exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2019-08-26

Debian Security Advisory 4508-1
Posted Aug 26, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4508-1 - Three vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP server, which could result in denial of service.

tags | advisory, web, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
SHA-256 | 76fb0e4122080bc139ebee645c30819fe3573ab5a085d5f2008858e042069625
Webmin 1.890 expired Remote Root
Posted Aug 26, 2019
Authored by Todor Donev

Webmin version 1.890 (based on 1.920 research) expired remote root exploit.

tags | exploit, remote, root
SHA-256 | a6a036a769a8e7b287b106998aecc0d0606fab73f1bcd56db60804eebb9820a9
Django CRM 0.2.1 Cross Site Request Forgery
Posted Aug 26, 2019
Authored by Daniel Bishtawi | Site netsparker.com

Django CRM version 0.2.1 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2019-11457
SHA-256 | 72f9f9a34a620b71f3ca6c75a8db1a9a38b3efcd26f65af797819b59d697faf1
Tinc Virtual Private Network Daemon 1.0.36
Posted Aug 26, 2019
Authored by Ivo Timmermans | Site tinc.nl.linux.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: Fixed compiling tinc with certain versions of the OpenSSL library. Fixed parsing some IPv6 addresses with :: in them. Fixed GraphDumpFile output to handle node names starting with a digit. Fixed a potential segmentation fault when fragmenting packets.
tags | tool, encryption
systems | unix
SHA-256 | 40f73bb3facc480effe0e771442a706ff0488edea7a5f2505d4ccb2aa8163108
Haveged 1.9.6
Posted Aug 26, 2019
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: Various bug fixes.
tags | tool
systems | linux, unix
SHA-256 | 4d4c046755476d3734ffb78772c242c25913ff0eb7509c143671dae6ec9d1189
CentOS 7.6.1810 Control Web Panel 0.9.8.837 Cross Site Request Forgery
Posted Aug 26, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS version 7.6.1810 with Control Web Panel version 0.9.8.837 suffers from a cross site request forgery vulnerability.

tags | exploit, web, csrf
systems | linux, centos
advisories | CVE-2019-13477
SHA-256 | ac74f5f7b06a995d875030245867e034334374afc0f014487faf49f644264983
CentOS 7.6.1810 Control Web Panel 0.9.8.837 Cross Site Scripting
Posted Aug 26, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS version 7.6.1810 with Control Web Panel version 0.9.8.837 suffers from a persistent cross site scripting vulnerability.

tags | exploit, web, xss
systems | linux, centos
advisories | CVE-2019-13476
SHA-256 | 75c43595c2ca8facaf005e68f433a5fb50f881898e16454e23e33907ffc28ffc
Plexo Torresoft Alex Torres Software 2.0 Cross Site Scripting / SQL Injection
Posted Aug 26, 2019
Authored by KingSkrupellos

Plexo Torresoft Alex Torres Software version 2.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 722f9c3eaa3d8b522543f41484a8670a88a5076220141614a2ffe3bef2561153
Debian Security Advisory 4507-1
Posted Aug 26, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4507-1 - Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform denial of service and cross-site scripting attacks, and potentially the execution of arbitrary code.

tags | advisory, remote, web, denial of service, arbitrary, cgi, vulnerability, xss
systems | linux, debian
advisories | CVE-2019-12525, CVE-2019-12527, CVE-2019-12529, CVE-2019-12854, CVE-2019-13345
SHA-256 | 102dff8cdfc700c7a5976e0e1116143994d1ce59068df780c80abd9cf39dc312
Debian Security Advisory 4506-1
Posted Aug 26, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4506-1 - Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or bypass of ACLs.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2018-20815, CVE-2019-13164, CVE-2019-14378
SHA-256 | 0a9a1b1a0cab98c6651b1d4d4ea0820c2dfe3abacd74c28f7e84a1abd8362147
openITCOCKPIT 3.6.1-2 Cross Site Request Forgery
Posted Aug 26, 2019
Authored by Julian Rittweger

openITCOCKPIT version 3.6.1-2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-10227
SHA-256 | cd8f018132601492c9039f8b48c44521cfef46e4288883b098d8018582a2e42e
Joomla EstateAgent 3.x SQL Injection
Posted Aug 26, 2019
Authored by KingSkrupellos

Joomla version 1.5.26 with EstateAgent component version 3.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f7570538cd1338ffc96ca5f0edda227eba2222617437ebe728f0f96c2b5f136e
Joomla OrgChart 1.0.0 Cross Site Scripting / SQL Injection
Posted Aug 26, 2019
Authored by KingSkrupellos

Joomla version 1.5.26 with OrgChart component version 1.0.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | b64254fbbce2c2fc4169e3cfde923448d12ea251398ca0cc215640d95be1d1c3
Joomla FireBoard 1.1.3 SQL Injection
Posted Aug 26, 2019
Authored by KingSkrupellos

Joomla version 1.5.26 with FireBoard component version 1.1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 78321e2b6dba443445bbc1515bc3f5f911e72c841799d051bb960dc4a25041c5
Joomla AlphaContent 3. SQL Injection
Posted Aug 26, 2019
Authored by KingSkrupellos

Joomla version 1.5.26 with AlphaContent component 3.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f6dc25da7af6ecb5198ac056f7c2db5af2917b692ab1f6ffb797a66b46633087
Apache Tapestry 5.3.6 HMAC Timing Attack
Posted Aug 26, 2019
Authored by David Tomaschik

Apache Tapestry version 5.3.6 suffers from a timing attack vulnerability during HMAC verification.

tags | advisory
advisories | CVE-2019-10071
SHA-256 | 2b8427db67e3d329acc8cb4dfc1895672828a371a3235ea047dedb0c4abe8079
WordPress UserPro 4.9.32 Cross Site Scripting
Posted Aug 26, 2019
Authored by Damian Ebelties

WordPress UserPro versions 4.9.32 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-14470
SHA-256 | 4e3d7ad441551b0b5e4a6cec1ebb421d4817843f9730abde7ea297949ef18a1a
ProGrade/Lierda Grill Temperature 1.00_50006 Hardcoded Credentials
Posted Aug 26, 2019
Authored by Tim Tepatti

ProGrade/Lierda Grill Temperature version 1.00_50006 suffers from having hard-coded credentials that allow for denial of service and information disclosure attacks.

tags | exploit, denial of service, info disclosure
advisories | CVE-2019-15304
SHA-256 | 7bcfdcb77f709ae35ff2e89f98e029bf7aef605975fd373de4d3f1ca74c07bc9
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close