what you don't know can hurt you
Showing 1 - 17 of 17 RSS Feed

Files Date: 2021-01-15 to 2021-01-16

hardwear.io 2022 Call For Papers
Posted Jan 15, 2021
Authored by hardwear.io CFP

The call for papers for hardwear.io 2022 is open. It will take place July 8th through the 9th, 2022.

tags | paper, conference
SHA-256 | 68e8f7597dc3b1ef59385321a89fd0502ac80d70f83cf1f9901880f9f50eafbf
Ubuntu Security Notice USN-4693-1
Posted Jan 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4693-1 - It was discovered that an SQL injection vulnerability exists in the Ampache search engine. Any user able to perform searches could dump any data contained in the database. An attacker could use this to disclose sensitive information. It was discovered that an XSS vulnerability in Ampache. An attacker could use this vulnerability to force an admin to create a new privileged user. Various other issues were also addressed.

tags | advisory, sql injection
systems | linux, ubuntu
advisories | CVE-2019-12385, CVE-2019-12386
SHA-256 | 18b1e4a4d6c0257b8902895a9fc6a7a7a30f0026ee8bb8bf12953f5aa9e36421
UFW - A Beginners Guide To Linux Firewall
Posted Jan 15, 2021
Authored by Achint Basoya

Whitepaper called UFW - A Beginners Guide to Linux Firewall. The white paper is intended to provide information about a Linux firewall using a simple tool called UFW. It provides complete information on the tool and various ways through which users can create their own firewall rules to protects their assets.

tags | paper
systems | linux
SHA-256 | 929a14440f90b95d514c1cc14167b4adf7935f3c685443589bebc547833118c8
Netsia SEBA+ 0.16.1 Authentcation Bypass / Add Root User
Posted Jan 15, 2021
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits an authentication bypass in Netsia SEBA+ versions 0.16.1 and below to add a root user.

tags | exploit, root, bypass
SHA-256 | 81d29e7b25d87b1af18dee2c03c87aac3764dda86e6ebd3821d3086bb0eb9503
WhatWeb Scanner 0.5.5
Posted Jan 15, 2021
Authored by Andrew Horton | Site morningstarsecurity.com

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.

Changes: 1 fix, 8 new plugins, and 3 plugin updates.
tags | tool, web, scanner, javascript
systems | unix
SHA-256 | 96dedb6a377184fb8f5fd3f2a81c26ff8c92c4dc1503ce409793a1e7ab23695d
Alumni Management System 1.0 Cross Site Scripting
Posted Jan 15, 2021
Authored by Siva Rajendran

Alumni Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of cross scripting vulnerability in this version is attributed to Valerio Alessandroni in December of 2020.

tags | exploit, xss
SHA-256 | cd08f9ff7cab3663ceee1af6726ed4dba136a81f466ba3be76ef7f8b5988753a
E-Learning System 1.0 SQL Injection / Shell Upload
Posted Jan 15, 2021
Authored by Saurav Shukla, Himanshu Shukla

E-Learning System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass and also suffers from remote code execution via file upload functionality.

tags | exploit, remote, code execution, sql injection, file upload
SHA-256 | 8c130003474db5d0b8f04cf3029fdf7dd4afcf6fdc725ec96e203439631bca6c
Ubuntu Security Notice USN-4694-1
Posted Jan 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4694-1 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-28374
SHA-256 | dd241470c5806e0713b82db027f143f31f3cb8056a7697760fcec42574886cac
Linux/x86 Bindshell Shellcode
Posted Jan 15, 2021
Authored by ac3

65 bytes small Linux/x86 bindshell shellcode that binds /bin/sh to TCP/0.0.0.0:13377.

tags | x86, tcp, shellcode
systems | linux
SHA-256 | 0b6f0d113dff3fe9e7fd8830f15d89012a24c53b6fd740940fa27df4be7c06fe
Backdoor.Win32.Ncx.bt MVID-2021-0026 Remote Stack Buffer Overflow
Posted Jan 15, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Ncx.bt malware suffers from a remote stack buffer overflow vulnerability.

tags | exploit, remote, overflow
systems | windows
SHA-256 | 1c0d5f580ef7d2a4b99192a1ad2423ef09295a9c8b30cb49da16c710fbf46ac7
EyesOfNetwork 5.3 Remote Code Execution
Posted Jan 15, 2021
Authored by Ariane.Blow

EyesOfNetwork version 5.3 suffers from a remote code execution vulnerability that leverages file upload. Original discovery of remote code execution in this version is attributed to Clement Billac in February of 2020.

tags | exploit, remote, code execution, file upload
SHA-256 | 7eec6a20abcb4aef174b7fdab8cded3fd454e04fdef2b5f8981bc124b49ed2fe
Red Hat Security Advisory 2021-0146-01
Posted Jan 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0146-01 - Red Hat OpenShift Serverless 1.12.0 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.6, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2018-20843, CVE-2019-13050, CVE-2019-13627, CVE-2019-14889, CVE-2019-15903, CVE-2019-16168, CVE-2019-19221, CVE-2019-19906, CVE-2019-19956, CVE-2019-20218, CVE-2019-20387, CVE-2019-20388, CVE-2019-20454, CVE-2019-5018, CVE-2020-10029, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-1730, CVE-2020-1751, CVE-2020-1752, CVE-2020-1971, CVE-2020-24553, CVE-2020-24659, CVE-2020-28362, CVE-2020-28366, CVE-2020-28367
SHA-256 | a86c00be6acf79cfc141fb047b2a8d856fd69b40c660eaa8ec6d9b8a5a91d313
Online Hotel Reservation System 1.0 Cross Site Request Forgery
Posted Jan 15, 2021
Authored by Mesut Cetin

Online Hotel Reservation System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c49c1da76edd9c2305cff54a31dc11fbf4989074dcee25f70f5167c1f15b9374
Online Hotel Reservation System 1.0 SQL Injection
Posted Jan 15, 2021
Authored by Mesut Cetin

Online Hotel Reservation System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version was discovered by Richard Jones in January of 2021.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | af480f653be7b7719c1eb4a8aa072e485cef099de3e27e0236a843fc7c7103a7
WordPress Easy Contact Form 1.1.7 Cross Site Scripting
Posted Jan 15, 2021
Authored by Rahul Ramakant Singh

WordPress Easy Contact Form plugin version 1.1.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1d6ab2d82e06bf6a74ab9e050a835f14af398733782a7bff43fcee031c0c15df
Online Hotel Reservation System 1.0 Cross Site Scripting
Posted Jan 15, 2021
Authored by Mesut Cetin

Online Hotel Reservation System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6d7a9c260b2404bbf7538f74df76de3a6d34c9d982683d3ea7c43dbff20d83fa
PHP-Fusion 9.03.90 Cross Site Request Forgery
Posted Jan 15, 2021
Authored by Mohamed Oosman B S

PHP-Fusion version 9.03.90 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf
SHA-256 | e3cbe03265f3fd59ae2beb47eb8cd8d894c3dc1d155ac8ae7a8565e32ce238fd
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close