Memu Play version 7.1.3 suffers from an insecure folder permissions vulnerability.
f78440d9a85e66bb3afc9ade2072d4fa
LimeSurvey version 4.1.11 suffers from a File Manager path traversal vulnerability.
15a17460c92285cb9514da2991c14b64
Mirus Landing Page version 1 suffers from a cross site scripting vulnerability.
755b728cf6ef2bb8b083761977d392a8
Seabreeze Consulting version 1 suffers from a cross site scripting vulnerability.
36c7eacfcff90917b068e6bab6c2f2ca
Whitepaper called From Zero Credentials to Full Domain Compromise. This paper covers techniques penetration testers can use in order to accomplish an initial foothold on target networks and achieve full domain compromise without executing third party applications or reusing clear text credentials.
1ff5ec3e70d3db856604bdc2d5d41811
Pandora FMS version 7.0NG suffers from a net_tools.php remote code execution vulnerability.
a6cfa63dd5a875fd53b5c5870eff7bb8
13enforme CMS version 1 suffers from cross site scripting and remote SQL injection vulnerabilities.
11c8645246bd7dc43aedecc0d391bd8f
This Metasploit module exploits a deserialization vulnerability in DotNetNuke (DNN) versions 5.0.0 through 9.3.0-RC. Vulnerable versions store profile information for users in the DNNPersonalization cookie as XML. The expected structure includes a "type" attribute to instruct the server which type of object to create on deserialization. The cookie is processed by the application whenever it attempts to load the current user's profile data. This occurs when DNN is configured to handle 404 errors with its built-in error page (default configuration). An attacker can leverage this vulnerability to execute arbitrary code on the system.
a46ced34de58e34a992dcabd9db22e68
This Metasploit module exploits an improper use of setuid binaries within VMware Fusion versions 10.1.3 through 11.5.3. The Open VMware USB Arbitrator Service can be launched outside of its standard path which allows loading of an attacker controlled binary. By creating a payload in the user home directory in a specific folder, and creating a hard link to the Open VMware USB Arbitrator Service binary, we are able to launch it temporarily to start our payload with an effective UID of 0.
d08444e1220f418c3e6c94a4bcbeee5b
This Metasploit module exploits a vulnerability in Apache Solr versions 8.3.0 and below which allows remote code execution via a custom Velocity template. Currently, this module only supports Solr basic authentication. From the Tenable advisory: An attacker could target a vulnerable Apache Solr instance by first identifying a list of Solr core names. Once the core names have been identified, an attacker can send a specially crafted HTTP POST request to the Config API to toggle the params resource loader value for the Velocity Response Writer in the solrconfig.xml file to true. Enabling this parameter would allow an attacker to use the Velocity template parameter in a specially crafted Solr request, leading to remote code execution.
b5dc475b45fed04ef8882d4f1ad70e5d
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
baa24818b694a958fff75a5b3300f825
Gentoo Linux Security Advisory 202004-6 - A regression in GnuTLS breaks the security guarantees of the DTLS protocol. Versions less than 3.6.13 are affected.
b34ef42844841cb6e42dcda384998efd
Ubuntu Security Notice 4316-2 - USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. Various other issues were also addressed.
974fa84156e30a0a57445f492d8a5c44
Ubuntu Security Notice 4316-1 - It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. It was discovered that GD Graphics Library incorrectly handled loading images from X bitmap format files. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service, or to disclose contents of the stack that has been left there by previous code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
b09ee9b58c468fb819c495efe5c9e3f1
Red Hat Security Advisory 2020-1308-01 - The org.ovirt.engine-root is a core component of oVirt.
042587da184d6137dd1038b7ca8c8384