exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2023-07-04

Ubuntu Security Notice USN-6200-1
Posted Jul 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6200-1 - It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS.

tags | advisory, denial of service, arbitrary, shell, code execution
systems | linux, ubuntu
advisories | CVE-2020-29599, CVE-2021-20224, CVE-2021-20244, CVE-2021-20246, CVE-2021-20312, CVE-2021-20313, CVE-2021-39212, CVE-2022-32545, CVE-2023-1289, CVE-2023-1906, CVE-2023-3195, CVE-2023-34151, CVE-2023-3428
SHA-256 | 4624c32fa88c1256496ddb16ef8578660e852b2894774605d467f2dca0b95882
Debian Security Advisory 5446-1
Posted Jul 4, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5446-1 - It was discovered that Ghostscript, the GPL PostScript/PDF interpreter, does not properly handle permission validation for pipe devices, which could result in the execution of arbitrary commands if malformed document files are processed.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2023-36664
SHA-256 | 9d5b0000e02f7ecf102958a7f33f69739326f3cb8de448506ada14b9cc59ba95
Ubuntu Security Notice USN-6199-1
Posted Jul 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6199-1 - It was discovered that PHP incorrectly handled certain Digest authentication for SOAP. An attacker could possibly use this issue to expose sensitive information.

tags | advisory, php
systems | linux, ubuntu
advisories | CVE-2023-3247
SHA-256 | f900e85ecda5d4b00c19b39d7bf754425099337a6a82556ace53811d967446d9
Ubuntu Security Notice USN-6198-1
Posted Jul 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6198-1 - It was discovered that GNU Screen was not properly checking user identifiers before sending certain signals to target processes. If GNU Screen was installed as setuid or setgid, a local attacker could possibly use this issue to cause a denial of service on a target application.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2023-24626
SHA-256 | 94557e4c5e166f2100589b7d82c59e27794bdef4dab4affe45bb7a269566ae21
Citrix Gateway And Cloud MFA Insufficient Session Validation
Posted Jul 4, 2023
Authored by Vulnerability Laboratory, Benjamin Mejri, Lars Guenther | Site vulnerability-lab.com

Citrix Gateway and Cloud MFA suffers from an insufficient session validation vulnerability.

tags | exploit
SHA-256 | 6aa0e0152240884fa1d676a43396adfc4092dd7078df0dc77fd19b8dbddd2eb9
Qualcomm Adreno/KGSL Insecure Execution
Posted Jul 4, 2023
Authored by Jann Horn, Google Security Research

Qualcomm Adreno/KGSL suffers from an issue where code in user-writable mapping is executed in non-protected mode.

tags | exploit
advisories | CVE-2023-21670
SHA-256 | 795d9bc48251143119585b455550c6ef9db1db6cead5a6bfba90baa195ff4c43
Ubuntu Security Notice USN-6197-1
Posted Jul 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6197-1 - It was discovered that OpenLDAP was not properly performing bounds checks when executing functions related to LDAP URLs. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-2953
SHA-256 | 6b877260af7434fe6c5bef2dea1811e054961d48c8fc6824f971b54be856ecdb
WordPress WP AutoComplete Search 1.0.4 SQL Injection
Posted Jul 4, 2023
Authored by Matin Nouriyan

WordPress WP AutoComplete Search plugin versions 1.0.4 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2022-4297
SHA-256 | b3184bcc98720f70933dff85f8bc1fb069a559a62b25c7a7bb2f9cef90f04463
D-Link DAP-1325 Insecure Direct Object Reference
Posted Jul 4, 2023
Authored by ieduardogoncalves

D-Link DAP-1325 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | 4548841ea03f3266179288f0cf24c3beb3d9e505ee2916e0c7ae0044d092874b
POS Codekop 2.0 Shell Upload
Posted Jul 4, 2023
Authored by yuyudhn

POS Codekop version 2.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2023-36348
SHA-256 | 5aa6755a5b65a13638c64fca7152e27a5e9265f28f9a56f9146dc230387f94af
AppleZeed CMS 2.0 SQL Injection
Posted Jul 4, 2023
Authored by indoushka

AppleZeed CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | b10dc7fe6d4f1a88b74eac3ee061dec5b828171e6513804abc4b45080828e37b
Arlisistem 3.0 SQL Injection
Posted Jul 4, 2023
Authored by indoushka

