what you don't know can hurt you
Showing 1 - 21 of 21 RSS Feed

Files Date: 2021-05-17

Microsoft Windows TokenMagic Privilege Escalation
Posted May 17, 2021
Authored by James Forshaw, bwatters-r7, jheysel-r7, Ruben Boonen | Site metasploit.com

This Metasploit module leverages a UAC bypass (TokenMagic) in order to spawn a process/conduct a DLL hijacking attack to gain SYSTEM-level privileges. Windows 7 through Windows 10 1803 are affected.

tags | exploit
systems | windows
MD5 | e005d737a38c7d7f659e8866135faf12
Dell DBUtil_2_3.sys IOCTL Memory Read / Write
Posted May 17, 2021
Authored by Spencer McIntyre, SentinelLabs, Kasif Dekel | Site metasploit.com

The DBUtil_2_3.sys driver distributed by Dell exposes an unprotected IOCTL interface that can be abused by an attacker to read and write kernel-mode memory.

tags | exploit, kernel
advisories | CVE-2021-21551
MD5 | b66f29a91205e97f309e8b348c4bacc8
Wapiti Web Application Vulnerability Scanner 3.0.5
Posted May 17, 2021
Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Boolean based blind SQL injection support added. Added CSV as output format for Report. Multiple changes to cookie support. Fixed a session issue. New modules relating to WordPress and Drupal.
tags | tool, web, scanner, vulnerability
systems | unix
MD5 | 341a0e57851398e1c8f0c7ee4e261e79
Ubuntu Security Notice USN-4956-1
Posted May 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4956-1 - It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-21419
MD5 | e0a651127f3a9f26c34bf57dbc29395f
IPFire 2.25 Remote Code Execution
Posted May 17, 2021
Authored by Mucahit Saratar

IPFire version 2.25 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 2bd5829053fc33e82d1cf9e4554e648b
Backdoor.Win32.Antilam.14.d Code Execution
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Antilam.14.d malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
MD5 | 9bb3cca37cc0c648dd0565da21b354be
Advanced Guestbook 2.4.4 Cross Site Scripting
Posted May 17, 2021
Authored by Abdulkadir AYDOGAN

Advanced Guestbook version 2.4.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0696f159a58abb388857ea72cf16ee52
Ubuntu Security Notice USN-4955-1
Posted May 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4955-1 - Matthias Gerstner discovered that Please contained multiple security issues. A local attacker could use these issues to cause Please to crash, resulting in a denial of service, or possibly escalate privileges.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2021-31153
MD5 | a9d2ed667c9b0801950b27caeacbb1f1
Backdoor.Win32.Agent.oda Buffer Overflow
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.oda malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
MD5 | 184809c2d0c811568fe0b985e6e0aaa6
Backdoor.Win32.Danton.43 Man-In-The-Middle
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Danton.43 malware suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
MD5 | 3d3687d662fb428753d975459599e2a0
Dental Clinic Appointment Reservation System 1.0 Cross Site Request Forgery
Posted May 17, 2021
Authored by Reza Afsahi

Dental Clinic Appointment Reservation System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | a9be4a3399020010a3c7e6674f80c0f8
Dental Clinic Appointment Reservation System 1.0 Cross Site Scripting
Posted May 17, 2021
Authored by Reza Afsahi

Dental Clinic Appointment Reservation System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4718faa47a91ac58a29b19df2b08912a
Backdoor.Win32.Danton.43 Code Execution / Hardcoded Credentials
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Danton.43 malware suffers from code execution and hardcoded credential vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
MD5 | abbafd291b637ebf0bd4144da7a46bc2
Backdoor.Win32.Agent.lyw Buffer Overflow
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.lyw malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
MD5 | 0ff872f115da06ed5d7a750fa8f48d71
Subrion CMS 4.2.1 Shell Upload
Posted May 17, 2021
Authored by Fellipe Oliveira

Subrion CMS version 4.2.1 file upload bypass exploit that uploads a shell.

tags | exploit, shell, file upload
advisories | CVE-2018-19422
MD5 | e874feae0d57f116b1f5a86b2f618f2b
Printable Staff ID Card Creator System 1.0 Shell Upload / SQL Injection
Posted May 17, 2021
Authored by bwnz

Printable Staff ID Card Creator System version 1.0 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
MD5 | 4490bd349a0b50e4d7488c7b344af3e9
Billing Management System 2.0 SQL Injection
Posted May 17, 2021
Authored by Mohammad Koochaki

Billing Management System version 2.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Pintu Solanki in February of 2021.

tags | exploit, remote, vulnerability, sql injection
MD5 | 6a43b4ac7bf852e7431dafc25e456f64
Ubuntu Security Notice USN-4628-3
Posted May 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4628-3 - USN-4628-1 provided updated Intel Processor Microcode for various processor types. This update provides the corresponding updates for some additional processor types. Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-8695, CVE-2020-8696, CVE-2020-8698
MD5 | 646ca67004a2f12bf56f60f372487dbd
Backdoor.Win32.Agent.cy Denial Of Service / Null Pointer
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.cy malware suffers from denial of service and null pointer vulnerabilities.

tags | exploit, denial of service, vulnerability
systems | windows
MD5 | 75ec6286460ae2a05c64f3e061d89937
Backdoor.Win32.Agent.cy Insecure Transit
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.cy malware suffers from insecure transit issues.

tags | exploit
systems | windows
MD5 | 75dd4950a346fb725e060631bc8800d7
Microsoft Internet Explorer 8 SetMouseCapture Use-After-Free
Posted May 17, 2021
Authored by SlidingWindow

Microsoft Internet Explorer version 8 SetMouseCapture use-after-free exploit.

tags | exploit
advisories | CVE-2013-3893
MD5 | 53b749724963b2776ccfa3a0342a61a3
Page 1 of 1
Back1Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    23 Files
  • 27
    Jan 27th
    24 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close