exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2020-08-04 to 2020-08-05

SQLMAP - Automatic SQL Injection Tool 1.4.8
Posted Aug 4, 2020
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Bug fixes.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | 2f8b64881afdbd044dcf3707dc7f56e7347e3332a692dfe79fb59ef71c7bb769
Documalis Free PDF Editor 5.7.2.26 / Documalis Free PDF Scanner 5.7.2.122 Buffer Overflow
Posted Aug 4, 2020
Authored by metacom | Site metasploit.com

Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit this vulnerability to trigger a buffer overflow on the stack and gain remote code execution as the user running the Documalis Free PDF Editor or Documalis Free PDF Scanner software.

tags | exploit, remote, overflow, code execution
SHA-256 | a470639faa2ee4a0b417e12596275b4d8fa9a29716deb25f60c4b8b3b2b5cd5c
Gantt-Chart For Jira 5.5.4 Cross Site Scripting
Posted Aug 4, 2020
Authored by Sebastian Auwaerter | Site syss.de

Gantt-Chart for Jira versions 5.5.4 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-15944
SHA-256 | dba9c39f62d06702328bfd60b00d5294682d93ffb3a9a9a32da2fcec3d90878c
Gantt-Chart For Jira 5.5.3 Missing Privilege Check
Posted Aug 4, 2020
Authored by Sebastian Auwaerter | Site syss.de

Gantt-Chart for Jira versions 5.5.3 and below misses a privilege check which allows an attacker to read and write the module configuration for other users.

tags | exploit
advisories | CVE-2020-15943
SHA-256 | 9df2362de6597719f21d5c1862f3e1d1ce649c17851a9656ab81b49eafc4b5ff
Red Hat Security Advisory 2020-3247-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3247-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2017-18635, CVE-2019-10086, CVE-2019-13990, CVE-2019-17195, CVE-2019-19336, CVE-2019-8331, CVE-2020-10775, CVE-2020-11022, CVE-2020-11023, CVE-2020-7598
SHA-256 | e6f2535c6436b0a735b170e94bf5d8887dbf21ad4b4d2db85d0b797efa770f33
Red Hat Security Advisory 2020-3308-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3308-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3.2 serves as a replacement for Red Hat JBoss Web Server 5.3.1, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, java, web, denial of service
systems | linux, redhat
advisories | CVE-2020-13934, CVE-2020-13935
SHA-256 | cc6e76667f7826d1e0bf63bc67bcfe44310c01596903dfd71f062c6d853f550a
Red Hat Security Advisory 2020-3306-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3306-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3.2 serves as a replacement for Red Hat JBoss Web Server 5.3.1, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, java, web, denial of service
systems | linux, redhat
advisories | CVE-2020-13934, CVE-2020-13935
SHA-256 | 746c15b38ddf58a167d303475f5eb2c23fa0430ac47e219fc015ff7c0ae16528
Red Hat Security Advisory 2020-3305-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3305-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 10 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-13935, CVE-2020-1935
SHA-256 | c243b17e41ad7e85f479e20ba6faa1fef7e0ab201e56fd7ca1a104d4ca29c03c
Red Hat Security Advisory 2020-3303-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3303-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 10 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-13935, CVE-2020-1935
SHA-256 | 72459dedb4bc87767ff9ec4e3a6d02e13077fcfa240e22e8b5884e01dbfea3a3
Red Hat Security Advisory 2020-3302-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3302-01 - The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Issues addressed include an out of bounds read vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2020-11538
SHA-256 | 6beb1c9eac5d214731da44f1734c6e36eeee46f2c1cf4468dcf0c171c83e41c5
Red Hat Security Advisory 2020-3298-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3298-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-12049
SHA-256 | 0e11f5df8ab413e8b8b66ed5ab45db4d86fd9e72490a32e4442647e1a844cf75
Red Hat Security Advisory 2020-3299-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3299-01 - The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Issues addressed include an out of bounds read vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2020-11538
SHA-256 | 8ca868d9c353910487e49a7be482d766717ffac8e961ec9e7bd64a6792198617
Red Hat Security Advisory 2020-3297-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3297-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-10766, CVE-2020-10767, CVE-2020-10768
SHA-256 | 06a593e82c01f3daf197540c7f91660654f1c4197cbd7da4e15de22c5f092926
Ubuntu Security Notice USN-4298-2
Posted Aug 4, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4298-2 - USN-4298-1 fixed several vulnerabilities in SQLite. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-13734, CVE-2019-13750, CVE-2019-13751, CVE-2019-13753, CVE-2019-19926
SHA-256 | 1f6b622226413e4a80acf52e302ba6f843a1f35b875d754c4b9f9a93a0dce4ce
c-ares 1.16.0 Use-After-Free
Posted Aug 4, 2020
Authored by Jann Horn, Google Security Research

c-ares version 1.16.0 has an issue where ares_destroy() with pending ares_getaddrinfo() leads to a use-after-free condition.

tags | advisory
SHA-256 | 7dac05abea704e153870ceb3821b9fcf3b37ca198add02caa774bdda39438cd9
Mocha Telnet Lite For iOS 4.2 Denial Of Service
Posted Aug 4, 2020
Authored by Luis Martinez

Mocha Telnet Lite for iOS version 4.2 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | ios
SHA-256 | 9a5a8b0a5f54690053bd1374cd29bcc29b691e578bc3aa0a707b95622c235114
Daily Expenses Management System 1.0 SQL Injection
Posted Aug 4, 2020
Authored by Daniel Ortiz

Daily Expenses Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3efa582c4893fa82399e8262ebac0060bdda7742f46759c49dd3cb4a8ed400d7
RTSP For iOS 1.0 Denial Of Service
Posted Aug 4, 2020
Authored by Luis Martinez

RTSP for iOS version 1.0 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | ios
SHA-256 | b845ab4fd8a9a18a827935204013614fad80dc1e037171e6411158ca11b4c166
Pi-hole 4.3.2 Remote Code Execution
Posted Aug 4, 2020
Authored by Luis Vacacas

Pi-hole version 4.3.2 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-8816
SHA-256 | 6c7ede8fd156dade480fdec18d5548dbf5d48ae94edd0fb6b8ff372bb2220dca
Sifter 9.2
Posted Aug 4, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Various runtime fixes in execution scripts.
tags | tool, remote, local, scanner, vulnerability
systems | unix
SHA-256 | 7901b9fbfb7f13e927a9fe63e233b6b62a4999a9a2a5c8565124319a97b9ef7d
Car Rental Management System 1.0 Remote Code Execution
Posted Aug 4, 2020
Authored by hyd3sec

Car Rental Management System version 1.0 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | ded9539f93f93225baca3f19309a19831bccb44a855907289ad395322a75422e
Car Rental Management System 1.0 Cross Site Scripting
Posted Aug 4, 2020
Authored by hyd3sec

Car Rental Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6527e433c91a38dda3f42d94a7b2be8037e10eda89003ebc226ebb4f46464ecc
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close