sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
2f8b64881afdbd044dcf3707dc7f56e7347e3332a692dfe79fb59ef71c7bb769Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit this vulnerability to trigger a buffer overflow on the stack and gain remote code execution as the user running the Documalis Free PDF Editor or Documalis Free PDF Scanner software.
a470639faa2ee4a0b417e12596275b4d8fa9a29716deb25f60c4b8b3b2b5cd5cGantt-Chart for Jira versions 5.5.4 and below suffer from a cross site scripting vulnerability.
dba9c39f62d06702328bfd60b00d5294682d93ffb3a9a9a32da2fcec3d90878cGantt-Chart for Jira versions 5.5.3 and below misses a privilege check which allows an attacker to read and write the module configuration for other users.
9df2362de6597719f21d5c1862f3e1d1ce649c17851a9656ab81b49eafc4b5ffRed Hat Security Advisory 2020-3247-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. Issues addressed include code execution and cross site scripting vulnerabilities.
e6f2535c6436b0a735b170e94bf5d8887dbf21ad4b4d2db85d0b797efa770f33Red Hat Security Advisory 2020-3308-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3.2 serves as a replacement for Red Hat JBoss Web Server 5.3.1, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a denial of service vulnerability.
cc6e76667f7826d1e0bf63bc67bcfe44310c01596903dfd71f062c6d853f550aRed Hat Security Advisory 2020-3306-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3.2 serves as a replacement for Red Hat JBoss Web Server 5.3.1, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a denial of service vulnerability.
746c15b38ddf58a167d303475f5eb2c23fa0430ac47e219fc015ff7c0ae16528Red Hat Security Advisory 2020-3305-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 10 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.
c243b17e41ad7e85f479e20ba6faa1fef7e0ab201e56fd7ca1a104d4ca29c03cRed Hat Security Advisory 2020-3303-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 10 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.
72459dedb4bc87767ff9ec4e3a6d02e13077fcfa240e22e8b5884e01dbfea3a3Red Hat Security Advisory 2020-3302-01 - The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Issues addressed include an out of bounds read vulnerability.
6beb1c9eac5d214731da44f1734c6e36eeee46f2c1cf4468dcf0c171c83e41c5Red Hat Security Advisory 2020-3298-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.
0e11f5df8ab413e8b8b66ed5ab45db4d86fd9e72490a32e4442647e1a844cf75Red Hat Security Advisory 2020-3299-01 - The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Issues addressed include an out of bounds read vulnerability.
8ca868d9c353910487e49a7be482d766717ffac8e961ec9e7bd64a6792198617Red Hat Security Advisory 2020-3297-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
06a593e82c01f3daf197540c7f91660654f1c4197cbd7da4e15de22c5f092926Ubuntu Security Notice 4298-2 - USN-4298-1 fixed several vulnerabilities in SQLite. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
1f6b622226413e4a80acf52e302ba6f843a1f35b875d754c4b9f9a93a0dce4cec-ares version 1.16.0 has an issue where ares_destroy() with pending ares_getaddrinfo() leads to a use-after-free condition.
7dac05abea704e153870ceb3821b9fcf3b37ca198add02caa774bdda39438cd9Mocha Telnet Lite for iOS version 4.2 denial of service proof of concept exploit.
9a5a8b0a5f54690053bd1374cd29bcc29b691e578bc3aa0a707b95622c235114Daily Expenses Management System version 1.0 suffers from a remote SQL injection vulnerability.
3efa582c4893fa82399e8262ebac0060bdda7742f46759c49dd3cb4a8ed400d7RTSP for iOS version 1.0 denial of service proof of concept exploit.
b845ab4fd8a9a18a827935204013614fad80dc1e037171e6411158ca11b4c166Pi-hole version 4.3.2 authenticated remote code execution exploit.
6c7ede8fd156dade480fdec18d5548dbf5d48ae94edd0fb6b8ff372bb2220dcaSifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.
7901b9fbfb7f13e927a9fe63e233b6b62a4999a9a2a5c8565124319a97b9ef7dCar Rental Management System version 1.0 unauthenticated remote code execution exploit.
ded9539f93f93225baca3f19309a19831bccb44a855907289ad395322a75422eCar Rental Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
6527e433c91a38dda3f42d94a7b2be8037e10eda89003ebc226ebb4f46464ecc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed