what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-04-03

Memu Play 7.1.3 Insecure Folder Permissions
Posted Apr 3, 2020
Authored by chuyreds

Memu Play version 7.1.3 suffers from an insecure folder permissions vulnerability.

tags | exploit
MD5 | f78440d9a85e66bb3afc9ade2072d4fa
LimeSurvey 4.1.11 Path Traversal
Posted Apr 3, 2020
Authored by Matthew Aberegg, Michael Burkey

LimeSurvey version 4.1.11 suffers from a File Manager path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2020-11455
MD5 | 15a17460c92285cb9514da2991c14b64
Mirus Landing Page Cross Site Scripting
Posted Apr 3, 2020
Authored by thelastvvv

Mirus Landing Page version 1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 755b728cf6ef2bb8b083761977d392a8
Seabreeze Consulting Cross Site Scripting
Posted Apr 3, 2020
Authored by thelastvvv

Seabreeze Consulting version 1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 36c7eacfcff90917b068e6bab6c2f2ca
From Zero Credentials To Full Domain Compromise
Posted Apr 3, 2020
Authored by Haboob Team

Whitepaper called From Zero Credentials to Full Domain Compromise. This paper covers techniques penetration testers can use in order to accomplish an initial foothold on target networks and achieve full domain compromise without executing third party applications or reusing clear text credentials.

tags | paper
MD5 | 1ff5ec3e70d3db856604bdc2d5d41811
Pandora FMS 7.0NG Remote Code Execution
Posted Apr 3, 2020
Authored by Basim Alabdullah

Pandora FMS version 7.0NG suffers from a net_tools.php remote code execution vulnerability.

tags | exploit, remote, php, code execution
MD5 | a6cfa63dd5a875fd53b5c5870eff7bb8
13enforme CMS SQL Injection / Cross Site Scripting
Posted Apr 3, 2020
Authored by thelastvvv

13enforme CMS version 1 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 11c8645246bd7dc43aedecc0d391bd8f
DotNetNuke Cookie Deserialization Remote Code Execution
Posted Apr 3, 2020
Authored by Jon Park, Jon Seigel | Site metasploit.com

This Metasploit module exploits a deserialization vulnerability in DotNetNuke (DNN) versions 5.0.0 through 9.3.0-RC. Vulnerable versions store profile information for users in the DNNPersonalization cookie as XML. The expected structure includes a "type" attribute to instruct the server which type of object to create on deserialization. The cookie is processed by the application whenever it attempts to load the current user's profile data. This occurs when DNN is configured to handle 404 errors with its built-in error page (default configuration). An attacker can leverage this vulnerability to execute arbitrary code on the system.

tags | exploit, arbitrary
advisories | CVE-2017-9822, CVE-2018-15811, CVE-2018-15812, CVE-2018-18325, CVE-2018-18326
MD5 | a46ced34de58e34a992dcabd9db22e68
VMware Fusion USB Arbitrator Setuid Privilege Escalation
Posted Apr 3, 2020
Authored by h00die, Grimm, Rich Mirch, Dhanesh Kizhakkinan, jeffball | Site metasploit.com

This Metasploit module exploits an improper use of setuid binaries within VMware Fusion versions 10.1.3 through 11.5.3. The Open VMware USB Arbitrator Service can be launched outside of its standard path which allows loading of an attacker controlled binary. By creating a payload in the user home directory in a specific folder, and creating a hard link to the Open VMware USB Arbitrator Service binary, we are able to launch it temporarily to start our payload with an effective UID of 0.

tags | exploit
advisories | CVE-2020-3950
MD5 | d08444e1220f418c3e6c94a4bcbeee5b
Apache Solr 8.3.0 Velocity Template Remote Code Execution
Posted Apr 3, 2020
Authored by Imran Dawoodjee, JAS502N, s00py, AleWong | Site metasploit.com

This Metasploit module exploits a vulnerability in Apache Solr versions 8.3.0 and below which allows remote code execution via a custom Velocity template. Currently, this module only supports Solr basic authentication. From the Tenable advisory: An attacker could target a vulnerable Apache Solr instance by first identifying a list of Solr core names. Once the core names have been identified, an attacker can send a specially crafted HTTP POST request to the Config API to toggle the params resource loader value for the Velocity Response Writer in the solrconfig.xml file to true. Enabling this parameter would allow an attacker to use the Velocity template parameter in a specially crafted Solr request, leading to remote code execution.

tags | exploit, remote, web, code execution
advisories | CVE-2019-17558
MD5 | b5dc475b45fed04ef8882d4f1ad70e5d
SQLMAP - Automatic SQL Injection Tool 1.4.4
Posted Apr 3, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | baa24818b694a958fff75a5b3300f825
Gentoo Linux Security Advisory 202004-06
Posted Apr 3, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-6 - A regression in GnuTLS breaks the security guarantees of the DTLS protocol. Versions less than 3.6.13 are affected.

tags | advisory, protocol
systems | linux, gentoo
MD5 | b34ef42844841cb6e42dcda384998efd
Ubuntu Security Notice USN-4316-2
Posted Apr 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4316-2 - USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-14553, CVE-2019-11038
MD5 | 974fa84156e30a0a57445f492d8a5c44
Ubuntu Security Notice USN-4316-1
Posted Apr 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4316-1 - It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. It was discovered that GD Graphics Library incorrectly handled loading images from X bitmap format files. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service, or to disclose contents of the stack that has been left there by previous code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-14553, CVE-2019-11038
MD5 | b09ee9b58c468fb819c495efe5c9e3f1
Red Hat Security Advisory 2020-1308-01
Posted Apr 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1308-01 - The org.ovirt.engine-root is a core component of oVirt.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2019-10086, CVE-2019-17195
MD5 | 042587da184d6137dd1038b7ca8c8384
Page 1 of 1
Back1Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close