exploit the possibilities
Showing 1 - 12 of 12 RSS Feed

Files Date: 2021-07-29

Microsoft Exchange AD Schema Misconfiguration Privilege Escalation
Posted Jul 29, 2021
Authored by James Forshaw, Google Security Research

The msExchStorageGroup schema class added during Exchange installation can be used to create almost any AD object including users, groups or domain trusts leading to elevation of privilege.

tags | exploit
advisories | CVE-2021-34470
SHA-256 | 627232e16239714ec375a9cfcdcb5ae5ed42b0f516a9d4728d978cfb3abf4962
Ubuntu Security Notice USN-5025-2
Posted Jul 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5025-2 - USN-5025-1 fixed a vulnerability in libsndfile. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3246
SHA-256 | 71161ce693fd49985174cabbe4b4902ec1c5e2c717f481624564ca59b97f89c6
Oracle Fatwire 6.3 Cross Site Scripting / SQL Injection
Posted Jul 29, 2021
Authored by J. Francisco Bolivar

Oracle Fatwire version 6.3 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 38f80fca24b17f32a9e3da9f5471c31d26cc3bb1e197893519649f27a2ab75e3
Longjing Technology BEMS API 1.21 Remote Arbitrary File Download
Posted Jul 29, 2021
Authored by LiquidWorm | Site zeroscience.mk

Longjing Technology BEMS API version 1.21 suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.

tags | exploit, arbitrary
SHA-256 | ecde74e6d4e7cbe2d1a44b93eaae60686b9045e1ada24356e1f1263b9c767441
Ubuntu Security Notice USN-5025-1
Posted Jul 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5025-1 - It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3246
SHA-256 | 515f197037d9c5f17c04f6f6b1d9c4b1bdf5345da7af723254917f8af7f67453
Denver IP Camera SHO-110 Snapshot Disclosure
Posted Jul 29, 2021
Authored by Ivan Nikolsky

Denver IP Camera SHO-110 suffers from an unauthenticated disclosure of a snapshot.

tags | exploit, info disclosure
SHA-256 | 7b7a36e0ae757da258c9cf9c116c4320968424f0cd6c800ff639f92f245a5ca8
ObjectPlanet Opinio 7.12 Cross Site Scripting
Posted Jul 29, 2021
Authored by Ang Kar Min

ObjectPlanet Opinio version 7.12 suffers from reflective and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-26563
SHA-256 | f500e5fdb33867b5edf3170e3933efe781565d176bbb6a77f75941889807d9d6
Ubuntu Security Notice USN-4944-2
Posted Jul 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4944-2 - USN-4944-1 fixed vulnerabilities in MariaDB. It caused a regression. This update fixes the problem. Ubuntu 20.04 has been updated to MariaDB 10.3.30.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 57c06dee963cb110cc6fde97e455934e8e311a4ead7ce42d1b55a525be6acea3
CloverDX 5.9.0 Code Execution / Cross Site Request Forgery
Posted Jul 29, 2021
Authored by niebardzo

CloverDX version 5.9.0 cross site request forgery to remote code execution exploit.

tags | exploit, remote, code execution, csrf
advisories | CVE-2021-29995
SHA-256 | 596b2eea2e27565ab3f218e20a495aaef02193748d901ef08464493dd7fc27d9
Ubuntu Security Notice USN-5024-1
Posted Jul 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5024-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-21775, CVE-2021-30689, CVE-2021-30749, CVE-2021-30799
SHA-256 | 14d11292105cb8b94a56279b28094f2991375524c7454e09c1c4271e1819998f
Care2x Integrated Hospital Info System 2.7 SQL Injection
Posted Jul 29, 2021
Authored by securityforeveryone.com

Care2x Integrated Hospital Info System version 2.7 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 813565cbac4fa2b60990827c97c4b6014e8013852af0c5279d6bbe5c159039f1
IntelliChoice eFORCE Software Suite 2.5.9 Username Enumeration
Posted Jul 29, 2021
Authored by LiquidWorm | Site zeroscience.mk

IntelliChoice eFORCE Software Suite version 2.5.9 allows for username enumeration.

tags | exploit
SHA-256 | b4598723e07ce8a6c4f8a1ac2fbd7802bf319eccafe1b549bb7d97c72f235792
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close