exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-02-10

Red Hat Security Advisory 2020-0464-01
Posted Feb 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0464-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a bypass vulnerability.

tags | advisory, protocol, bypass
systems | linux, redhat
advisories | CVE-2019-14824
SHA-256 | 3a9fe038ed53beb56f31eff942d2be803be30ee8eeeb857c0cde275dea03a23c
Debian Security Advisory 4618-1
Posted Feb 10, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4618-1 - An out-of-bounds write vulnerability due to an integer overflow was reported in libexif, a library to parse EXIF files, which could result in denial of service, or potentially the execution of arbitrary code if specially crafted image files are processed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2019-9278
SHA-256 | c179eaaaef7143e1cb2c6653751bd0e79267e988cd5eacd79bb4afe1a5830efe
Debian Security Advisory 4619-1
Posted Feb 10, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4619-1 - Guillaume Teissier reported that the XMLRPC client in libxmlrpc3-java, an XML-RPC implementation in Java, does perform deserialization of the server-side exception serialized in the faultCause attribute of XMLRPC error response messages. A malicious XMLRPC server can take advantage of this flaw to execute arbitrary code with the privileges of an application using the Apache XMLRPC client library.

tags | advisory, java, arbitrary
systems | linux, debian
advisories | CVE-2019-17570
SHA-256 | 182a250ef2e3e8f678cce9391e0c00303ca592e52445db910d67c6a8a5f5f866
Vanilla Forum 2.6.3 Cross Site Scripting
Posted Feb 10, 2020
Authored by Sayak Naskar

Vanilla Forum version 2.6.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-8825
SHA-256 | 61c0f7051e79bc5c6c73c93002845e0816322dd10cfaa04e3aee0cb2b3123499
WordPress InfiniteWP Client Authentication Bypass
Posted Feb 10, 2020
Authored by wvu, WebARX | Site metasploit.com

This Metasploit module exploits an authentication bypass in the WordPress InfiniteWP Client plugin to log in as an administrator and execute arbitrary PHP code by overwriting the file specified by PLUGIN_FILE. The module will attempt to retrieve the original PLUGIN_FILE contents and restore them after payload execution. If VerifyContents is set, which is the default setting, the module will check to see if the restored contents match the original. Note that a valid administrator username is required for this module. WordPress versions greater than and equal to 4.9 are currently not supported due to a breaking WordPress API change. Tested against 4.8.3.

tags | exploit, arbitrary, php
SHA-256 | 46fe60790b9bf89534e2a83e420722f916eab06cd0cd0b2036421fb2f052a420
Ubuntu Security Notice USN-4274-1
Posted Feb 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4274-1 - It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-19956
SHA-256 | 802de440c7b605c26cadaddd30d5b50dc4092628a4a2584daa2a3f2b1b01afcd
LearnDash WordPress LMS 3.1.2 Cross Site Scripting
Posted Feb 10, 2020
Authored by Jinson Varghese Behanan

LearnDash WordPress LMS plugin version 3.1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-7108
SHA-256 | b8f171cf29223140e8c42cb11d39be46962e88800c6a7f33342a6a57935df5f2
Wedding Slideshow Studio 1.36 Buffer Overflow
Posted Feb 10, 2020
Authored by ZwX

Wedding Slideshow Studio version 1.36 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 08ab4f0a3f1e0c45caef121b37eb9ab900c98c8753f10257ceac1c5f70b1eeee
Ubuntu Security Notice USN-4275-1
Posted Feb 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4275-1 - It was discovered that Qt incorrectly handled certain PPM images. If a user or automated system were tricked into opening a specially crafted PPM file, a remote attacker could cause Qt to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Qt incorrectly handled certain text files. If a user or automated system were tricked into opening a specially crafted text file, a remote attacker could cause Qt to crash, resulting in a denial of service. This issue only affected Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-19872, CVE-2019-18281, CVE-2020-0569, CVE-2020-0570
SHA-256 | 467b0b686fa95afca3b4658ae837f3e2eb3cb62130d163c0dc96760e345c1152
ExpertGPS 6.38 XML Injection
Posted Feb 10, 2020
Authored by Trent Gordon

ExpertGPS version 6.38 suffers from an XML external entity injection vulnerability.

tags | exploit
SHA-256 | fc6cb6c0ba1587090a4154bc1adad108309657592a7685cdc3a977b2c6b9e8cf
Google Invisible RECAPTCHA 3 Spoof Bypass
Posted Feb 10, 2020
Authored by Matamorphosis

Google Invisible RECAPTCHA version 3 suffers from a spoofing bypass vulnerability.

tags | exploit, spoof, bypass
SHA-256 | 62c2212bece7108fc09a73f497c3ef985a32245402538521fc562b60c967c293
Apache2 Web Server Hardening Article
Posted Feb 10, 2020
Authored by Kadir Yapar

This is an article discussing Apache2 Web Server hardening. Written in Turkish.

tags | paper, web, conference
SHA-256 | c23b6241ab29b4315d799f47941a125d4ceb75f7a81b0e78d648bf51638f0eaf
QuickDate 1.3.2 SQL Injection
Posted Feb 10, 2020
Authored by Ihsan Sencan

QuickDate version 1.3.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 71c06374db344d3f540b22e4cf38f43f8268f0a756eb009a09dd7a257175d478
Forcepoint WebSecurity 8.5 Cross Site Scripting
Posted Feb 10, 2020
Authored by Prasenjit Kanti Paul

Forcepoint WebSecurity version 8.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-6146
SHA-256 | 1fa5dba1f913cf71355930627abc1b9c38395b9f292520f07ff6ab2f2daf1e12
Linux/x86 Bind Shell Generator Shellcode
Posted Feb 10, 2020
Authored by Bobby Cooke

114 bytes small Linux/x86 bind shell generator shellcode.

tags | shell, x86, shellcode
systems | linux
SHA-256 | 1e7612da16986e3cb4c25c855cdc90ea5787caa9e5e7169bf210c923678fd670
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close