The Infobae website suffers from multiple cross site scripting vulnerabilities. The author has received no response from them.
7d27834c41218abe78f74ed25b1687903fade4c02f0c42f10175989c165ee7b8Shellsploit lets you generate customized shellcodes, backdoors, and injectors for various operating systems. It also has obfuscation abilities.
d8cb793be2a436b47284454f1f100287761ac59042791ccd4992836f7b48e0aeWhitepaper that discusses how Cisco IP Communicator only uses MAC addresses for authentication allowing you to spoof other callers.
5fa6355a4e3c274a002436a52e827eab9e6cbcae0ca0402c3a1c6a7211bbcdebStegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
eea5f9ca57df57cc052374580555fb8f64ac6a081e2972a3a17ca79312b3b48dRed Hat Security Advisory 2016-1096-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.
d6f494c765f33232f531d11b2e6eda22f2c43ad3b026c0288860ab76b60b61d2Debian Linux Security Advisory 3585-1 - Multiple vulnerabilities were discovered in the dissectors/parsers for PKTC, IAX2, GSM CBCH and NCP which could result in denial of service.
f2bccfc2144f228057aeb26f3c58194c69ee3726c2b8880fbb06a565da8ef44fJobScript suffers from an authenticated arbitrary PHP code execution. The vulnerability is caused due to the improper verification of uploaded files in '/admin-ajax.php' script thru the 'name' and 'file' POST parameters. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file with '.php' extension (to bypass the '.htaccess' block rule) that will be stored in '/jobmonster/wp-content/uploads/jobmonster/' directory.
ebbd14e9080ce7820b95b2208012010a9a83d14e9f97841c699bfbe6706716abMultiple ETAP binaries are prone to a stack-based buffer overflow vulnerability because the application fails to handle malformed arguments. Version 14.1.0.0 is affected. An attacker can exploit these issues to execute arbitrary code within the context of the application or to trigger a denial-of-service conditions.
1099aacf1bea150f3f5b0d2b083815b5b9639cb8d176966b60c20e6f33f2bd28Linknat VOS3000/VOS2009 suffers from a remote SQL injection vulnerability.
0ae3413cc36311b832cc800fbc0fe838b41fbbf707073fec1c0d8e500feaeac4WEBONE CMS version 6 suffers from a remote SQL injection vulnerability.
c586691bbe7c33c05e24864f607a414bcaba8a51ae9fa8aebc2051a54ea0e918AMSS++ version 4.2 has an admin/admin backdoor account.
3d053d75fc4e79afef02a50a644a8e6cf4a9f111809a067ec8973b5ddf2e0fbfLws-Construction Management version 1.0 suffers from a remote SQL injection vulnerability.
c36d0e7573f5f4c6286e5bac90efe9861de5a2a98a92164fd1b110577fac9378JobScript suffers from an open redirection vulnerability.
e346964b5931d627f76776af0fec044f2c71e336366251548304f0d59283e2f0Calliope version 2.31 suffers from authentication bypass due to a remote SQL injection vulnerability.
85b10f367e99494fdc1e2fff03f4010816dfafd1b727faab0b01577307e01da3Annuaire de Salon et Foire version 1.4 suffers from authentication bypass due to a remote SQL injection vulnerability.
211270e8c5b25f157973aa76d5f87ef7631f0e04c60010dcfacb6b9acb263ebfSitizy version 2.0 suffers from authentication bypass due to a remote SQL injection vulnerability.
368b7c6cc8b2c621763042755f7a7af6bfa6b288022f19453090568d7e7c23dcThis is a Linux kernel module that adds a backdoor to a system. Based on sunxi_debug.
4e6f48c2c881d53eaa6936060c88426fcbc23abe2ac8482887470073b2fa311fTorop Tourisme version 2.0 suffers from a remote SQL injection vulnerability.
f993e7d991635981f6e04e07467d842f33ccd0f70d0bae57982817e3e54a7135Linux x86_64 information stealing shellcode.
84065b4963be2b5e6670a61dd5781c3db6b6e7157e683d2ee928c6dac799ff6dThis is a deviation of the pyJoiner tool using Tkinter.
cbc3f942a985eb959fc6777f7b95175d48e25a1768f27aa2d6428478ed9705dbETAP suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'C' flag (Change) for 'Authenticated Users' group. Version 14.1.0.0 is affected.
1367964c70458bdbf8463029dfa389212fb4ad8f6ffd3291411ff5d82e8115f7Collectd-Web version 0.4.0 suffers from a cross site scripting vulnerability.
677f1e138f0fabb145e534d65964d3ca14c126d42cb45b63a3c352e5b9a2b25aPostfix Admin version 2.93 suffers from a cross site request forgery vulnerability.
c36bf42d6746cb09cb01c495637ea7bc269111f9cfcff5161901216a53a69331Red Hat Security Advisory 2016-1094-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: A vulnerability was found in the STI build process in OpenShift Enterprise. Access to STI builds was not properly restricted, allowing an attacker to use STI builds to access the Docker socket and escalate their privileges.
9e7713afc2bf16c384a8dc63fbb0d707a04f446cb1f6dae65f1062ccd48021c2Red Hat Security Advisory 2016-1095-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: An origin validation vulnerability was found in OpenShift Enterprise. An attacker could potentially access API credentials stored in a web browser's localStorage if anonymous access was granted to a service/proxy or pod/proxy API for a specific pod, and an authorized access_token was provided in the query parameter.
9f0438501be43d234df548f08d68f63b5b68e8f3e714803ca13d67d2c888277a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed