what you don't know can hurt you
Showing 1 - 21 of 21 RSS Feed

Files Date: 2020-05-06

Kentico CMS 12.0.14 Remote Command Execution
Posted May 6, 2020
Authored by aushack, Manoj Cherukuri, Justin LeMay | Site metasploit.com

This Metasploit module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote command execution is possible via unauthenticated XML requests to the Staging Service SyncServer.asmx interface ProcessSynchronizationTaskData method stagingTaskData parameter. XML input is passed to an insecure .NET deserialize call which allows for remote command execution.

tags | exploit, remote
advisories | CVE-2019-10068
MD5 | 56021ce239bc4ef2d157567974ec70ff
Extreme Networks Aerohive HiveOS 11.x Denial Of Service
Posted May 6, 2020
Authored by LiquidWorm | Site zeroscience.mk

Extreme Networks Aerohive HiveOS versions 11.x and below remote denial of service exploit. An unauthenticated malicious user can trigger a denial of service (DoS) attack when sending specific application layer packets towards the Aerohive NetConfig UI. This proof of concept exploit renders the application unusable for 305 seconds or 5 minutes with a single HTTP request using the action.php5 script calling the CliWindow function thru the _page parameter, denying access to the web server hive user interface.

tags | exploit, remote, web, denial of service, proof of concept
MD5 | 8bc523d3b61e243e2e55cdddefe4c905
Red Hat Security Advisory 2020-2040-01
Posted May 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2040-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, web, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-12519, CVE-2019-12525, CVE-2020-11945
MD5 | c9ead37292b9249a859c083433b15484
Ubuntu Security Notice USN-4330-2
Posted May 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4330-2 - USN-4330-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash. Various other issues were also addressed.

tags | advisory, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-7064, CVE-2020-7065, CVE-2020-7066
MD5 | fa624b67647513f5623dee65a7767548
Online Clothing Store 1.0 Cross Site Scripting
Posted May 6, 2020
Authored by Sushant Kamble

Online Clothing Store version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3f9fbd5516f63dbc5068334c68b46cd2
Online Clothing Store 1.0 SQL Injection
Posted May 6, 2020
Authored by Sushant Kamble

Online Clothing Store version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ff6487a8ff05ed05abe1c7c229afe958
Red Hat Security Advisory 2020-2041-01
Posted May 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2041-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, web, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-12519, CVE-2019-12525, CVE-2020-11945
MD5 | 91f1d0708e541b9b967faeb3cedc7eae
Red Hat Security Advisory 2020-2038-01
Posted May 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2038-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, web, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-12519, CVE-2020-11945
MD5 | 4badb46a025fb208e4e9eae47c65fa1d
webTareas 2.0.p8 Arbitrary File Deletion
Posted May 6, 2020
Authored by Besim Altinok, Ismail Bozkurt

webTareas version 2.0.p8 suffers from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
MD5 | 4849cf10e832e9f4e0e65663fcc13bca
Red Hat Security Advisory 2020-2039-01
Posted May 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2039-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, web, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-12519, CVE-2020-11945
MD5 | e34751fe93b7cf17d8fbcd6dd1b756c1
Red Hat Security Advisory 2020-2036-01
Posted May 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2036-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-12387, CVE-2020-12392, CVE-2020-12395, CVE-2020-6831
MD5 | 0971f4bca4c7daa230881114edcce45c
YesWiki cercopitheque 2020.04.18.1 SQL Injection
Posted May 6, 2020
Authored by coiffeur

YesWiki cercopitheque version 2020.04.18.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8ffa605c3b8536237c57ba523f09defd
Red Hat Security Advisory 2020-2037-01
Posted May 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2037-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-12387, CVE-2020-12392, CVE-2020-12395, CVE-2020-6831
MD5 | 5de2ea83e1cbda3181f2424820d97cb9
Pisay Online E-Learning System 1.0 SQL Injection / Code Execution
Posted May 6, 2020
Authored by Bobby Cooke

Pisay Online E-Learning System version 1.0 suffers from remote SQL Injection and code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection
MD5 | c0c573cce24cfaa86ad1d9b4c0ba79e7
Red Hat Security Advisory 2020-2031-01
Posted May 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2031-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-12387, CVE-2020-12392, CVE-2020-12395, CVE-2020-6831
MD5 | bc650517bed7cd4181a689876c0b57d7
MPC Sharj 3.11.1 Arbitrary File Download
Posted May 6, 2020
Authored by sajjadbnd

MPC Sharj version 3.11.1 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
MD5 | 5d42c18e78231dafd9f93befffb43d6a
Red Hat Security Advisory 2020-2032-01
Posted May 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2032-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-12387, CVE-2020-12392, CVE-2020-12395, CVE-2020-6831
MD5 | 5927736c05927d131317cb3bd7e1fe48
Red Hat Security Advisory 2020-2033-01
Posted May 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2033-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-12387, CVE-2020-12392, CVE-2020-12395, CVE-2020-6831
MD5 | 3f34a9e30c47445fb42985fd9a05b67f
Booked Scheduler 2.7.7 Directory Traversal
Posted May 6, 2020
Authored by Besim Altinok, Ismail Bozkurt

Booked Scheduler version 2.7.7 suffers from an authenticated directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | a4735a7d21fe839b802938d376f307c3
i-doit Open Source CMDB 1.14.1 Arbitrary File Deletion
Posted May 6, 2020

i-doit Open Source CMDB version 1.14.1 suffers from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
MD5 | cc4978dd5b9d6cd49ac359cd7da11458
GitLab 12.9.0 Arbitrary File Read
Posted May 6, 2020
Authored by KouroshRZ

GitLab version 12.9.0 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary
MD5 | cf73f52d03d76f7e24d3a491f13973ab
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close