what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2020-07-03

File Management System 1.1 Cross Site Scripting
Posted Jul 3, 2020
Authored by KeopssGroup0day Inc

File Management System version 1.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6760937171e4603abd1a973f62fc8ee3f1c10c5e71c1ca89263849fb9a6ed1a3
Android o2 Business 1.2.0 Open Redirect
Posted Jul 3, 2020
Authored by Julien Ahrens | Site rcesecurity.com

o2 Business for Android version 1.2.0 suffers from an open redirection vulnerability.

tags | exploit
advisories | CVE-2020-11882
SHA-256 | ed073540b55db066df4e43d61452b19af671d57a6dad0ef1271c98600b232356
AppleiOS 13.5.1 Resource Exposure
Posted Jul 3, 2020
Authored by Philipp Buchegger | Site syss.de

Apple iOS version 13.5.1 suffers from an issue where it is possible to circumvent the copy and paste restriction from the company profile to the private profile. Thus, it is possible to extract attachments that can be previewed ("Quick Look") in the native Mail client to any private app.

tags | exploit
systems | apple, ios
SHA-256 | 2010fb70717eed823f1bf4f1c9f8436da1844b077ea4ef32867f8306a4680a29
Froala WYSIWYG HTML Editor 3.1.1 Cross Site Scripting
Posted Jul 3, 2020
Authored by Emanuel Duss

Froala WYSIWYG HTML Editor versions 3.0.6 through 3.1.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-19935
SHA-256 | bdfe7870a6bfb2049e8c75da603ea32348be1f41280ca90de30fc97cec47171d
Bolt CMS 3.7.0 XSS / CSRF / Shell Upload
Posted Jul 3, 2020
Authored by Sivanesh Ashok

Bolt CMS versions 3.7.0 and below suffer from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities that when combined can achieve remote code execution in one click.

tags | exploit, remote, shell, vulnerability, code execution, xss, csrf
advisories | CVE-2020-4040, CVE-2020-4041
SHA-256 | 63f82ab2668cd76e8c576715141ddcdae04ec41e73b11fc6fb4a9139a2bf5851
Ubuntu Security Notice USN-4413-1
Posted Jul 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4413-1 - Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. It was discovered that the SCSI generic driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-10711, CVE-2020-10751, CVE-2020-12768, CVE-2020-12770, CVE-2020-13143
SHA-256 | 7a63d1c745b27c7f807d07be0abf46a26c852cbe525f46d1aa4f51136fa76590
Ubuntu Security Notice USN-4412-1
Posted Jul 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4412-1 - Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. It was discovered that the SCSI generic driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-10711, CVE-2020-10751, CVE-2020-12768, CVE-2020-12770, CVE-2020-13143
SHA-256 | 4ff2368c3d486b4136ca213bbadd144700d05b48e79abfc439bdeeb2dc463585
Ubuntu Security Notice USN-4411-1
Posted Jul 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4411-1 - It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local attacker could use this to possibly expose sensitive information. Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-10711, CVE-2020-10732, CVE-2020-12768, CVE-2020-12770, CVE-2020-13143
SHA-256 | 77e9c423b2b22128a3f4021165dc16f0f69900cc8b3347190e6b8901fb3fdede
Ubuntu Security Notice USN-4414-1
Posted Jul 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4414-1 - It was discovered that the network block device implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service. It was discovered that the btrfs file system implementation in the Linux kernel did not properly validate file system metadata in some situations. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2019-12380, CVE-2019-16089, CVE-2019-19039, CVE-2019-19318, CVE-2019-19377, CVE-2019-19462, CVE-2019-19813, CVE-2019-19816, CVE-2020-10711, CVE-2020-12770, CVE-2020-13143
SHA-256 | ec1a7baec52bd131ecb393a55700b5d470ac7a5dd70696941fbd4f55b47787c4
Ubuntu Security Notice USN-4410-1
Posted Jul 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4410-1 - A double-free bug was discovered in snmpd server. An authenticated user could potentially cause a DoS by sending a crafted request to the server.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-20892
SHA-256 | 7e00938f433fc52f65dc9d7418d27840ada4961e56649b55e96b5325913cf957
OCS Inventory NG 2.7 Remote Code Execution
Posted Jul 3, 2020
Authored by Askar

OCS Inventory NG version 2.7 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-14947
SHA-256 | 8db0eac32fb7a342c1daddb40e1e0d0616bf7f0bbafcb81612ed17bfba8b9129
ZenTao Pro 8.8.2 Command Injection
Posted Jul 3, 2020
Authored by Daniel Monzon, Melvin Boers

ZenTao Pro version 8.8.2 suffers from a remote command injection vulnerability.

tags | exploit, remote
SHA-256 | 88047021ac7e39af78404eaf3bc03d029ca987e039a286560260a125bbf65e1f
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close