what you don't know can hurt you
Showing 1 - 11 of 11 RSS Feed

Files Date: 2020-01-03

elaniin CMS 1.0 SQL Injection
Posted Jan 3, 2020
Authored by riamloo

elaniin CMS version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | c4a6cf7e91401d6bd28306941ae5f7b0
Codoforum 4.8.3 Cross Site Scripting
Posted Jan 3, 2020
Authored by Prasanth c41m, Vyshnav Vizz

Codoforum version 4.8.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 224bdae3d61f348955430fa041c6af85
IceWarp 12.2.0 / 12.1.x Cross Site Scripting
Posted Jan 3, 2020
Site redteam-pentesting.de

IceWarp versions 12.2.0 and 12.1.x suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-19266
MD5 | 6c27cdc2fb3e29acafb5a2445cb0a827
ESET Generic Malformed Archive Bypass
Posted Jan 3, 2020
Authored by Thierry Zoller

Various ESET products suffer from a malformed archive bypass vulnerability. The parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive Compression Information Field so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

tags | advisory, virus, bypass
MD5 | f10f389ae694b215abb2e4c2a013b423
Kaspersky Generic Archive Bypass
Posted Jan 3, 2020
Authored by Thierry Zoller

Various Kaspersky products suffer from a malformed archive bypass vulnerability. The parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

tags | advisory, virus, bypass
MD5 | ca36137639ccd5a94d3f5edfcf83fc20
AVIRA Generic Antivirus Bypass
Posted Jan 3, 2020
Authored by Thierry Zoller

AVIRA engine versions below 8.3.54.138 suffer from a generic bypass vulnerability. The parsing engine supports the ISO container format. The parsing engine can be bypassed by specifically manipulating an ISO container so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

tags | advisory, virus, bypass
MD5 | c0e4ae9f187665effb5e7ea15ffb7ef3
Plantronics Hub 3.13.2 Local Privilege Escalation
Posted Jan 3, 2020
Authored by Markus Krell

Plantronics Hub version 3.13.2 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 940f917a8a972290c818f9bafe30c592
Karakuzu ERP Management Web 5.7.0 SQL Injection
Posted Jan 3, 2020
Authored by Hakan Taskopru

Karakuzu ERP Management Web version 5.7.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | a8fa1ad24436b2f3a5c05a2b660a030b
Red Hat Security Advisory 2020-0002-01
Posted Jan 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0002-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2019-1348, CVE-2019-1349, CVE-2019-1352, CVE-2019-1387
MD5 | cd36234c89e0c2d5402da66131bbaedf
Small CRM 2.0 SQL Injection
Posted Jan 3, 2020
Authored by FULLSHADE

Small CRM version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 6485b757ad496b8249f9cb6c0e61680d
FTPGetter Professional 5.97.0.223 Denial Of Service
Posted Jan 3, 2020
Authored by FULLSHADE

FTPGetter Professional version 5.97.0.223 null pointer dereference denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
advisories | CVE-2020-5183
MD5 | 7075de9a8e1c61f20efa618be87432d8
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close