exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2021-01-15

Ubuntu Security Notice USN-4693-1
Posted Jan 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4693-1 - It was discovered that an SQL injection vulnerability exists in the Ampache search engine. Any user able to perform searches could dump any data contained in the database. An attacker could use this to disclose sensitive information. It was discovered that an XSS vulnerability in Ampache. An attacker could use this vulnerability to force an admin to create a new privileged user. Various other issues were also addressed.

tags | advisory, sql injection
systems | linux, ubuntu
advisories | CVE-2019-12385, CVE-2019-12386
MD5 | 19e32413eae87248300241c7423c86b4
UFW - A Beginners Guide To Linux Firewall
Posted Jan 15, 2021
Authored by Achint Basoya

Whitepaper called UFW - A Beginners Guide to Linux Firewall. The white paper is intended to provide information about a Linux firewall using a simple tool called UFW. It provides complete information on the tool and various ways through which users can create their own firewall rules to protects their assets.

tags | paper
systems | linux
MD5 | 3f0bb94817761f100839d5cdd6f95239
Netsia SEBA+ 0.16.1 Authentcation Bypass / Add Root User
Posted Jan 15, 2021
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits an authentication bypass in Netsia SEBA+ versions 0.16.1 and below to add a root user.

tags | exploit, root, bypass
MD5 | 48e1d8f9d10632c1de0461c5d272f23d
WhatWeb Scanner 0.5.5
Posted Jan 15, 2021
Authored by Andrew Horton | Site morningstarsecurity.com

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.

Changes: 1 fix, 8 new plugins, and 3 plugin updates.
tags | tool, web, scanner, javascript
systems | unix
MD5 | bc2f2e427e390103121096cda4697849
Alumni Management System 1.0 Cross Site Scripting
Posted Jan 15, 2021
Authored by Siva Rajendran

Alumni Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of cross scripting vulnerability in this version is attributed to Valerio Alessandroni in December of 2020.

tags | exploit, xss
MD5 | 7e7f7e920f13cf33daa0a40bb09f0cc3
E-Learning System 1.0 SQL Injection / Shell Upload
Posted Jan 15, 2021
Authored by Saurav Shukla, Himanshu Shukla

E-Learning System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass and also suffers from remote code execution via file upload functionality.

tags | exploit, remote, code execution, sql injection, file upload
MD5 | bd3d65870be0207ac9da305059435137
Ubuntu Security Notice USN-4694-1
Posted Jan 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4694-1 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-28374
MD5 | 39bd5d296c952869b692a804fbc44d89
Linux/x86 Bindshell Shellcode
Posted Jan 15, 2021
Authored by ac3

65 bytes small Linux/x86 bindshell shellcode that binds /bin/sh to TCP/0.0.0.0:13377.

tags | x86, tcp, shellcode
systems | linux
MD5 | b50ae92a79eb994d20eae879ab538a64
Backdoor.Win32.Ncx.bt Remote Stack Buffer Overflow
Posted Jan 15, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Ncx.bt malware suffers from a remote stack buffer overflow vulnerability.

tags | exploit, remote, overflow
systems | windows
MD5 | f5bce01787682bf3fb97234b39073682
EyesOfNetwork 5.3 Remote Code Execution
Posted Jan 15, 2021
Authored by Ariane.Blow

EyesOfNetwork version 5.3 suffers from a remote code execution vulnerability that leverages file upload. Original discovery of remote code execution in this version is attributed to Clement Billac in February of 2020.

tags | exploit, remote, code execution, file upload
MD5 | 080019485e2ef8b6d7f66a5cd8adfc99
Red Hat Security Advisory 2021-0146-01
Posted Jan 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0146-01 - Red Hat OpenShift Serverless 1.12.0 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.6, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2018-20843, CVE-2019-13050, CVE-2019-13627, CVE-2019-14889, CVE-2019-15903, CVE-2019-16168, CVE-2019-19221, CVE-2019-19906, CVE-2019-19956, CVE-2019-20218, CVE-2019-20387, CVE-2019-20388, CVE-2019-20454, CVE-2019-5018, CVE-2020-10029, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-1730, CVE-2020-1751, CVE-2020-1752, CVE-2020-1971, CVE-2020-24553, CVE-2020-24659, CVE-2020-28362, CVE-2020-28366, CVE-2020-28367
MD5 | 9dba7e8106d51a5107b866a1127bc064
Online Hotel Reservation System 1.0 Cross Site Request Forgery
Posted Jan 15, 2021
Authored by Mesut Cetin

Online Hotel Reservation System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | fb9e7a0cd6253ffe05b2cf9641cb64f7
Online Hotel Reservation System 1.0 SQL Injection
Posted Jan 15, 2021
Authored by Mesut Cetin

Online Hotel Reservation System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version was discovered by Richard Jones in January of 2021.

tags | exploit, remote, vulnerability, sql injection
MD5 | 3aad311d35f1aea7bf29d2b04f9dd2a0
WordPress Easy Contact Form 1.1.7 Cross Site Scripting
Posted Jan 15, 2021
Authored by Rahul Ramakant Singh

WordPress Easy Contact Form plugin version 1.1.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 57ebb8109c315a9ed11b01cba6760fa7
Online Hotel Reservation System 1.0 Cross Site Scripting
Posted Jan 15, 2021
Authored by Mesut Cetin

Online Hotel Reservation System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 046061fd5a4b78f1d7d6cec21938c733
PHP-Fusion 9.03.90 Cross Site Request Forgery
Posted Jan 15, 2021
Authored by Mohamed Oosman B S

PHP-Fusion version 9.03.90 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf
MD5 | a76b7516f7ee7034ed0e11633425eb87
Page 1 of 1
Back1Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close