exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-04-27

Ubuntu Security Notice USN-4340-1
Posted Apr 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4340-1 - It was discovered that CUPS incorrectly handled certain language values. A local attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. Stephan Zeisberg discovered that CUPS incorrectly handled certain malformed ppd files. A local attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-2228, CVE-2020-3898
SHA-256 | ccfd27d16a20c2accb7df3037e5f1940fecb8a018bc426b2324a65ea0a940d99
Ubuntu Security Notice USN-4332-2
Posted Apr 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4332-2 - USN-4332-1 fixed vulnerabilities in File Roller. This update provides the corresponding update for Ubuntu 20.04 LTS. It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-11736
SHA-256 | 4788ccc8c468f49f1ab170252efde183c81d0510664b3538867867134fb4f7dc
Source Engine CS:GO Build 4937372 Arbitrary Code Execution
Posted Apr 27, 2020
Authored by SebastianPC, BugByte, 0xEmma

Source Engine CS:GO BuildID: 4937372 arbitrary code execution exploit.

tags | exploit, arbitrary, code execution
SHA-256 | ffd749992e5cb493cb63add16c6e88efcfea4c67c1c4ca5e4e2fc218d45b13ac
CloudMe 1.11.2 Buffer Overflow
Posted Apr 27, 2020
Authored by hyp3rlinx, Andy Bowden

CloudMe version 1.11.2 buffer overflow proof of concept exploit. Original vulnerability discovered by hyp3rlinx.

tags | exploit, overflow, proof of concept
advisories | CVE-2018-6892
SHA-256 | ed65bed8b662b7e2d11fe184fc29b26b92fddd08fc3a706685a4125ca60acc16
Bing.com Hostname / IP Enumerator 1.0.2
Posted Apr 27, 2020
Authored by Andrew Horton | Site morningstarsecurity.com

This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.

Changes: Fixed a couple of bugs. Added an animated GIF of searching Bing.com to README.
tags | tool, scanner, bash
systems | linux, unix
SHA-256 | 1edf0c378bb51329cb87cf581499ceb5bf11db8419e73a8fb388b9e4cee169fc
Docker-Credential-Wincred.exe Privilege Escalation
Posted Apr 27, 2020
Authored by bwatters-r7, Morgan Roman | Site metasploit.com

This Metasploit module exploit leverages a vulnerability in Docker Desktop Community Edition versions prior to 2.1.0.1 where an attacker can write a payload to a lower-privileged area to be executed automatically by the docker user at login.

tags | exploit
advisories | CVE-2019-15752
SHA-256 | eaa66458a1be58495d72ac8518ba2b5c7ce4adda66caa2a735da2834489bbc19
Ubuntu Security Notice USN-4339-1
Posted Apr 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4339-1 - Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS. Tan Jie discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-9111, CVE-2018-18444, CVE-2020-11758, CVE-2020-11761, CVE-2020-11762, CVE-2020-11765
SHA-256 | e426962a70c8b7a825343e78d2aa05c9659d4fa3b96aadd08d37b33f414c786e
Geeklog 2.2.1 SQL Injection
Posted Apr 27, 2020
Authored by Daniel Bishtawi | Site netsparker.com

Geeklog version 2.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3987cd81d2356bb96e526b3ae6284b3627084e01a5b51be5398a58f8623f4271
Maian Support Helpdesk 4.3 Cross Site Request Forgery
Posted Apr 27, 2020
Authored by Besim Altinok, Ismail Bozkurt

Maian Support Helpdesk version 4.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | f732247ccd77724c59068dc011d5274b4885e3e2c6c70dc88526101f88b9bf95
Online Course Registration 2.0 SQL Injection
Posted Apr 27, 2020
Authored by Daniel Monzon

Online Course Registration 2.0 suffers from authentication bypass and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 26afb62846a4c92f004b9a7cac3b03d936d7e88b0188192473b7c8520d10e860
Online Shopping System Advanced 1.0 SQL Injection
Posted Apr 27, 2020
Authored by Majid Kalantari

Online Shopping System Advanced version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | efd5a9f3f1e40344af3a00a4925ab9ad0d45b69728c9be5f76f013c50f4795fb
Geeklog 2.2.1 Cross Site Scripting
Posted Apr 27, 2020
Authored by Daniel Bishtawi | Site netsparker.com

Geeklog version 2.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f09b4321392d46cac96cfb38a413370b837f5d321c2ff8238902c285c9a2ac84
Netis E1+ 1.2.32533 Password Leak
Posted Apr 27, 2020
Authored by Besim Altinok, Ismail Bozkurt

Netis E1+ version 1.2.32533 suffers from an unauthenticated wifi password disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 22c6eed82cd184d674f9e862a3b0574408ff7a45a255bcccda54e918885ea94b
PHP-Fusion 9.03.50 Arbitrary File Upload
Posted Apr 27, 2020
Authored by Besim Altinok, Ismail Bozkurt, AkkuS

PHP-Fusion version 9.03.50 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, php, file upload
SHA-256 | 69aa4aacb58fc312485978e341d93b5ea3b1cb194a17714065b2bf439c337cd5
Netis E1+ 1.2.32533 Hardcoded Backdoor Account
Posted Apr 27, 2020
Authored by Besim Altinok, Ismail Bozkurt

Netis E1+ version 1.2.32533 suffers from having a hardcoded backdoor root account.

tags | exploit, root
SHA-256 | 101f5f9d63572b971009ec923cb7dab35a4b35023571d98fe8be367bfe672fe6
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close