exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2020-07-17

Plex Unpickle Dict Windows Remote Code Execution
Posted Jul 17, 2020
Authored by h00die, Chris Lyne | Site metasploit.com

This Metasploit module exploits an authenticated Python unsafe pickle.load of a Dict file. An authenticated attacker can create a photo library and add arbitrary files to it. After setting the Windows only Plex variable LocalAppDataPath to the newly created photo library, a file named Dict will be unpickled, which causes remote code execution as the user who started Plex. Plex_Token is required, to get it you need to log-in through a web browser, then check the requests to grab the X-Plex-Token header. See info -d for additional details. If an exploit fails, or is cancelled, Dict is left on disk, a new ALBUM_NAME will be required as subsequent writes will make Dict-1, and not execute.

tags | exploit, remote, web, arbitrary, code execution, python
systems | windows
advisories | CVE-2020-5741
SHA-256 | e2012f91e0f7c3c6e3c7a3f9dff3d5bbac47e45f6db5582aff00dfa52d4c1a26
WonderCMS 3.1.0 XSS / Directory Traversal / File Upload
Posted Jul 17, 2020
Authored by Calvin Phang | Site sec-consult.com

WonderCMS versions 3.1.0 and below suffer from directory traversal, persistent cross site scripting, and file upload vulnerabilities.

tags | advisory, vulnerability, xss, file upload
SHA-256 | c8f9cd68ea4db3c53c6e6bf260ab07eced2819f903c6aa21f0fb40a29486efcf
Red Hat Security Advisory 2020-2989-01
Posted Jul 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2989-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated version is .NET Core Runtime 2.1.20 and SDK 2.1.516. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1147
SHA-256 | b69255df338f904b339bf4b36978b0fb4141c2df774e4a3f607fc0fcbd5219c1
Apple Security Advisory 2020-07-15-5
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-5 - Safari 13.1.2 is now available and addresses bypass, code execution, cross site scripting, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9903, CVE-2020-9910, CVE-2020-9911, CVE-2020-9912, CVE-2020-9915, CVE-2020-9916, CVE-2020-9925
SHA-256 | 1b421a85bd25a29d1a8ef8a33834c09f9a1e2d31199a42034e2f2c283033a74a
Red Hat Security Advisory 2020-2988-01
Posted Jul 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2988-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated version is .NET Core Runtime 2.1.20 and SDK 2.1.516. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1147
SHA-256 | b747e45fa3f1fdc80774047b2c6261f0c36c8cea9e6fdcf56bf3185740ea862a
SMB12 Information Gathering
Posted Jul 17, 2020
Authored by Ivica Stipovic

SMB12 Information Gathering is a data gathering python script that inspects SMB1 and SMB2 endpoints. It will extract various attributes from the remote server such as OS version (only supported by SMB1 as per protocol definition), DNS computer name, DNS domain name, NetBIOS computer name and NetBIOS domain name (SMB1 and SMB2).

tags | tool, remote, scanner, protocol, python
systems | unix
SHA-256 | e713b9f00eeceaf145e55d75e97c40aaf051c7225870c50532a4c9110b7c13dd
Sonar Qube 8.3.1 Unquoted Service Path
Posted Jul 17, 2020
Authored by Velayutham Selvaraj

Sonar Qube version 8.3.1 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | c44cba3fc030821c0c854200d28259db076bfb6550edb82330fb302301aa5a2b
PMB 5.6 Cross Site Scripting
Posted Jul 17, 2020
Authored by 41-trk

PMB versions 5.6 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | dda11415737c7cc9fab61abc37019075bdc7d65d53068e6a505fda7f637e488d
Apple Security Advisory 2020-07-15-4
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-4 - watchOS 6.2.8 is now available and addresses bypass, code execution, cross site scripting, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-9862, CVE-2020-9865, CVE-2020-9885, CVE-2020-9888, CVE-2020-9889, CVE-2020-9890, CVE-2020-9891, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9909, CVE-2020-9910, CVE-2020-9915, CVE-2020-9916, CVE-2020-9918, CVE-2020-9923, CVE-2020-9925, CVE-2020-9933, CVE-2020-9936
SHA-256 | eb240d249974b955ca5bf0d3f511e98a4a4c348c07ad76b26472bbb443145fce
Simple Startup Manager 1.17 Buffer Overflow
Posted Jul 17, 2020
Authored by Povlteksttv

Simple Startup Manager version 1.17 local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | 18da94ec10e6a2c71414c0b092afd9b2dbaf4a39221556209be7d7b337cea7f0
VMware ESXi Use-After-Free / Out-Of-Bounds Access
Posted Jul 17, 2020
Authored by Google Security Research, Cfir Cohen

Several security issues have been identified in the VMware ESIx virtual machine monitor (VMM). A use-after-free (UAF) vulnerability in PVNVRAM, a missing return value check in EHCI USB controller leading to private heap information disclosure, and several out-of-bounds reads.

tags | advisory, info disclosure
advisories | CVE-2020-3960, CVE-2020-3963, CVE-2020-3964, CVE-2020-3965
SHA-256 | 9736a651dce3d31a53e949929fa5e638854317668ea1eefa6f0e52872f79d3a2
Apple Security Advisory 2020-07-15-3
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-3 - tvOS 13.4.8 is now available and addresses bypass, code execution, cross site scripting, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2019-14899, CVE-2020-9862, CVE-2020-9865, CVE-2020-9888, CVE-2020-9889, CVE-2020-9890, CVE-2020-9891, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9907, CVE-2020-9909, CVE-2020-9910, CVE-2020-9914, CVE-2020-9915, CVE-2020-9916, CVE-2020-9918, CVE-2020-9925, CVE-2020-9933, CVE-2020-9936
SHA-256 | 5acc44b7c3608b4487fb2303f0083a567bcdde5f825774c8c6b7d087e636eea6
Apple Security Advisory 2020-07-15-2
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-2 - macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra are now available and address buffer overflow, code execution, denial of service, out of bounds read, and out of bounds write vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2019-14899, CVE-2019-19906, CVE-2019-20807, CVE-2020-9799, CVE-2020-9864, CVE-2020-9865, CVE-2020-9866, CVE-2020-9870, CVE-2020-9878, CVE-2020-9884, CVE-2020-9885, CVE-2020-9888, CVE-2020-9889, CVE-2020-9890, CVE-2020-9891, CVE-2020-9913, CVE-2020-9918, CVE-2020-9934, CVE-2020-9936
SHA-256 | d95f20b4b23c2ac341545e9ac3c0ad384f7d69ead6709de54e59fc3a7be604a5
Apple Security Advisory 2020-07-15-1
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-1 - iOS 13.6 and iPadOS 13.6 are now available and address buffer overflow, bypass, code execution, cross site scripting, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss
systems | apple, ios
advisories | CVE-2019-14899, CVE-2019-19906, CVE-2020-9862, CVE-2020-9865, CVE-2020-9878, CVE-2020-9885, CVE-2020-9888, CVE-2020-9889, CVE-2020-9890, CVE-2020-9891, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9903, CVE-2020-9907, CVE-2020-9909, CVE-2020-9910, CVE-2020-9911, CVE-2020-9914, CVE-2020-9915, CVE-2020-9916, CVE-2020-9917, CVE-2020-9918, CVE-2020-9923, CVE-2020-9925, CVE-2020-9931, CVE-2020-9933, CVE-2020-9934
SHA-256 | a1083d1dcae4c16086a6b4d0fdbeb1f7753173e56db200075a539df34cf55741
CMSUno 1.6 Cross Site Request Forgery
Posted Jul 17, 2020
Authored by Noth

CMSUno version 1.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-15600
SHA-256 | 0ff79982a2ad6842fd7b67c8a2de490a0a35bc3a52eceb81b0d9ebf9df487342
Sifter 8.5
Posted Jul 17, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Additions and updates.
tags | tool, remote, local, scanner, vulnerability
systems | unix
SHA-256 | cdbb5b159a9b52273839333395d310750b2d91be18f07fedd296b2c5472fa87e
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close