Memu Play version 7.1.3 suffers from an insecure folder permissions vulnerability.
c6532b434d2368c471dc24e8fd958f54738563280df5302d6515c3cc92e1e907LimeSurvey version 4.1.11 suffers from a File Manager path traversal vulnerability.
bf5a0e91bdbc5c3f5a359190e6096a3b9eeab16103c3bf4d7cd42dc1a31b6492Mirus Landing Page version 1 suffers from a cross site scripting vulnerability.
d0ac409673f63ce02355b56ca92a83530a916b6915dd084e93afc95c262319b9Seabreeze Consulting version 1 suffers from a cross site scripting vulnerability.
1f3325442680aaec6251278da0daba2e54dbbde77fbdcd6c9e7b6855e46754abWhitepaper called From Zero Credentials to Full Domain Compromise. This paper covers techniques penetration testers can use in order to accomplish an initial foothold on target networks and achieve full domain compromise without executing third party applications or reusing clear text credentials.
d144ad77a37772ef7438ee197b5897733e66ad7a5604341fd7ff544e87768022Pandora FMS version 7.0NG suffers from a net_tools.php remote code execution vulnerability.
d454f418936799e9e87e21106791463980378279e2a5c88c06144c06c9fc338b13enforme CMS version 1 suffers from cross site scripting and remote SQL injection vulnerabilities.
a6a490b2f371a27e2f0821767995ce8bad44a708e68d124ff2e7e77ebfc083e7This Metasploit module exploits a deserialization vulnerability in DotNetNuke (DNN) versions 5.0.0 through 9.3.0-RC. Vulnerable versions store profile information for users in the DNNPersonalization cookie as XML. The expected structure includes a "type" attribute to instruct the server which type of object to create on deserialization. The cookie is processed by the application whenever it attempts to load the current user's profile data. This occurs when DNN is configured to handle 404 errors with its built-in error page (default configuration). An attacker can leverage this vulnerability to execute arbitrary code on the system.
c15d6192612f437cf484dc020ac552bdc70b7c384832da75e346c09f0a4accfaThis Metasploit module exploits an improper use of setuid binaries within VMware Fusion versions 10.1.3 through 11.5.3. The Open VMware USB Arbitrator Service can be launched outside of its standard path which allows loading of an attacker controlled binary. By creating a payload in the user home directory in a specific folder, and creating a hard link to the Open VMware USB Arbitrator Service binary, we are able to launch it temporarily to start our payload with an effective UID of 0.
aaad84a1a18f4d6b57a25d43ba08582ab6803df92a1e0f17d5239252a6bec296This Metasploit module exploits a vulnerability in Apache Solr versions 8.3.0 and below which allows remote code execution via a custom Velocity template. Currently, this module only supports Solr basic authentication. From the Tenable advisory: An attacker could target a vulnerable Apache Solr instance by first identifying a list of Solr core names. Once the core names have been identified, an attacker can send a specially crafted HTTP POST request to the Config API to toggle the params resource loader value for the Velocity Response Writer in the solrconfig.xml file to true. Enabling this parameter would allow an attacker to use the Velocity template parameter in a specially crafted Solr request, leading to remote code execution.
04c5dd5b8815196c9a380f26b4389f5a970acbe465ccd84df68c9cd5c9543808sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
3c3e89163c7506b4c09e8c0ee9227db007a4708f3a69a838e8a6b751379ffc49Gentoo Linux Security Advisory 202004-6 - A regression in GnuTLS breaks the security guarantees of the DTLS protocol. Versions less than 3.6.13 are affected.
236f3008df549a560fcbb4731c07be1005968aecb4a0cf9ddb7cae3974d8ea98Ubuntu Security Notice 4316-2 - USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. Various other issues were also addressed.
218deee73665281bbc104f7e4be70fad037f2c3a97d9f6ad8071ad2285fb68cfUbuntu Security Notice 4316-1 - It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. It was discovered that GD Graphics Library incorrectly handled loading images from X bitmap format files. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service, or to disclose contents of the stack that has been left there by previous code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
de2a3fdf9dfb25c0df16fc64fa7f4c0111949fc349df8fa63020c38e4adebd49Red Hat Security Advisory 2020-1308-01 - The org.ovirt.engine-root is a core component of oVirt.
6d49aad39f001e94ce1f0bd15d3874416dd877e4fa5930856871b792a8ce0a23
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed