sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
851bffce1429aa9a8c33f9bb331ec6f9Ubuntu Security Notice 4350-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.80 in Ubuntu 19.10 and Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.30. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
43ddd44cac0c35d4333096b1e929612eRed Hat Security Advisory 2020-1938-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
d2cda04c5371a3514b493a253713dcf0Red Hat Security Advisory 2020-1942-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
6e3c9d5af93801f60c9dc9ee76106209File Explorer for iOS version 1.4 suffers from an access bypass vulnerability.
8910745a66b81d5ec6532517286efb89Red Hat Security Advisory 2020-1939-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
6ee8bf57407b201be145e8d6b2b3bbdaWhitepaper called Blind CreateRemoteThread Privilege Escalation.
f2ae35b6d0134df40c8af021bb141e40Red Hat Security Advisory 2020-1940-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a use-after-free vulnerability.
1f2dd22a45a919c285b2fb8438d29952Red Hat Security Advisory 2020-1937-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a use-after-free vulnerability.
219ea2ff7e12620cc58ba4241402cc2daddressbook version 9.0.0.1 suffers from a remote SQL injection vulnerability.
46f9e67a67921a342beaa2b6469e0931sshprank is a fast SSH mass-scanner, login cracker, and banner grabber tool using the python-masscan and shodan modules.
0f9c6447d34caaa40906b8b9ce3b12d3Frigate version 3.36 SEH buffer overflow exploit that pops a calculator.
1605d4f1f7fe3af8cb17d05ea2e8604cRed Hat Security Advisory 2020-1936-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include HTTP request smuggling and out of bounds write vulnerabilities.
9e30b6923cb82d43b85e263fab78ee48Outline Service version 1.3.3 suffers from an unquoted service path vulnerability.
be0b1f81bcd2fca4f2cad4ba681dda3fThis Metasploit module exploits a .NET deserialization vulnerability in the Veeam ONE Agent before the hotfix versions 9.5.5.4587 and 10.0.1.750 in the 9 and 10 release lines. Specifically, the module targets the HandshakeResult() method used by the Agent. By inducing a failure in the handshake, the Agent will deserialize untrusted data. Tested against the pre-patched release of 10.0.0.750. Note that Veeam continues to distribute this version but with the patch pre-applied.
4cc88186becfea9734cde8949048101eThis Metasploit module is an exploit that takes advantage of xglance-bin, part of HP's Glance (or Performance Monitoring) version 11 and subsequent, which was compiled with an insecure RPATH option. The RPATH includes a relative path to -L/lib64/ which can be controlled by a user. Creating libraries in this location will result in an escalation of privileges to root.
2d52c1f98bc8caf5ed131ceaf2d906c0BoltWire version 6.03 suffers from a local file inclusion vulnerability.
4592e504295e563f4cf421c3c26ba239Fishing Reservation System suffers from multiple remote SQL injection vulnerabilities.
2aaa59d78fca12b13c59f0f84e809e13
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed