exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2019-08-26

Debian Security Advisory 4508-1
Posted Aug 26, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4508-1 - Three vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP server, which could result in denial of service.

tags | advisory, web, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
MD5 | 770185152fca9b88b367016ceb60ba24
Webmin 1.890 expired Remote Root
Posted Aug 26, 2019
Authored by Todor Donev

Webmin version 1.890 (based on 1.920 research) expired remote root exploit.

tags | exploit, remote, root
MD5 | 14db19fcdc101c50752dd87ae918f431
Django CRM 0.2.1 Cross Site Request Forgery
Posted Aug 26, 2019
Authored by Daniel Bishtawi | Site netsparker.com

Django CRM version 0.2.1 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2019-11457
MD5 | d3dba4ec65be8af0cfbd84c97bee4f4a
Tinc Virtual Private Network Daemon 1.0.36
Posted Aug 26, 2019
Authored by Ivo Timmermans | Site tinc.nl.linux.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: Fixed compiling tinc with certain versions of the OpenSSL library. Fixed parsing some IPv6 addresses with :: in them. Fixed GraphDumpFile output to handle node names starting with a digit. Fixed a potential segmentation fault when fragmenting packets.
tags | tool, encryption
systems | unix
MD5 | 535b58ee026ec9551954dcc6ed56edca
Haveged 1.9.6
Posted Aug 26, 2019
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: Various bug fixes.
tags | tool
systems | linux, unix
MD5 | 445ebbe0ecce01de06847689e9822efd
CentOS 7.6.1810 Control Web Panel 0.9.8.837 Cross Site Request Forgery
Posted Aug 26, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS version 7.6.1810 with Control Web Panel version 0.9.8.837 suffers from a cross site request forgery vulnerability.

tags | exploit, web, csrf
systems | linux, centos
advisories | CVE-2019-13477
MD5 | 3a55ead305dddb7ad30a3b60f204b53f
CentOS 7.6.1810 Control Web Panel 0.9.8.837 Cross Site Scripting
Posted Aug 26, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS version 7.6.1810 with Control Web Panel version 0.9.8.837 suffers from a persistent cross site scripting vulnerability.

tags | exploit, web, xss
systems | linux, centos
advisories | CVE-2019-13476
MD5 | 603c265fc4698740b8430422cb57d170
Plexo Torresoft Alex Torres Software 2.0 Cross Site Scripting / SQL Injection
Posted Aug 26, 2019
Authored by KingSkrupellos

Plexo Torresoft Alex Torres Software version 2.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | e4c7afb6d5b295b25700dc386a25bfca
Debian Security Advisory 4507-1
Posted Aug 26, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4507-1 - Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform denial of service and cross-site scripting attacks, and potentially the execution of arbitrary code.

tags | advisory, remote, web, denial of service, arbitrary, cgi, vulnerability, xss
systems | linux, debian
advisories | CVE-2019-12525, CVE-2019-12527, CVE-2019-12529, CVE-2019-12854, CVE-2019-13345
MD5 | 0b6d68d6e455fb14945370ed3a945be0
Debian Security Advisory 4506-1
Posted Aug 26, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4506-1 - Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or bypass of ACLs.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2018-20815, CVE-2019-13164, CVE-2019-14378
MD5 | 955958a41648a415f9bc9f125f8b462d
openITCOCKPIT 3.6.1-2 Cross Site Request Forgery
Posted Aug 26, 2019
Authored by Julian Rittweger

openITCOCKPIT version 3.6.1-2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-10227
MD5 | 7dd11c0e1bcfd867bf01ba44669f17d3
Joomla EstateAgent 3.x SQL Injection
Posted Aug 26, 2019
Authored by KingSkrupellos

Joomla version 1.5.26 with EstateAgent component version 3.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f003fc7e2909c767b9272bbf48733da2
Joomla OrgChart 1.0.0 Cross Site Scripting / SQL Injection
Posted Aug 26, 2019
Authored by KingSkrupellos

Joomla version 1.5.26 with OrgChart component version 1.0.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 677ffb0aba725efeed8749fa4627e3af
Joomla FireBoard 1.1.3 SQL Injection
Posted Aug 26, 2019
Authored by KingSkrupellos

Joomla version 1.5.26 with FireBoard component version 1.1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5eed6771cb5847b296b0f106a875d043
Joomla AlphaContent 3. SQL Injection
Posted Aug 26, 2019
Authored by KingSkrupellos

Joomla version 1.5.26 with AlphaContent component 3.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f4b1504f184f226e86c63509e5e13176
Apache Tapestry 5.3.6 HMAC Timing Attack
Posted Aug 26, 2019
Authored by David Tomaschik

Apache Tapestry version 5.3.6 suffers from a timing attack vulnerability during HMAC verification.

tags | advisory
advisories | CVE-2019-10071
MD5 | 574d29e49f8974d20245d235f4911ee1
WordPress UserPro 4.9.32 Cross Site Scripting
Posted Aug 26, 2019
Authored by Damian Ebelties

WordPress UserPro versions 4.9.32 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-14470
MD5 | a1fb821e7222b236cf38976fc6298804
ProGrade/Lierda Grill Temperature 1.00_50006 Hardcoded Credentials
Posted Aug 26, 2019
Authored by Tim Tepatti

ProGrade/Lierda Grill Temperature version 1.00_50006 suffers from having hard-coded credentials that allow for denial of service and information disclosure attacks.

tags | exploit, denial of service, info disclosure
advisories | CVE-2019-15304
MD5 | 2d07fe8415be4ce98c0d75a0f09005cb
Page 1 of 1
Back1Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close