what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-05-18 to 2020-05-19

Dolibarr 11.0.3 Cross Site Scripting
Posted May 18, 2020
Authored by Mehmet Kelepce

Dolibarr version 11.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-13094
SHA-256 | 211ed7fe05f4f8e207f45b266bb828638c6e20b43074aa9139888a3ab65eeba3
Ubuntu Security Notice USN-4363-1
Posted May 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4363-1 - It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information. It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-11494, CVE-2020-11565, CVE-2020-11669, CVE-2020-12657
SHA-256 | fc9d288e93a1b9486a209f1f2b9d7e23d7cc984cfe2772b67824c80a4ad02276
Ubuntu Security Notice USN-4362-1
Posted May 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4362-1 - It was discovered that DPDK incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-10722, CVE-2020-10724, CVE-2020-10725, CVE-2020-10726
SHA-256 | 09f5f22b07c0aa365f9be4d721c91836b6df6c53217af2a8dcdd8fcef858dfbc
Red Hat Security Advisory 2020-2136-01
Posted May 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2136-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10712
SHA-256 | 1a200351fb09193d57c3aca6de49406a75a2f3a4a596d292ea2aff3fb5bb0e72
Pi-Hole heisenbergCompensator Blocklist OS Command Execution
Posted May 18, 2020
Authored by h00die, Nick Frichette | Site metasploit.com

This Metasploit module exploits a command execution in Pi-Hole versions 4.4 and below. A new blocklist is added, and then an update is forced (gravity) to pull in the blocklist content. PHP content is then written to a file within the webroot. Phase 1 writes a sudo pihole command to launch teleporter, effectively running a privilege escalation. Phase 2 writes our payload to teleporter.php, overwriting the content. Lastly, the phase 1 PHP file is called in the web root, which launches our payload in teleporter.php with root privileges.

tags | exploit, web, root, php
advisories | CVE-2020-11108
SHA-256 | e9e23eb75325d3d113b4298300162d67296d9023cbe19ae5f2709a0a7cace534
Oracle Hospitality RES 3700 5.7 Remote Code Execution
Posted May 18, 2020
Authored by Walid Faour

Oracle Hospitality RES 3700 versions 5.7 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-3025
SHA-256 | c70d722f24def5a0fc44bda1a9629e159191429aba952c8c7803c20b5f9ec1cf
nfstream 5.1.1
Posted May 18, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Fixed custom expiration handling.
tags | tool, python
systems | unix
SHA-256 | 7be034e76d8a422dea27e1ecc1000b72af080fcf3fcc5de6c9aab330a90bf6c3
WordPress Ajax Load More 5.3.1 SQL Injection
Posted May 18, 2020
Authored by Nguyen Khang

WordPress Ajax Load More plugin version 5.3.1 suffers from an authenticated remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b62e7993468155caf7c4a5bbff3af2c01d219ed45e79f6503ee63f9ca00ec5ac
Ubuntu Security Notice USN-4361-1
Posted May 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4361-1 - Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service. Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-10957, CVE-2020-10958
SHA-256 | 6ee8911fff03fb389c0482431869fdad5c89631e6f7a743f0768e361e278a6ba
Red Hat Security Advisory 2020-2067-01
Posted May 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2067-01 - This release of Red Hat build of Thorntail 2.5.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include HTTP request smuggling, bypass, cross site request forgery, cross site scripting, denial of service, and out of bounds read vulnerabilities.

tags | advisory, web, denial of service, vulnerability, xss, csrf
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-10199, CVE-2019-10201, CVE-2019-10219, CVE-2019-12400, CVE-2019-12406, CVE-2019-12419, CVE-2019-14540, CVE-2019-14820, CVE-2019-14832, CVE-2019-14838, CVE-2019-14887, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-20330, CVE-2019-3875, CVE-2019-9511, CVE-2019-9512, CVE-2019-9514
SHA-256 | 4f6b06242c907c4bb9882a9c0dd20ae51f06eb541c38e1084bc175618d6a5cbd
Online Chatting System 1.0 SQL Injection
Posted May 18, 2020
Authored by BKpatron

Online Chatting System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e94ba733c52fbbd0260a3742c9ed771a6cd4eb1c5b6eefd60063b90741bce97b
Online Healthcare Management System 1.0 SQL Injection
Posted May 18, 2020
Authored by BKpatron

Online Healthcare Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 4ff382533d058e32a385b20a6ec9d961ea7f3a46e3d0e7ebd03527c3ac4383df
Online Healthcare Patient Record Management System 1.0 SQL Injection
Posted May 18, 2020
Authored by Daniel Monzon

Online Healthcare Patient Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 0639d828a1081e369c71ca99163da888fc17e3c66874a56c8ed1b6b3f6ff0932
Online Examination System 1.0 SQL Injection
Posted May 18, 2020
Authored by BKpatron

Online Examination System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8bfa1449ad7720e662664a0eb75b1b1de05a6f90a53e726d9b5591b8e5d95706
Forma.LMS The E-Learning Suite 2.3.0.2 Cross Site Scripting
Posted May 18, 2020
Authored by Daniel Ortiz

Forma.LMS The E-Learning Suite version 2.3.0.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 549011bb42362fa97ce2863dbfb5fe945fdbe7c2b64f14dc43d70b41c4a50055
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close