exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-12-08

FlexDotnetCMS 1.5.8 Arbitrary ASP File Upload
Posted Dec 8, 2020
Authored by Erik Wynter | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability in FlexDotnetCMS versions 1.5.8 and prior in order to execute arbitrary commands with elevated privileges.

tags | exploit, arbitrary, file upload
advisories | CVE-2020-27386
SHA-256 | 47b81343e2c7ec2c740cde41827515920f9357ae6d5bec55de8ab24845c398f4
OpenSSL Toolkit 1.1.1i
Posted Dec 8, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed NULL pointer deref in the GENERAL_NAME_cmp function. Added support for Apple Silicon M1 Macs with the darwin64-arm64-cc target. A client-side call was changed. In 1.1.1h, an expired trusted (root) certificate was not anymore rejected when validating a certificate path. This check is restored in 1.1.1i.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2020-1971
SHA-256 | e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242
Red Hat Security Advisory 2020-5379-01
Posted Dec 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5379-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15180
SHA-256 | 987fc6352ad4543fccbee7d27a5be317761dfe825bda8e3c12f82b0211c01e75
Red Hat Security Advisory 2020-5372-01
Posted Dec 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5372-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.

tags | advisory, perl, protocol
systems | linux, redhat
advisories | CVE-2020-15862
SHA-256 | ab304a550dc3df7a547c9f4b013999a8df5d647801cc107297c38358b7f8b71d
Red Hat Security Advisory 2020-5369-01
Posted Dec 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5369-01 - The microcode_ctl packages provide microcode updates for Intel. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8695, CVE-2020-8696, CVE-2020-8698
SHA-256 | 5d8deac190de5db61a2d54f0c631584dd9ffc0ca388161c03570c1bf590b4480
Ubuntu Security Notice USN-4656-2
Posted Dec 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4656-2 - USN-4656-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM. Jan-Niklas Sohn discovered that the X.Org X Server XKB extension incorrectly handled certain inputs. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-14360
SHA-256 | 256a56f5fc88fd65518912b573cfd4e3fbafff47dd7dc2dac9560497080ab47e
Dup Scout Enterprise 10.0.18 Buffer Overflow
Posted Dec 8, 2020
Authored by sickness, Tulpa, 0rbz_

Dup Scout Enterprise version 10.0.18 suffers from a remote buffer overflow vulnerability.

tags | exploit, remote, overflow
SHA-256 | 0d9e00f68aff1390cbf778030b3bad1d0909dfe43398e6e3d52770cce05d2f4b
Druva inSync Windows Client 6.6.3 Privilege Escalation
Posted Dec 8, 2020
Authored by Matteo Malvica

Druva inSync Windows Client version 6.6.3 suffers from a local privilege escalation vulnerability.

tags | exploit, local
systems | windows
advisories | CVE-2020-5752
SHA-256 | bea8421c672e643ef68b0807bd851677d620618aa81d41bcb9baf9ae9e521007
Employee Performance Evaluation System 1.0 Cross Site Scripting
Posted Dec 8, 2020
Authored by Ritesh Gohil

Employee Performance Evaluation System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4d1ffa5f892dd086e290f6c9a4de9b1797f3c7cb61722d70f9519527a3acfe60
Red Hat Security Advisory 2020-5374-01
Posted Dec 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5374-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2020-25641
SHA-256 | fddc7b9930f8b629fd1cc7b4b5a9083df59aa7f16cbdc9c437a9e83e3ca5ffb7
API Security Overview
Posted Dec 8, 2020
Authored by SunCSR

Whitepaper called API Security Overview that discusses different types of flaws and exploitation of API insecurities.

tags | paper
SHA-256 | 19487e6fb12e5fd2ce1d15d579fca1015fa6eb99c113ccce6a7fd2ae4947256b
Red Hat Security Advisory 2020-5365-01
Posted Dec 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5365-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.0 serves as a replacement for Red Hat AMQ Broker 7.7.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include cross site scripting and server-side request forgery vulnerabilities.

tags | advisory, vulnerability, protocol, xss
systems | linux, redhat
advisories | CVE-2015-5183, CVE-2019-9827, CVE-2020-13932, CVE-2020-27216
SHA-256 | 8697b746ab2a47b1d90f0bb825389950884d10f9f4396d03dd356147283c114f
Online Bus Ticket Reservation 1.0 SQL Injection
Posted Dec 8, 2020
Authored by Sakshi Sharma

Online Bus Ticket Reservation version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 6125e99ca25695a42038812b51dbf6d89803e19a29980557e649fa49fb12f0fa
Student Management System Project PHP 1.0 Cross Site Scripting
Posted Dec 8, 2020
Authored by Krishna Yadav

Student Management System PHP version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, php, xss
advisories | CVE-2020-25955
SHA-256 | 8392a0caf24c17f8a1d127d3504c635a3817ad69a9e9599d2137bd55a34b324e
Online Bus Booking System Project Using PHP MySQL 1.0 SQL Injection
Posted Dec 8, 2020
Authored by Krishna Yadavu

Online Bus Booking System Project using PHP MySQL version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, php, sql injection
advisories | CVE-2020-25889
SHA-256 | fbff8e118a7e5e64204407d45012b67fa50531c8633d30e8753f90ae09878de7
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close