The Exploit Next Generation® SQL Fingerprint tool uses a combination of crafted packets for SQL Server Resolution Protocol (SSRP) and Tabular Data Stream Protocol (TDS) (protocols natively used by Microsoft SQL Server) to accurately perform version fingerprinting and determine the exact Microsoft SQL Server version.
a9da9389d828f4a7b3af5d779e87fb3ae513be7cc7645331252f6b8c668f4c79CubeCart versions 4.x and 5.x suffer from a setup reinstallation privilege escalation vulnerability.
b6e0a82f2fcfb8bd1e56130184c395a0742734e83737dcdf40c621785ed944caCubeCart versions 4.4.6 and below suffer from a local file inclusion vulnerability.
cd09ebac1ebc0cdb12f3fcb26cfca9b777d59682b2ce8d5df2bc51319446fa7cCubeCart versions 4.4.6 and below suffer from a remote SQL injection vulnerability.
fb5ba9da5f00ec1224adc14fd7e0304f4b96af9244451539363f329a3b84a376This is an exploit for W3 Total Cache called W3 Total Fail that works by attempting to guess SQL queries that might contain important password hashes.
2e978aeab0aad073084fa3c762212c6feb62f882be9a85f79fe5a5effb151596Netransfers version 2.1 suffers from cross site scripting, local file inclusion, and directory traversal vulnerabilities.
4a183785cbb8438b9e8db953fad2c66c40daf05a1747e1cd0cd5ce9b73bfadfbThis exploits abuses an argument injection in the PHP-CGI wrapper to execute code as the PHP user/webserver user.
3eec4f2609dbad6e788f030ac2d9d162c3f1d0f995cfc76d077850a4c0c1bcdcMandriva Linux Security Advisory 2012-182 - Multiple vulnerabilities has been discovered and corrected in ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting attacks.
369ce6a7e151a229d7375ff65beba434e2f508b28ac4f84b53550bbada3693bfCubeCart versions 4.4.6 and below suffer from multiple cross site scripting vulnerabilities.
f613b5f3755c80ea590bd86c890a7bd417c277d38c83a86e047147dac23898aeCubeCart versions 4.4.6 and below suffer from a cross site request forgery vulnerability.
9786b4b6388152d345c9bc99106204e26c2db4b2c8ca67174d1c41d337766b31Call For Papers for Troopers 2013 - The conference will be held in Heidelberg, Germany from March 13th through the 14th, 2013.
f3c905b1d20236b92d571e6971dba7b6356ca0e6de9c96a7e05f35f52fe6b056A vulnerability exists in EMC Data Protection Advisor that can be potentially exploited to gain unauthorized access to files and directories. The DPA Web UI contains directory traversal vulnerability that could allow a remote unauthenticated malicious user to copy and read files from the affected system. The vulnerability does not allow an attacker to modify existing or upload new files to the affected system. If recommended practice is followed and the DPA server processes run as an unprivileged user, these files will be limited to the DPA installation directory. The DPA installation directory may contain files with sensitive system information.
28deb0615da041d54123c8dd033b6abe48f3fe792e845006fbe90f62c15a6b9dHP Security Bulletin HPSBUX02835 SSRT100763 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely as a domain name revalidation. Revision 1 of this advisory.
ed50169d6eb47a27f49fc9ad4e562c77c9ce2f6665fdf4c6015f659ddda32be2MyBB AwayList plugin suffers from a remote SQL injection vulnerability.
390090953d05358a08a89247468e6744125a4582dc4426263307b48b6e30859bCubeCart versions 5.0.7 and below suffer from an open URL redirection vulnerability.
8088fcda724250b29531d595f138b2830fad68d83d0ecedc036310b40a01a8bdCubeCart versions 4.4.6 and below suffer from an open URL redirection vulnerability.
2155a336ea5b466547cbd01cc22b43133122aa3dc4f50f21da60e598c5aa3acbMultiple WordPress themes by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
b64d5ae444d8cc1bf39555f4b065ea716c63e9ea02efe5949842af75d06a8ff8This Metasploit module an arbitrary file upload and code execution vulnerability in Uploadify.
a6f12738518c4ce18f38b79ba62f721ae6a586c334e491f20b73787b6ac9b356Feindura CMS version 2.0.4 suffers from a remote PHP shell upload vulnerability.
ecdc36ddddd1f08e0556a367db6dfb88df06cfe8bcf67905c47bfa7040e0a29bCity Directory Review and Rating Script suffers from a remote SQL injection vulnerability.
e903209e8cf91c1e8901d8dd58f98e226a25cc15bdb2b9838747f89b94e938aaSiemens SIMATIC S7-1200 PLCs, version 2 and higher, allow device management over TCP port 102 (ISO-TSAP) and retrieving status information over UDP port 161 (SNMP). It is possible to cause the device to go into defect mode by sending specially crafted packets to these ports.
679ddc6a6dfabb319c2d94eaa550f322d746da693bd83835da6ccdc4172e3a1fThis Metasploit module can be used to crawl MS SQL Server database links and deploy Metasploit payloads through links configured with sysadmin privileges using a valid SQL Server Login. If you are attempting to obtain multiple reverse shells using this module we recommend setting the "DisablePayloadHandler" advanced option to "true", and setting up a multi/handler to run in the background as a job to support multiple incoming shells. If you are interested in deploying payloads to specific servers this module also supports that functionality via the "DEPLOYLIST" option. Currently, the module is capable of delivering payloads to both 32bit and 64bit Windows systems via powershell memory injection methods based on Matthew Graeber's work. As a result, the target server must have powershell installed. By default, all of the crawl information is saved to a CSV formatted log file and MSF loot so that the tool can also be used for auditing without deploying payloads.
aec25e86c630aebbe81223e53debe36871fbbe2494ff15b49410d725b1a9770cThis Metasploit modules exploits a command injection vulnerability in the URL handler for for the IBM Lotus Notes Client <= 8.5.3. The registered handler can be abused with an specially crafted notes:// URL to execute arbitrary commands with also arbitrary arguments. This Metasploit module has been tested successfully on Windows XP SP3 with IE8, Google Chrome 23.0.1271.97 m and IBM Lotus Notes Client 8.5.2.
7a3b0f8cdedb3c1112e263b6a63066bb8c62253df93e1569505b5ae265a933a9This Metasploit module exploits a vulnerability found in Netwin SurgeFTP, version 23c8 or prior. In order to execute commands via the FTP service, please note that you must have a valid credential to the web-based administrative console.
d2cfc6fc7d86461f770fda0e4daee3857ea9a4952d95f4921e2a9e92c4b23c57This Metasploit module exploits a vulnerability found in WP-Property <= 1.35.0 WordPress plugin. By abusing the uploadify.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.
4dee1bdd031612bb43cd354c2c2c0169a80a8ac8b06c72612651dcb736f31e37
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed