exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-05-18

Dolibarr 11.0.3 Cross Site Scripting
Posted May 18, 2020
Authored by Mehmet Kelepce

Dolibarr version 11.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-13094
MD5 | 52e384087c86969ec3a47a020e703b34
Ubuntu Security Notice USN-4363-1
Posted May 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4363-1 - It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information. It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-11494, CVE-2020-11565, CVE-2020-11669, CVE-2020-12657
MD5 | 48a0a77413a79e658053d75f2fdc48ee
Ubuntu Security Notice USN-4362-1
Posted May 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4362-1 - It was discovered that DPDK incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-10722, CVE-2020-10724, CVE-2020-10725, CVE-2020-10726
MD5 | a2ab0e0f8076bb39ac7ebfb088d4a1a7
Red Hat Security Advisory 2020-2136-01
Posted May 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2136-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10712
MD5 | f9e72f10da76e628b93e6897482d8c4c
Pi-Hole heisenbergCompensator Blocklist OS Command Execution
Posted May 18, 2020
Authored by h00die, Nick Frichette | Site metasploit.com

This Metasploit module exploits a command execution in Pi-Hole versions 4.4 and below. A new blocklist is added, and then an update is forced (gravity) to pull in the blocklist content. PHP content is then written to a file within the webroot. Phase 1 writes a sudo pihole command to launch teleporter, effectively running a privilege escalation. Phase 2 writes our payload to teleporter.php, overwriting the content. Lastly, the phase 1 PHP file is called in the web root, which launches our payload in teleporter.php with root privileges.

tags | exploit, web, root, php
advisories | CVE-2020-11108
MD5 | 45a7854959d2d37b594d4f7a3b3c052e
Oracle Hospitality RES 3700 5.7 Remote Code Execution
Posted May 18, 2020
Authored by Walid Faour

Oracle Hospitality RES 3700 versions 5.7 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-3025
MD5 | c43ca26e1faff41ecc77118d33516e65
nfstream 5.1.1
Posted May 18, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Fixed custom expiration handling.
tags | tool, python
systems | unix
MD5 | 7ef7f5e399ef767e25a2a17da0b09f3a
WordPress Ajax Load More 5.3.1 SQL Injection
Posted May 18, 2020
Authored by Nguyen Khang

WordPress Ajax Load More plugin version 5.3.1 suffers from an authenticated remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 28e6409feee28f6bcdeb20ea4ed162f0
Ubuntu Security Notice USN-4361-1
Posted May 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4361-1 - Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service. Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-10957, CVE-2020-10958
MD5 | ee13a535cad8f0e8821745b2f10bb60e
Red Hat Security Advisory 2020-2067-01
Posted May 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2067-01 - This release of Red Hat build of Thorntail 2.5.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include HTTP request smuggling, bypass, cross site request forgery, cross site scripting, denial of service, and out of bounds read vulnerabilities.

tags | advisory, web, denial of service, vulnerability, xss, csrf
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-10199, CVE-2019-10201, CVE-2019-10219, CVE-2019-12400, CVE-2019-12406, CVE-2019-12419, CVE-2019-14540, CVE-2019-14820, CVE-2019-14832, CVE-2019-14838, CVE-2019-14887, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-20330, CVE-2019-3875, CVE-2019-9511, CVE-2019-9512, CVE-2019-9514
MD5 | a208726ba1bc74cc917982d0dc15b0c2
Online Chatting System 1.0 SQL Injection
Posted May 18, 2020
Authored by BKpatron

Online Chatting System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a6039a21614d2e9ba8d00930dc11c018
Online Healthcare Management System 1.0 SQL Injection
Posted May 18, 2020
Authored by BKpatron

Online Healthcare Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | f2306a51314966bb8d44be79d83b4cd1
Online Healthcare Patient Record Management System 1.0 SQL Injection
Posted May 18, 2020
Authored by Daniel Monzon

Online Healthcare Patient Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | cf22f6afb7e05bc86655142c256f69fd
Online Examination System 1.0 SQL Injection
Posted May 18, 2020
Authored by BKpatron

Online Examination System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | dd5b4fc41616acdedf874099bfaa2b50
Forma.LMS The E-Learning Suite 2.3.0.2 Cross Site Scripting
Posted May 18, 2020
Authored by Daniel Ortiz

Forma.LMS The E-Learning Suite version 2.3.0.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4b7a101d4543ed9ab869159a0c1cce95
Page 1 of 1
Back1Next

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    13 Files
  • 28
    May 28th
    18 Files
  • 29
    May 29th
    17 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close