak. This update fixes the problem. It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibly use this issue to access sensitive information. Various other issues were also addressed.

tags | advisory, memory leak
systems | linux, ubuntu
SHA-256 | 9dc55ff1b693e5d3d4b82f7f05059f209d64a02fae37e5a573aa9a97cc9c6fbd
Ubuntu Security Notice USN-4058-2
Posted Aug 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4058-2 - USN-4058-1 fixed a vulnerability in bash. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Bash incorrectly handled the restricted shell. An attacker could possibly use this issue to escape restrictions and execute any command. Various other issues were also addressed.

tags | advisory, shell, bash
systems | linux, ubuntu
advisories | CVE-2019-9924
SHA-256 | 9ba9f0cddea4221c044081def8b0eed7869e1f235dbf33ec2c842c12899fcda0
Debian Security Advisory 4491-1
Posted Aug 5, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4491-1 - Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands.

tags | advisory
systems | linux, debian
advisories | CVE-2019-12815
SHA-256 | 172bd5940ff91d454bf01ec17520021f22a09955366c6f11b9fd5d677cd6cea8
ATutor 2.2.4 Arbitrary File Upload / Command Execution
Posted Aug 5, 2019
Authored by liquidsky

ATutor version 2.2.4 suffers from a language_import arbitrary file upload that allows for command execution.

tags | exploit, arbitrary, file upload
advisories | CVE-2019-12169
SHA-256 | 68b1f5ef4f43ce98748eca51235dfb77dab8a8340683912b52e996264a98eec7
Opencart 2.3.0.2 Insecure OCMod Generation Remote Command Execution
Posted Aug 5, 2019
Authored by Todor Donev

Opencart versions 2.3.0.2 and below suffer from an insecure OCMod generation remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 699ebad19abcdcb6acf896d77ba1965a97e44a4bafcaa503ccf6e82d543be648
ATutor 2.2.4 Backup Remote Command Execution
Posted Aug 5, 2019
Authored by liquidsky

ATutor version 2.2.4 suffers from a backup functionality remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2019-12170
SHA-256 | 06e7c86f7744d78ae2778cf7d8005061d4ab736263b7669b8d90987a354be32a
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close