exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files Date: 2022-01-05

WordPress Catch Themes Demo Import Shell Upload
Posted Jan 5, 2022
Authored by h00die, Thinkland Security Team, Ron Jost | Site metasploit.com

WordPress Catch Themes Demo Import plugin versions prior to 1.8 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2021-39352
SHA-256 | 999305fb949e529f94cd8317c66ad4e660226106492dac5ff2bb180f31a8f911
Ubuntu Security Notice USN-5204-1
Posted Jan 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5204-1 - Chris Bailey discovered that Django incorrectly handled evaluating submitted passwords. A remote attacker could possibly use this issue to consume resources, resulting in a denial of service. Dennis Brinkrolf discovered that Django incorrectly handled the dictsort template filter. A remote attacker could possibly use this issue to obtain sensitive information. Dennis Brinkrolf discovered that Django incorrectly handled certain file names. A remote attacker could possibly use this issue to save files to arbitrary filesystem locations.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-45115, CVE-2021-45116, CVE-2021-45452
SHA-256 | 324c16f9e69826cd0f602072eb228ffdfd2b033ade7c94b0a2684f1d2219a12d
Dixell XWEB 500 Arbitrary File Write
Posted Jan 5, 2022
Authored by Roberto Palamaro

Dixell XWEB 500 suffers from an arbitrary file write vulnerability.

tags | exploit, arbitrary
SHA-256 | 8893724038713edfd0a473b757f5d2832dea41d77964d626f3b241d46aad30ea
Red Hat Security Advisory 2022-0015-01
Posted Jan 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0015-01 - Red Hat Single Sign-On 7.5 container images, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This is a security update Red Hat Single Sign-On 7.5, and includes one security fix.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-3712, CVE-2021-4133, CVE-2021-42574
SHA-256 | 0575dadfa587229dd808830d0bc7c86a64e5a167c637b0efbf58646786a84e63
Gerapy 0.9.7 Remote Code Execution
Posted Jan 5, 2022
Authored by Jeremiasz Pluta

Gerapy version 0.9.7 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2021-43857
SHA-256 | de39ced9083d9db765445d13a775b095cbaa05f19481263845c931fbe076d90e
Affiliate Pro 1.7 Cross Site Scripting
Posted Jan 5, 2022
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Affiliate Pro version 1.7 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | a7385cbd8ac891597837ba4d59fdc3e0787bd9941894a52c4c0244342d644e78
Hostel Management System 2.1 Cross Site Scripting
Posted Jan 5, 2022
Authored by Chinmay Vishwas Divekar

Hostel Management System version 2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 832158cb4d1ec5b505b212df18fdd464379c95a454031e01dc274b314d426ea9
TermTalk Server 3.24.0.2 Arbitrary File Read
Posted Jan 5, 2022
Authored by Fabiano Golluscio

TermTalk Server version 3.24.0.2 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary
SHA-256 | 0ef579da7fba4caf33a17d5c809dc705991c0647b12c32d81a9fc1a54d5d49ba
Rocket LMS 1.1 Cross Site Scripting
Posted Jan 5, 2022
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Rocket LMS version 1.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 739ba55afb1b94fc1dd9001e616a349dfa3374f42ff68ec041f9844f8873dc56
openSIS Student Information System 8.0 SQL Injection
Posted Jan 5, 2022
Authored by securityforeveryone.com

openSIS Student Information System version 8.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 05228d9c28b0ab4c4e5afaae596304d9ca7b3355304111d3aca5878961d60d7f
Online Admission System 1.0 Remote Code Execution
Posted Jan 5, 2022
Authored by Jeremiasz Pluta

Online Admission System version 1.0 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | f9eae7730f2082038c9c6ef73b31857d2530f0ad86f0edd9e3f31a65e8ad3d55
Hospitals Patient Records Management System 1.0 Account TakeOver
Posted Jan 5, 2022
Authored by twseptian

Hospitals Patient Records Management System version 1.0 suffers from an account takeover vulnerability.

