exploit the possibilities
Showing 1 - 25 of 34 RSS Feed

Files Date: 2021-07-05

Gentoo Linux Security Advisory 202107-04
Posted Jul 5, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-4 - Multiple vulnerabilities have been found in Graphviz, the worst of which could result in the arbitrary execution of code. Versions less than 2.47.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-9904, CVE-2020-18032
MD5 | e716e30a578ff9b2295865c87b81c030
Ricon Industrial Cellular Router S9922XL Remote Command Execution
Posted Jul 5, 2021
Authored by LiquidWorm | Site zeroscience.mk

Ricon Industrial Cellular Router S9922XL suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the admin (root) user via the ping_server_ip POST parameter. It is also vulnerable to Heartbleed.

tags | exploit, arbitrary, shell, root
MD5 | 23fc8665a81e1f9a6166b3c13847b608
Stegano 0.9.9
Posted Jul 5, 2021
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: stegano now uses Pillow 8.3.0.
tags | tool, encryption, steganography, python
systems | unix
MD5 | 2a196837037c00a130fee783fa5fdca8
Virus.Win32.Shodi.e Heap Corruption
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Virus.Win32.Shodi.e malware suffers from a heap corruption vulnerability.

tags | exploit, virus
systems | windows
MD5 | 60949c07340ca0fca71791f4fa045f98
Ubuntu Security Notice USN-5005-1
Posted Jul 5, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5005-1 - It was discovered that DjVuLibre incorrectly handled certain djvu files. An attacker could possibly use this issue to execute arbitrary code or cause a crash.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3630
MD5 | 9c2e7b3a03dfa02cbe802f4972797788
SQLMAP - Automatic SQL Injection Tool 1.5.7
Posted Jul 5, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 5948e945a26a4bbfac27ff1b3c111d05
Simple Client Management System 1.0 SQL Injection / Shell Upload
Posted Jul 5, 2021
Authored by Ishan Saha

Simple Client Management System version 1.0 shell upload exploit that leverages SQL injection.

tags | exploit, shell, sql injection
MD5 | 5bd758665b3d42345b29f38a20d36289
Virus.Win32.Shodi.e Remote Command Execution
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Virus.Win32.Shodi.e malware suffers from a remote command execution vulnerability.

tags | exploit, remote, virus
systems | windows
MD5 | 142d7d462e592b1112928c97506a21ca
Faraday 3.16.1
Posted Jul 5, 2021
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Modified faraday-manage settings. Added a fix to update the minimum version of click dependency.
tags | tool, rootkit
systems | unix
MD5 | 53f71eae8310b3ec430c3a19e72c9ebf
WordPress Backup Guard 1.5.8 Shell Upload
Posted Jul 5, 2021
Authored by Ron Jost

WordPress Backup Guard plugin version 1.5.8 remote shell upload exploit.

tags | exploit, remote, shell
advisories | CVE-2021-24155
MD5 | 75b99c3a3102d89bce9985d105ebe3a3
Gentoo Linux Security Advisory 202107-03
Posted Jul 5, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-3 - An insecure temporary file usage has been reported in libqb possibly allowing local code execution. Versions less than 1.0.5 are affected.

tags | advisory, local, code execution
systems | linux, gentoo
advisories | CVE-2019-12779
MD5 | 9ab5f229d9667a143fb8f62508182c9b
Virus.Win32.Shodi.e Insecure Transit
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Virus.Win32.Shodi.e malware suffers from an insecure transit vulnerability.

tags | exploit, virus
systems | windows
MD5 | cd8985d1d0947d66eb2f757ffa718477
WordPress WP Learn Manager 1.1.2 Cross Site Scripting
Posted Jul 5, 2021
Authored by Mohammed Adam

WordPress WP Learn Manager plugin version 1.1.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 678387432f4bf568f9696cf4e500c46c
GNU Privacy Guard 2.2.29
Posted Jul 5, 2021
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.

Changes: Fixed regression in 2.2.28 for Yubikey NEO. Changed the default keyserver to keyserver.ubuntu.com. Made configure option --disable-ldap work again. Various other updates.
tags | tool, encryption
MD5 | 5db3334b528cf756b1e583db01319a24
Backdoor.Win32.WinShell.40 Authentication Bypass / Command Execution
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.WinShell.40 malware suffers from authentication bypass and command execution vulnerabilities.

tags | exploit, vulnerability
systems | windows
MD5 | c1b70da76de830e206950c706fbbe700
Gentoo Linux Security Advisory 202107-02
Posted Jul 5, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-2 - Multiple vulnerabilities have been found in FreeImage, the worst of which could result in a Denial of Service condition. Versions less than 3.18.0-r2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2019-12211, CVE-2019-12213
MD5 | def97520fb4a80000165f7d5aa9ab4fa
OpenEMR 5.0.1.7 Path Traversal
Posted Jul 5, 2021
Authored by Alexandre Zanni

OpenEMR version 5.0.17 path traversal exploit.

tags | exploit, file inclusion
advisories | CVE-2019-14530
MD5 | a7622ae19ddf3cafa635248b9528fd2c
Backdoor.Win32.Zombam.l Code Execution
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Zombam.l malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
MD5 | d8165a57870272aa9039bd9a43a2f5eb
Backdoor.Win32.Zombam.l Buffer Overflow
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Zombam.l malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
MD5 | 7901fc008195aff8bcb3e8fc20459800
Trojan.Win32.Inject.adwas Insecure Permissions
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Inject.adwas malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
MD5 | 8c22bd1c3167df0f808dfe8963d6a25b
Online Voting System 1.0 SQL Injection / Remote Code Execution
Posted Jul 5, 2021
Authored by Geiseric

Online Voting System version 1.0 remote SQL injection to code execution exploit. This is a variant exploit based off of the original discovery by deathflash1411 in July of 2021.

tags | exploit, remote, code execution, sql injection
MD5 | 4cc038089808ddff958a056a54dae202
HEUR.Trojan.Win32.Generic Insecure Permissions
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

HEUR.Trojan.Win32.Generic malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
MD5 | d0176f15ab1e6a31bd68b2854fc48850
Trojan-Dropper.Win32.Agent.wxl Insecure Permissions
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Trojan-Dropper.Win32.Agent.wxl malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
MD5 | 09ad4bc3be0c8f1d01e69223ad13dbaf
Gentoo Linux Security Advisory 202107-01
Posted Jul 5, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-1 - A vulnerability in corosync could lead to a Denial of Service condition. Versions less than 3.0.4 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2018-1084
MD5 | 31e413146dc9382bf8bf12716be232ce
Trojan.Win32.VB.bcng Insecure Permissions
Posted Jul 5, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.VB.bcng malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
MD5 | 65b13ae2f3be53a0c6c06ea888ba9b84
Page 1 of 2
Back12Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close