what you don't know can hurt you
Showing 1 - 7 of 7 RSS Feed

Files Date: 2020-07-10

HelloWeb 2.0 Arbitrary File Download
Posted Jul 10, 2020
Authored by bRpsd

HelloWeb version 2.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
MD5 | 9e44907bb4c42a58065396ca233c0190
Barangay Management System 1.0 SQL Injection
Posted Jul 10, 2020
Authored by BKpatron

Barangay Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
MD5 | 9e2e4c2e400cf28065cec0ee5b40156a
Sifter 8
Posted Jul 10, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Additions include Espionage, KatanaFramework, PowerHub, MetaSploit, Spiderfoot, and Email2PhoneNumber. Various fixes.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 32d4677dbd11ce03da6fd2315b2f43f0
Rittal Products Bypass / Command Injection / Privilege Escalation
Posted Jul 10, 2020
Authored by Johannes Kruchem, C. Svoboda | Site sec-consult.com

Multiple Rittal Products based on the same software suffer from CLI menu bypass, insecure configuration, hard-coded backdoor account, outdated component, command injection, and privilege escalation vulnerabilities. Products include but are not limited to CMC III PU Compact, CMC III PU 7030.000 PDU (whole portfolio), LCP-CW, and IoT Interface 3124.300.

tags | exploit, vulnerability
advisories | CVE-2020-11951, CVE-2020-11952, CVE-2020-11953, CVE-2020-11955, CVE-2020-11956
MD5 | 5e04df5718d707c3b3f9da0c2c4fb014
Colin Percival's bsdiff 4.3 Memory Corruption
Posted Jul 10, 2020
Authored by Luis Merino

A memory corruption vulnerability is present in bspatch as shipped in Colin Percival's bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries. Proof of concept included.

tags | exploit, proof of concept
advisories | CVE-2020-14315
MD5 | cef9b1de3a8748695b5af13fa5aeeb11
Impress CMS 1.4.0 Code Execution / SQL Injection
Posted Jul 10, 2020
Authored by AppleBois

Impress CMS version 1.4.0 has an issue where an authenticated user can make use of the AutoTask feature to execute php code, allowing for remote SQL injection and remote code execution.

tags | exploit, remote, php, code execution, sql injection
MD5 | b5f8c806b5bde139ab34a7e35d46ad18
Microsoft OneDrive 19.232.1124.0010 DLL Hijacking
Posted Jul 10, 2020
Authored by Yorick Koster, Securify B.V.

A file hijacking vulnerability was found in the Microsoft OneDrive client. This vulnerability allows a local attacker to plant a DLL file on the local machine. This DLL will then be loaded whenever (another) user launches OneDrive, running with the privileges of the victim. This issue was successfully verified on Microsoft OneDrive version 19.232.1124.0010.

tags | exploit, local
MD5 | 834603f1a95f27a160459efee2807af1
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    11 Files
  • 12
    Aug 12th
    11 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close