DirPHP version 1.0 suffers from a local file inclusion vulnerability.
f922f10049cb2b15a1b16614078725aebb5d95d2cdee5216b779aaa91992d8b9Barracuda Networks Spam and Virus Firewall version 5.1.3 suffers from a cross site scripting vulnerability.
fd6bc76304668027f8977a257f29b78b7d5fd39378c30f51b54a32ea8719b644Android's SDK suffers from a SQL injection vulnerability in the delete() method.
046033dbaaf5bdd27428cd7cdb0cfd8935c69d769ad6e6b0e0901db8c882e245CMSimple version 4.4.4 suffers from code execution, default credential, and remote file inclusion vulnerabilities.
546f3b040627c929621993bc0ed2e5a06d948532cc8351e131db507ae36d5b75MasterCard.com.au suffers from an open redirect vulnerability.
17091aa154924d37cfd73e3daf265786342f19af4f9ee46ad81527ff34d612aaWordPress Slider Revolution Responsive plugin versions 4.1.4 and below suffer from an arbitrary file download vulnerability.
5741a1911337aab8b63be960a0944a5df6cd526dcc7be9097e32d2f40cfaa290Sagem F@st 3304-V1 suffers from a denial of service vulnerability.
089e8d0a65adc5f8eab0b71bb5f705b88968a278bc59b169bca15e150f1b2b50Some products from dtSearch Corporation suffer from DLL hijacking vulnerabilities.
87e83a726c488205e1c94f35efd7cb24908ceba7d6b5cee6a82f172f67229feeWordPress Lead Octopus plugin versions prior to 1.1.1 suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data. NOTE: The author of this plugin has contacted Packet Storm and claims they have fixed this issue as of 2014/12/07. The fixed version is 1.1.1.
e229e4737c7358e8d3d774eb912c332444859671ff6cfb1f926797bc8f4fcf09WordPress FBGorilla plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
f89f508dfe6ffe796d290addc918b30d1491a26d310f6cc72ac228fda1c72c98WAF-FLE is a console for ModSecurity. It allows modsec administrators to view and search events logged by mlogc or mlog2waffle. The dashboard shows a graphical view of events, and when combined with the powerful drill-down filter allows quick searching for relevant events. Events can be viewed in detail, whether sent by one or many sensors.
b3f7747610c52ea609642dfb637bab2b5905b8c8511ebef2f9a36e5615ee1f1cViproy Voip Penetration and Exploitation Kit is developed to improve quality of SIP penetration testing. It provides authentication and trust analysis features that assists in creating simple tests.
804f9b4c83d5ccb2b408d8d927fe6b3a91923b84aafe53f383b2a42e494bb041Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
221a413d0954cf6378ce29e549e7de0c9a04592d9421e844d46dfd1b59d13a8cMobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
3a8266ae401d355298c31567df9ddb852a88a6a4a046df54bb7ff50e1cacccafBugzilla Security Advisory - Bugzilla versions 3.7.1 to 4.0.13, 4.1.1 to 4.2.9, 4.3.1 to 4.4.4, and 4.5.1 to 4.5.4 suffer from a cross site request forgery vulnerability.
cd0337a3196b87e65a4382c3d46665e5a07957324bbe8fa092ed144b51893ab0Debian Linux Security Advisory 2989-1 - Several security issues were found in the Apache HTTP server.
6a2e0fe2e7dd2939b32d62124cbffac15ed98b20d36d18e10fd6076278bcd60cDebian Linux Security Advisory 2988-1 - Ben Hawkes discovered that incorrect handling of peer messages in the Transmission bittorrent client could result in denial of service or the execution of arbitrary code.
9cd5b0aa71fa0a9673cbbc99e208e5bb93e7fd049bfa2868f05da44789369498Netgear DGN2200 with firmware version 1.0.0.29_1.7.29_HotS suffers from a password disclosure vulnerability.
fe3616ab9fc7139749487df4bffe5aaae99e953e9bed6452c87d511fe27628fbMoodle version 2.7 suffers from a persistent cross site scripting vulnerability.
959eea10516335cfd227b085fe290db6e24c09b51b65eae621a5fba7876d90e6Zenoss Monitoring System version 4.2.5-2108 64-bit suffers from a persistent cross site scripting vulnerability.
b6b364b0ca0afa7eba0ab172d073556261e1df677443861f1f420ec11a947851Easy File Sharing webserver suffers from a persistent cross site scripting vulnerability in the forum messages.
5fc2edb57adb417649cbb0813d961bc52ba43a0b6708d698727e55ceb5ae4c10A vulnerability within the MQAC.sys module allows an attacker to overwrite an arbitrary location in kernel memory. This Metasploit module will elevate itself to SYSTEM, then inject the payload into another SYSTEM process.
c3dce854c36c28e545304c300892721f5fed0a84228f0ce24204cc34d072d2a6BulletProof FTP Client 2010 suffers from a buffer overflow vulnerability.
a3e7475d74bd6f99e53fd8483d4127bbad6e74912100255cd47b89d09a52540dUbiquiti AirVision Controller version 2.1.3 suffers from an overly permissive default crossdomain.xml file.
6318c6697c238ece9eeaeec23969f86bf02a5ced36a26fc6cec3e4b648f18ab6Ubiquiti UniFi Controller version 2.4.6 discloses the administrative password hash via syslog messages.
597a700074a9e5cd6247e5ed9af269ba563e594e93c3abd71b128f81eabf405e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed