exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2020-12-08

FlexDotnetCMS 1.5.8 Arbitrary ASP File Upload
Posted Dec 8, 2020
Authored by Erik Wynter | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability in FlexDotnetCMS versions 1.5.8 and prior in order to execute arbitrary commands with elevated privileges.

tags | exploit, arbitrary, file upload
advisories | CVE-2020-27386
SHA-256 | 47b81343e2c7ec2c740cde41827515920f9357ae6d5bec55de8ab24845c398f4
OpenSSL Toolkit 1.1.1i
Posted Dec 8, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed NULL pointer deref in the GENERAL_NAME_cmp function. Added support for Apple Silicon M1 Macs with the darwin64-arm64-cc target. A client-side call was changed. In 1.1.1h, an expired trusted (root) certificate was not anymore rejected when validating a certificate path. This check is restored in 1.1.1i.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2020-1971
SHA-256 | e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242
Red Hat Security Advisory 2020-5379-01
Posted Dec 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5379-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15180
SHA-256 | 987fc6352ad4543fccbee7d27a5be317761dfe825bda8e3c12f82b0211c01e75
Red Hat Security Advisory 2020-5372-01
Posted Dec 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5372-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.

tags | advisory, perl, protocol
systems | linux, redhat
advisories | CVE-2020-15862
SHA-256 | ab304a550dc3df7a547c9f4b013999a8df5d647801cc107297c38358b7f8b71d
Red Hat Security Advisory 2020-5369-01
Posted Dec 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5369-01 - The microcode_ctl packages provide microcode updates for Intel. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8695, CVE-2020-8696, CVE-2020-8698
SHA-256 | 5d8deac190de5db61a2d54f0c631584dd9ffc0ca388161c03570c1bf590b4480
Ubuntu Security Notice USN-4656-2
Posted Dec 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4656-2 - USN-4656-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM. Jan-Niklas Sohn discovered that the X.Org X Server XKB extension incorrectly handled certain inputs. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-14360
SHA-256 | 256a56f5fc88fd65518912b573cfd4e3fbafff47dd7dc2dac9560497080ab47e
Dup Scout Enterprise 10.0.18 Buffer Overflow
Posted Dec 8, 2020
Authored by sickness, Tulpa, 0rbz_

Dup Scout Enterprise version 10.0.18 suffers from a remote buffer overflow vulnerability.

tags | exploit, remote, overflow
SHA-256 | 0d9e00f68aff1390cbf778030b3bad1d0909dfe43398e6e3d52770cce05d2f4b
Druva inSync Windows Client 6.6.3 Privilege Escalation
Posted Dec 8, 2020
Authored by Matteo Malvica

Druva inSync Windows Client version 6.6.3 suffers from a local privilege escalation vulnerability.

tags | exploit, local
systems | windows
advisories | CVE-2020-5752
SHA-256 | bea8421c672e643ef68b0807bd851677d620618aa81d41bcb9baf9ae9e521007
Employee Performance Evaluation System 1.0 Cross Site Scripting
Posted Dec 8, 2020
Authored by Ritesh Gohil

Employee Performance Evaluation System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4d1ffa5f892dd086e290f6c9a4de9b1797f3c7cb61722d70f9519527a3acfe60
Red Hat Security Advisory 2020-5374-01
Posted Dec 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5374-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2020-25641
SHA-256 | fddc7b9930f8b629fd1cc7b4b5a9083df59aa7f16cbdc9c437a9e83e3ca5ffb7
API Security Overview
Posted Dec 8, 2020
Authored by SunCSR

Whitepaper called API Security Overview that discusses different types of flaws and exploitation of API insecurities.

tags | paper
SHA-256 | 19487e6fb12e5fd2ce1d15d579fca1015fa6eb99c113ccce6a7fd2ae4947256b
Red Hat Security Advisory 2020-5365-01
Posted Dec 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5365-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.0 serves as a replacement for Red Hat AMQ Broker 7.7.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include cross site scripting and server-side request forgery vulnerabilities.

tags | advisory, vulnerability, protocol, xss
systems | linux, redhat
advisories | CVE-2015-5183, CVE-2019-9827, CVE-2020-13932, CVE-2020-27216
SHA-256 | 8697b746ab2a47b1d90f0bb825389950884d10f9f4396d03dd356147283c114f
Online Bus Ticket Reservation 1.0 SQL Injection
Posted Dec 8, 2020
Authored by Sakshi Sharma

Online Bus Ticket Reservation version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 6125e99ca25695a42038812b51dbf6d89803e19a29980557e649fa49fb12f0fa
Student Management System Project PHP 1.0 Cross Site Scripting
Posted Dec 8, 2020
Authored by Krishna Yadav

Student Management System PHP version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, php, xss
advisories | CVE-2020-25955
SHA-256 | 8392a0caf24c17f8a1d127d3504c635a3817ad69a9e9599d2137bd55a34b324e
Online Bus Booking System Project Using PHP MySQL 1.0 SQL Injection
Posted Dec 8, 2020
Authored by Krishna Yadavu

Online Bus Booking System Project using PHP MySQL version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, php, sql injection
advisories | CVE-2020-25889
SHA-256 | fbff8e118a7e5e64204407d45012b67fa50531c8633d30e8753f90ae09878de7
OpenSSL Security Advisory 20201208
Posted Dec 8, 2020
Site openssl.org

OpenSSL Security Advisory 20201208 - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack.

tags | advisory, denial of service
advisories | CVE-2020-1971
SHA-256 | d48c1e3c5eb58b46a89fda9c0bae3907dd380c730114864f619b546510c72f3b
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close