tags | exploit
SHA-256 | e7502eafcbe432a44a80213cdbff1a8cc7f3223a98bc447cfa06a1b88ae8cfe2
WordPress AAWP 3.16 Cross Site Scripting
Posted Jan 5, 2022
Authored by Andrea Bocchetti

WordPress AAWP plugin version 3.16 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bbe3c3c6098ea3dafe885a1b7c7a164517c0c52c3b30c448960d1f5305f863d2
uDoctorAppointment 2.1.1 Cross Site Scripting
Posted Jan 5, 2022
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

uDoctorAppointment version 2.1.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 10648f3ef26d72f50dbf7b1b2cbd073cc26df955d71071edf73a28b2d9834ae5
Automox Agent 32 Local Privilege Escalation
Posted Jan 5, 2022
Authored by Greg Foss

Automox Agent version 32 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2021-43326
SHA-256 | 9230e9c9b89d0fb034c346e20cdd739f9806e11b58286a6409c48f75243b1749
Vodafone H-500-s 3.5.10 WiFi Password Disclosure
Posted Jan 5, 2022
Authored by Daniel Monzon

Vodafone H-500-s version 3.5.10 suffers from a wifi password disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 141bb2c0b6895ca188f6be64c7802d296621286ca56799588453acf04705218e
Hospitals Patient Records Management System 1.0 SQL Injection
Posted Jan 5, 2022
Authored by twseptian

Hospitals Patient Records Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e92946ead637f9f72a098b7f5a793ca56c8cf95d8e3c4bf2327700ab29a251b7
Easy Cart Shopping Cart 2021 Cross Site Scripting
Posted Jan 5, 2022
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Easy Cart Shopping Cart version 2021 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 88a378d8c274c8e35bc8508f8974e9c3641ec919c65d14f1430ee13662e27e08
AWebServer GhostBuilding 18 Denial Of Service
Posted Jan 5, 2022
Authored by Andres Ramos

AWebServer GhostBuilding version 18 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | d371f076ae115676c2291469b6fc2df33aaf707396311b807da94daade7f8863
Virtual Airline Manager 2.6.2 SQL Injection
Posted Jan 5, 2022
Authored by Milad Karimi

Virtual Airline Manager version 2.6.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3f72c8aaee9b1896ad3e03ab1921989d4c99e218c46f4742e2d324e100cbf39c
cWifi Hotspot Wireless CP Code Execution
Posted Jan 5, 2022
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

cWifi Hotspot Wireless CP suffers from a code execution vulnerability.

tags | exploit, code execution
SHA-256 | 13930403d64c5ddf8e24ee1cd9d5585eacd851fcd47aa3984dbc4909d5c2f854
RiteCMS 3.1.0 Arbitrary File Overwrite
Posted Jan 5, 2022
Authored by faisalfs10x

RiteCMS versions 3.1.0 and below suffer from an arbitrary file overwrite vulnerability.

tags | exploit, arbitrary
SHA-256 | e9fa75c629af64ae183c5725e751e06ae70b1b99a2ae57f02be8cb0d8c246b33
RiteCMS 3.1.0 Arbitrary File Deletion
Posted Jan 5, 2022
Authored by faisalfs10x

RiteCMS versions 3.1.0 and below suffer from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
SHA-256 | 1df19daa585e534af2fdd30939aae2a3e509e07d0fc2be95e5611c25f6237ab1
VMware Security Advisory 2022-0001
Posted Jan 5, 2022
Authored by VMware | Site vmware.com

VMware Security Advisory 2022-0001 - VMware Workstation, Fusion and ESXi updates address a heap overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2021-22045
SHA-256 | 7f47b277901c3528ef9176f5a918b266fad75f7bb006276b619415d109b0eb0e
Safari Montage 8.5 Cross Site Scripting
Posted Jan 5, 2022
Authored by Momen Eldawakhly

Safari Montage version 8.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-45425
SHA-256 | b7e3cde2fa93fc05717571899f1f5d1add9c59478beed0a26fc81e4c5c2fd2ac
Page 1 of 2
Back12Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    16 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close