exploit the possibilities
Showing 1 - 11 of 11 RSS Feed

Files Date: 2021-10-06

High Infinity Technology HiKam S6 1.3.26 Spoofing / Broken Authentication
Posted Oct 6, 2021
Authored by Gerhard Hechenberger, S. Robertz | Site sec-consult.com

High Infinity Technology HiKam S6 versions 1.3.26 and below suffer from broken authentication, enumeration, message protocol downgrade, insufficient use of cryptography, insufficient message protocol checks, device spoofing, outdated components, and weak default credential vulnerabilities. suffers from bypass, man-in-the-middle, and spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, protocol
MD5 | 0206837b913f1ffb76a1cce5f18b290e
Red Hat Security Advisory 2021-3741-01
Posted Oct 6, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3741-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.1 serves as a replacement for Red Hat JBoss Web Server 5.5.0, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, java, web, denial of service
systems | linux, redhat
advisories | CVE-2021-41079
MD5 | 26bd9e847e01fe88c8d6c9a7c3882eb3
Dahua Authentication Bypass
Posted Oct 6, 2021
Authored by bashis

Various Dahua products suffers from multiple authentication bypass vulnerabilities.

tags | exploit, vulnerability, bypass
advisories | CVE-2021-33044, CVE-2021-33045
MD5 | 5b26ded3f8be55ed52813582f0b6607e
Online-Food-Ordering-Web-App SQL Injection
Posted Oct 6, 2021
Authored by Jason Colyvas | Site github.com

Online-Food-Ordering-Web-App suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, web, sql injection
advisories | CVE-2021-41647
MD5 | 2e3935af30a88b048926ba5e206dad5a
Ubuntu Security Notice USN-5104-1
Posted Oct 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5104-1 - Lyu discovered that Squid incorrectly handled WCCP protocol data. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly obtain sensitive information.

tags | advisory, remote, denial of service, protocol
systems | linux, ubuntu
advisories | CVE-2021-28116
MD5 | ebced696b47a0af1f3398b3e07cea764
WordPress BulletProof Security 5.1 Information Disclosure
Posted Oct 6, 2021
Authored by Ron Jost

WordPress BulletProof Security plugin version 5.1 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2021-39327
MD5 | 8921fb148d8d2f34f31511cf73eba22e
Microsoft Office OneNote 2007 Remote Code Execution
Posted Oct 6, 2021
Authored by Eduardo Braun Prado

Microsoft Office OneNote 2007 proof of concept exploit for a OnePKG file parsing remote code execution vulnerability. Upon decompressing files from .ONEPKG archives (using MS CAB format), a failure to sanitize file paths and file contents allows for arbitrary file planting in arbitrary locations on the OS, including the startup folder.

tags | exploit, remote, arbitrary, code execution, proof of concept
advisories | CVE-2014-2815
MD5 | 66b82cd487db6f570ee8d45f756cf2ca
Apache HTTP Server 2.4.49 Path Traversal / Remote Code Execution
Posted Oct 6, 2021
Authored by Lucas Souza

Apache HTTP Server version 2.4.49 suffers from a path traversal vulnerability.

tags | exploit, web, file inclusion
advisories | CVE-2021-41773
MD5 | 1f8f44361142a2acbf7b9f53b654f29a
Talariax sendQuick Alertplus 4.3 SQL Injection
Posted Oct 6, 2021
Authored by Jerry Toh, Edmund Ong

Talariax sendQuick Alertplus server admin version 4.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f8a6239dc00f0239591cfaa64edc9f96
G Data EndpointProtection Enterprise 17.08.2021 Privilege Escalation
Posted Oct 6, 2021
Authored by Florian Bogner

G Data EndpointProtection Enterprise version 17.08.2021 suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | b7c6e369ca821f7e8d7aaa6fbda494ee
Odine Solutions GateKeeper 1.0 SQL Injection
Posted Oct 6, 2021
Authored by Emel Basayar

Odine Solutions GateKeeper version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e6c999b2b236d580398e8cb7ace126e7
Page 1 of 1
Back1Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close