Arlisistem version 3.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 3c01ce8957dbd81d3f42a76189309ee0a712c754c4c79ad005afe222d26c83e3
ArticleSetup Script CMS 1.02 Cross Site Request Forgery
Posted Jul 4, 2023
Authored by indoushka

ArticleSetup Script CMS version 1.02 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 81a94c8ac47ab696c3c9dc187d2cd857d00d66d82cbc371eed6630cff1133fbf
ApnaTrademark CMS 2.5 SQL Injection
Posted Jul 4, 2023
Authored by indoushka

ApnaTrademark CMS version 2.5 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | c5d3eb4f5e4586c02a310cf8e835b4076c15661503b5edf536dc4c5f66ec2fcc
ApPHP MicroCMS 1.0.1 Host Header Injection
Posted Jul 4, 2023
Authored by indoushka

ApPHP MicroCMS version 1.0.1 re-embeds arbitrary content from the client into web pages.

tags | exploit, web, arbitrary
SHA-256 | 90a491317ac9d98ff53982fb318f3833c99e02bd4a350ef460b3ef8fc41801be
Allhandsmarketing LMS 2.0 Insecure Settings
Posted Jul 4, 2023
Authored by indoushka

Allhandsmarketing LMS version 2.0 appears to leave default credentials installed after installation.

tags | exploit
SHA-256 | 0a7fac5bafe3427ff8eb1fc34e70edd00e6c7158cc594c2c05032b3247e8c68d
Allhandsmarketing CMS 3.01 SQL Injection
Posted Jul 4, 2023
Authored by indoushka

Allhandsmarketing CMS version 3.01 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a8808a32c37d453f04b04130b28e0217fc95dbea5b67e2ca11fd868d4e0d40fe
Car Rental Script 1.8 Cross Site Scripting
Posted Jul 4, 2023
Authored by CraCkEr

Car Rental Script version 1.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8f7b22898dc1f052e732a313265bdb7049c691e2c912f5c1a05a8742c3eb7082
Ubuntu Security Notice USN-6196-1
Posted Jul 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6196-1 - It was discovered that ReportLab incorrectly handled certain PDF files. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-33733
SHA-256 | e026b45fd846a7589b5526ab0bbeefa3a7df519227c30e6d5c5fba41e6ae5cf4
Ubuntu Security Notice USN-6195-1
Posted Jul 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6195-1 - It was discovered that Vim contained an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim did not properly manage memory when freeing allocated memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim contained a heap-based buffer overflow vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-0128, CVE-2022-0156, CVE-2022-0158, CVE-2022-0393, CVE-2022-0407, CVE-2022-0696
SHA-256 | 29f833f24c2a89c590d47753e52856b7a359502c3934e218ac002ee4ec4f7ddd
Allhandsmarketing LMS 2.0 Cross Site Request Forgery
Posted Jul 4, 2023
Authored by indoushka

Allhandsmarketing LMS version 2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 15c4bd37f519f3ffdb2de431ebb56e2c3e805be9de967a734c44922073c1d9f6
Adveris CMS 3.0 Cross Site Scripting
Posted Jul 4, 2023
Authored by indoushka

Adveris CMS version 3.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f4e69d15add89915deaf239446b331cc9106cc57ee69bf29f992d6be03d4d471
Advanced HRM 1.6 Insecure Direct Object Reference
Posted Jul 4, 2023
Authored by indoushka

Advanced HRM version 1.6 allows for the reseting of the administrative password.

tags | exploit
SHA-256 | a4c93b1a74bac9fbda8b0966c5103bd24cf474cf052b29b5dbecf1008f00967f
ADMINA BULGARIA Ltd 1.0 Insecure Settings
Posted Jul 4, 2023
Authored by indoushka

ADMINA BULGARIA Ltd version 1.0 appears to leave default credentials installed after installation.

tags | exploit
SHA-256 | a4458b10fa49097064d3c4a75d4d346fde8108f8f2e6c3de78d532840632ea7e
Active Super Shop 1.5.1 HTML Injection
Posted Jul 4, 2023
Authored by indoushka

Active Super Shop version 1.5.1 suffers from an html injection vulnerability.

tags | exploit
SHA-256 | 941a4dae5e50b0763b89ebe38bff7616dc8d063ab582b38e4439551746993fbd
Page 1 of 2
Back12Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close