exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-08-05

SQLMAP - Automatic SQL Injection Tool 1.3.8
Posted Aug 5, 2019
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | c00763058a3de0d00fe76ec0feaad875
Clam AntiVirus Toolkit 0.101.3
Posted Aug 5, 2019
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: ClamAV 0.101.3 is a patch release to address a vulnerability to non-recursive zip bombs.
tags | tool, virus
systems | unix
MD5 | 1981c5bd299c1f3cbf3f74095a00524c
Active PHP Bookmarks 1.3 SQL Injection
Posted Aug 5, 2019
Authored by Todor Donev

Active PHP Bookmarks version 1.3 suffer from a cookie_auth error-based remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 95549322c6d6c54be90a59cfcd3af5fc
Phishing Simulation
Posted Aug 5, 2019
Authored by Jeny Raval | Site github.com

Phishing Simulation mainly aims to increase phishing awareness by providing an intuitive tutorial and customized assessment (without any actual setup - no domain, no infrastructure, no actual email address) to assess people's action on any given situation and gives ability to understand what is the current awareness posture. A presentation for Phishing Simulation will be at Defcon 27.

tags | tool
MD5 | 07f8a8d04b8477a5377f2b28cef518ed
CentOS-WebPanel.com Control Web Panel 0.9.8.846 Cross Site Scripting
Posted Aug 5, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.846 suffers from a reflective cross site scripting vulnerability.

tags | exploit, web, xss
systems | linux, centos
advisories | CVE-2019-13387
MD5 | d316fe6a89738ef2fb11f856478b66bd
CentOS-WebPanel.com Control Web Panel 0.9.8.840 User Enumeration
Posted Aug 5, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS-WebPanel.com Control Web Panel (CWP) versions 0.9.8.836 through 0.9.8.840 suffer from a user enumeration vulnerability.

tags | exploit, web
systems | linux, centos
advisories | CVE-2019-13385
MD5 | b641e3a461a0d2b4932c082c36d4a365
CentOS-WebPanel.com Control Web Panel 0.9.8.836 Remote Command Execution
Posted Aug 5, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.836 suffers from a remote command execution vulnerability.

tags | exploit, remote, web
systems | linux, centos
advisories | CVE-2019-13386
MD5 | 38b22a4272b7c1f0756fdd0c5e3fbee6
iMessage URL Deserializing Heap Overflow
Posted Aug 5, 2019
Authored by Google Security Research, natashenka

iMessage suffers from a heap overflow vulnerability when deserializing a URL. This affects Macs only.

tags | exploit, overflow
advisories | CVE-2019-8661
MD5 | 36e18c8532de2e387116a79ad9fb997c
KDE 4/5 KDesktopFile Command Injection
Posted Aug 5, 2019
Authored by Dominik Penner

KDE 4/5 is vulnerable to a command injection vulnerability in the KDesktopFile class. When a .desktop or .directory file is instantiated, it unsafely evaluates environment variables and shell expansions using KConfigPrivate::expandString() via the KConfigGroup::readEntry() function. Using a specially crafted .desktop file a remote user could be compromised by simply downloading and viewing the file in their file manager, or by drag and dropping a link of it into their documents or desktop. Versions 5.60.0 and below are affected.

tags | exploit, remote, shell
MD5 | c206add048c51fba2249cf97e066e64d
Ubuntu Security Notice USN-4049-3
Posted Aug 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4049-3 - USN-4049-1 fixed a vulnerability in GLib. The update introduced a regression in Ubuntu 16.04 LTS causing a possibly memory leak. This update fixes the problem. It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibly use this issue to access sensitive information. Various other issues were also addressed.

tags | advisory, memory leak
systems | linux, ubuntu
MD5 | fda678779cb03370b36ae682a96c3e1e
Ubuntu Security Notice USN-4058-2
Posted Aug 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4058-2 - USN-4058-1 fixed a vulnerability in bash. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Bash incorrectly handled the restricted shell. An attacker could possibly use this issue to escape restrictions and execute any command. Various other issues were also addressed.

tags | advisory, shell, bash
systems | linux, ubuntu
advisories | CVE-2019-9924
MD5 | 39a86cf8b87a3b8b7d8f4058195385f5
Debian Security Advisory 4491-1
Posted Aug 5, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4491-1 - Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands.

tags | advisory
systems | linux, debian
advisories | CVE-2019-12815
MD5 | 551b43ae70f5cc4ea6e88ecad29980ad
ATutor 2.2.4 Arbitrary File Upload / Command Execution
Posted Aug 5, 2019
Authored by liquidsky

ATutor version 2.2.4 suffers from a language_import arbitrary file upload that allows for command execution.

tags | exploit, arbitrary, file upload
advisories | CVE-2019-12169
MD5 | 10f2847e6a58a0575b56deca98bf9ceb
Opencart 2.3.0.2 Insecure OCMod Generation Remote Command Execution
Posted Aug 5, 2019
Authored by Todor Donev

Opencart versions 2.3.0.2 and below suffer from an insecure OCMod generation remote command execution vulnerability.

tags | exploit, remote
MD5 | 6fe443a1799c4db7980052fb9c608ef3
ATutor 2.2.4 Backup Remote Command Execution
Posted Aug 5, 2019
Authored by liquidsky

ATutor version 2.2.4 suffers from a backup functionality remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2019-12170
MD5 | 5a7865602fc19959651923212a60bbf8
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close