what you don't know can hurt you
Showing 1 - 11 of 11 RSS Feed

Files Date: 2020-01-03

elaniin CMS 1.0 SQL Injection
Posted Jan 3, 2020
Authored by riamloo

elaniin CMS version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | c4a6cf7e91401d6bd28306941ae5f7b0
Codoforum 4.8.3 Cross Site Scripting
Posted Jan 3, 2020
Authored by Prasanth c41m, Vyshnav Vizz

Codoforum version 4.8.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 224bdae3d61f348955430fa041c6af85
IceWarp 12.2.0 / 12.1.x Cross Site Scripting
Posted Jan 3, 2020
Site redteam-pentesting.de

IceWarp versions 12.2.0 and 12.1.x suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-19266
MD5 | 6c27cdc2fb3e29acafb5a2445cb0a827
ESET Generic Malformed Archive Bypass
Posted Jan 3, 2020
Authored by Thierry Zoller

Various ESET products suffer from a malformed archive bypass vulnerability. The parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive Compression Information Field so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

tags | advisory, virus, bypass
MD5 | f10f389ae694b215abb2e4c2a013b423
Kaspersky Generic Archive Bypass
Posted Jan 3, 2020
Authored by Thierry Zoller

Various Kaspersky products suffer from a malformed archive bypass vulnerability. The parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

tags | advisory, virus, bypass
MD5 | ca36137639ccd5a94d3f5edfcf83fc20
AVIRA Generic Antivirus Bypass
Posted Jan 3, 2020
Authored by Thierry Zoller

AVIRA engine versions below 8.3.54.138 suffer from a generic bypass vulnerability. The parsing engine supports the ISO container format. The parsing engine can be bypassed by specifically manipulating an ISO container so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

tags | advisory, virus, bypass
MD5 | c0e4ae9f187665effb5e7ea15ffb7ef3
Plantronics Hub 3.13.2 Local Privilege Escalation
Posted Jan 3, 2020
Authored by Markus Krell

Plantronics Hub version 3.13.2 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 940f917a8a972290c818f9bafe30c592
Karakuzu ERP Management Web 5.7.0 SQL Injection
Posted Jan 3, 2020
Authored by Hakan Taskopru

Karakuzu ERP Management Web version 5.7.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | a8fa1ad24436b2f3a5c05a2b660a030b
Red Hat Security Advisory 2020-0002-01
Posted Jan 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0002-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2019-1348, CVE-2019-1349, CVE-2019-1352, CVE-2019-1387
MD5 | cd36234c89e0c2d5402da66131bbaedf
Small CRM 2.0 SQL Injection
Posted Jan 3, 2020
Authored by FULLSHADE

Small CRM version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 6485b757ad496b8249f9cb6c0e61680d
FTPGetter Professional 5.97.0.223 Denial Of Service
Posted Jan 3, 2020
Authored by FULLSHADE

FTPGetter Professional version 5.97.0.223 null pointer dereference denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
advisories | CVE-2020-5183
MD5 | 7075de9a8e1c61f20efa618be87432d8
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    7 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close