exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-12-02

SALTO ProAccess SPACE 5.5 Traversal / File Write / XSS / Bypass
Posted Dec 2, 2019
Authored by W. Schober | Site sec-consult.com

SALTO ProAccess SPACE versions 5.5 and below suffer from path traversal, arbitrary file write, persistent cross site scripting, privilege escalation, and clear text transmission of sensitive data vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss
advisories | CVE-2019-19457, CVE-2019-19458, CVE-2019-19459, CVE-2019-19460
MD5 | 4ca7d9b553568cfa84f8e2a9b3783f36
Packet Storm New Exploits For November, 2019
Posted Dec 2, 2019
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 180 exploits added to Packet Storm in November, 2019.

tags | exploit
MD5 | 2182fe04c8b045514aa1f94e9ea39dcb
I2P 0.9.44
Posted Dec 2, 2019
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various bug fixes.
tags | tool
systems | unix
MD5 | 7cb0b7eb7cfd6ba96764d499bded54db
Ajenti 2.1.31 Command Injection
Posted Dec 2, 2019
Authored by Jeremy Brown, Onur ER | Site metasploit.com

This Metasploit module exploits a command injection in Ajenti version 2.1.31. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned.

tags | exploit, shell
MD5 | 7c4130c9c91b99ff51567ab20d19ea6e
SQLMAP - Automatic SQL Injection Tool 1.3.12
Posted Dec 2, 2019
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | c2cc97b70eead019d4bca860e3b7ce45
Red Hat Security Advisory 2019-4045-01
Posted Dec 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4045-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-14837, CVE-2019-14838, CVE-2019-14843, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
MD5 | 91e8ff9b945c9105d43b77a28ffab7e1
Red Hat Security Advisory 2019-4042-01
Posted Dec 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4042-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-14837, CVE-2019-14838, CVE-2019-14843, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
MD5 | ddc26e736967cd56a9fb8f4b91a99f5a
Red Hat Security Advisory 2019-4041-01
Posted Dec 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4041-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-14837, CVE-2019-14838, CVE-2019-14843, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
MD5 | 6a7a4162d8b1756adaccfe83c6f9700b
Red Hat Security Advisory 2019-4040-01
Posted Dec 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4040-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-14837, CVE-2019-14838, CVE-2019-14843, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
MD5 | 7ee83fd001db510d0c3d63edfb7077c5
Red Hat Security Advisory 2019-4037-01
Posted Dec 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4037-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.2 serves as a replacement for Red Hat Data Grid 7.3.1 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-11307, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2019-10158
MD5 | f0a4e6733749d33c3f0d9b2d9ff97c12
Red Hat Security Advisory 2019-4024-01
Posted Dec 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4024-01 - Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14906
MD5 | e2afefd669b409269a967ba65c1b1589
Microsoft Visual Studio 2008 Express IDE XML Injection
Posted Dec 2, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Visual Studio 2008 Express IDE suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | 789e0a22b8214672e24e1c11ee00b829
Dokuwiki 2018-04-22b Username Enumeration
Posted Dec 2, 2019
Authored by Talha Sen

Dokuwiki version 2018-04-22b suffers from a username enumeration vulnerability.

tags | exploit
MD5 | e7533fa839fdd496e040a3329ea00401
Anviz CrossChex 4.3.12 Local Buffer Overflow
Posted Dec 2, 2019
Authored by Pedro Rodrigues, Luis Catarino

Anviz CrossChex version 4.3.12 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 9138f4c491e1f718ef30d6e17993a44d
NSAuditor 3.1.8.0 Key Denial Of Service
Posted Dec 2, 2019
Authored by sajjadbnd

NSAuditor version 3.1.8.0 suffers from a Key denial of service vulnerability.

tags | exploit, denial of service
MD5 | 35fb3894705a2007f79a99dca4f3eb6f
NSAuditor 3.1.8.0 Name Denial Of Service
Posted Dec 2, 2019
Authored by sajjadbnd

NSAuditor version 3.1.8.0 suffers from a Name denial of service vulnerability.

tags | exploit, denial of service
MD5 | 126d3caf27d58ab2ad8faba624b6b44f
Page 1 of 1
Back1Next

File Archive:

January 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    8 Files
  • 2
    Jan 2nd
    11 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    2 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    18 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    10 Files
  • 10
    Jan 10th
    13 Files
  • 11
    Jan 11th
    2 Files
  • 12
    Jan 12th
    4 Files
  • 13
    Jan 13th
    21 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    12 Files
  • 16
    Jan 16th
    18 Files
  • 17
    Jan 17th
    11 Files
  • 18
    Jan 18th
    3 Files
  • 19
    Jan 19th
    2 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    22 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close