Joomla Modern Booking component version 1.0 suffers from a remote SQL injection vulnerability.
006e913445e924a197da572f04e6f6c0d0b601aaa1321e1129e402542bcaba08SpyCamLizard SC Liz version 1.230 remote buffer overflow exploit.
7938a0efc48b2f7f0a9e2c43e3fbf274467f37d1710f4630bee19ddb1dd55215rldns is an open source lightweight DNS server for linux, netbsd, freebsd, and openbsd. Runs on x86 and x86_64 architectures.
fa02006cf534737a5fc492d24fc79aa7e37c09d5a4c386dd069f865cfe8b126aonArcade version 2.4.x suffers from a local file disclosure vulnerability.
a313d87067397f6047c1d3c3d831ff7a33e56265508ee0f36b5c7fe87bd6d51bD-Link DSL-2640B remote DNS changing exploit.
b82d3dc13d1e33a86fea85f7796a9cb127096e83601da1cf601b180a867a6c29Flippa Clone suffers from a remote SQL injection vulnerability.
d6dd20b68e90bded5f7799e8e0df17012400a8847e305b9036d43feee93a232aBonza Digital Cart Script version 1 suffers from a remote SQL injection vulnerability.
48603fce8c4fe0b8afb1aaf706ef92565762029c3b126cafcb957b6793f449bdOmegle Clone version 2.0 suffers from a remote SQL injection vulnerability.
97033a8a798b81482880293a4b5f1d6cc9ac04b8a4e2b1ccfe9ef1c780f20c48Membership Site Script version 1 suffers from a remote SQL injection vulnerability.
b0a221aa6057753730df3ce5e09a7341b8c05c4f125c3306271aef9260cfcefbCisco Security Advisory - A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device. The vulnerability is due to insufficient bounds checking in the DMo process. An attacker could exploit this vulnerability by sending crafted packets that are forwarded to the DMo process for evaluation. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
5690117646d6b3517de249b639b84ad6009dd63bbb933633ae322ba51a01b44eCisco Security Advisory - A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a format string vulnerability when processing a crafted DHCP packet for Zero Touch Provisioning. An attacker could exploit this vulnerability by sending a specially crafted DHCP packet to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
2758392fd2285e59de5765f4ed70e192889eb0b4cc11290f2945bbbaffd07401Cisco Security Advisory - A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
8bea2ddcb93ad10635670df2af50464d0f21871575a44f527c5534396ab6f63dCisco Security Advisory - A vulnerability in the DHCP client implementation of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a crafted DHCP packet. An attacker could exploit this vulnerability by sending crafted DHCP packets to an affected device that is configured as a DHCP client. A successful exploit could allow the attacker to cause a reload of an affected device, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
9128134a4778e4b6128fd57912ce670d99b70dd87d2acfe189b66ebf145284ceUbuntu Security Notice 3241-1 - Agostino Sarubbo discovered that audiofile incorrectly handled certain malformed audio files. If a user or automated system were tricked into processing a specially crafted audio file, a remote attacker could cause applications linked against audiofile to crash, leading to a denial of service, or possibly execute arbitrary code.
b58272bfc3b0c172a9d0f539a3283b0b6ea1615b24f343b4755033ddb00b102dThis Metasploit module will setup an SMTP server expecting a connection from SysGauge 1.5.18 via its SMTP server validation. The module sends a malicious response along in the 220 service ready response and exploits the client, resulting in an unprivileged shell.
4baa08befe8f7e2bbccdcae8c675d729f0222bafa9e6eadc97b5a044bd54592cUbuntu Security Notice 3239-2 - USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver library. This update reverts the change. Please note that long-running services that were restarted to compensate for the USN-3239-1 update may need to be restarted again. Various other issues were also addressed.
ff39913b27c4b2e011da5475a874c94850d6e1838b156178666e0c258fee9303Solare Datensysteme GmbH Solar-Log versions 250, 300, 500, 800e, 1000, 1000 PM+, 1200, and 2000 suffer from cross site request forgery, cross site scripting, file upload, information disclosure, and denial of service vulnerabilities.
2d4ea59b67a6e2e050f10517f0354018d7194b9a69fe3ed5b13cfef0aeab7eebDisk Sorter Enterprise version 9.5.12 GET buffer overflow SEH exploit.
9bcbe319bc61fad1c46803139c12a81d49aef3ac226ad042a33e2cd8d25b179cLynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
9eefc56f1cb21df77e0b7d63b294a213f45a9ed360107c30ddc9687ca1bfe940Portable OpenSSH supports running on Cygwin. However, the SFTP client only filters out forward slashes (in do_lsreaddir()) and the directory names "." and ".." (in download_dir_internal()). On Windows, including in Cygwin, backslashes can a lso be used for directory traversal.
653080ead75f1a09ebf8449dc6271901603c629ff1cecc6eeb9ae0c1a78ce3dawebsiteConnector.js content script in LastPass allows for proxying of internal RPC commands.
c01b74d3513ae36c123c2c3bd27e5429944df7d35416e37f930ce4fb1b95e591Joomla Extra Search component version 2.2.8 suffers from a remote SQL injection vulnerability.
5be2f98138805bf2cc9f1d2224fed71b68edd376c41d767b3a824ec1ae04d21dGLink Word Link Script version 1.2.3 suffers from a remote SQL injection vulnerability.
747e4c63b964c0b2248900a592b92907cc45965bc58ebbc6f8bf03f0e3e21876This is the fourteenth issue of POC || GTFO.
b9db617dcc146cc99f4379b3162a35818d884bf4032ab854b6ec00b5ec98138dThe openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
99100549029c65cf6ad2425ec7f3b189ffb833ad12012e7086e177768f241f33
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed