exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 255 RSS Feed

Files Date: 2022-07-01 to 2022-07-31

Transposh WordPress Translation 1.0.8.1 Remote Code Execution
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.8.1 and below have a "save_transposh" action available at "/wp-admin/admin.php?page=tp_advanced" that does not properly validate the "Log file name" allowing an attacker with the "Administrator" role to specify a .php file as the log destination. Since the log file is stored directly within the "/wp-admin" directory, executing arbitrary PHP code is possible by simply sending a crafted request that gets logged.

tags | exploit, arbitrary, php
advisories | CVE-2022-25812
SHA-256 | 8347827a18239dee9d623ea317bc7751b1e867031f7d4bbe6349594f42f4006f
Ubuntu Security Notice USN-5541-1
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5541-1 - Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. Jann Horn discovered that the FUSE file system in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-4197, CVE-2022-1011, CVE-2022-1198, CVE-2022-1199, CVE-2022-1204, CVE-2022-1205, CVE-2022-1353, CVE-2022-1516, CVE-2022-2380, CVE-2022-28388, CVE-2022-28389
SHA-256 | e964411e2a44ec6b1d66fca5a48f54b1a1e945a816cc42a923278a78bcde118e
Transposh WordPress Translation 1.0.8.1 SQL Injection
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.8.1 and below have a "tp_editor" page at "/wp-admin/admin.php?page=tp_editor" that is vulnerable to two authenticated, blind SQL injections when user-supplied input to the HTTP GET parameters "order" and "orderby" is processed by the web application.

tags | exploit, web, php, sql injection
advisories | CVE-2022-25811
SHA-256 | 6ffce07022d6d645854345ed70ea8823b6aaf618f4db874a0b2b20afa74331a3
Ubuntu Security Notice USN-5540-1
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5540-1 - Liu Jian discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the USB gadget subsystem in the Linux kernel did not properly validate interface descriptor requests. An attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-20141, CVE-2022-25258, CVE-2022-25375, CVE-2022-34918
SHA-256 | f428af4961f037f9aea520b0b4732e409e7b944994e66c7fc5dc8237a6730340
Faraday 4.0.4
Posted Jul 29, 2022
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Removed workspaces agents relationship and now agents can run to multiple workspaces. Fixed migration f82a9136c408 checking if index and constraints exist before deleting. Added count to vulns closed. Fixed order_by cve_instances__name when no filter was provided. Added index into vulnerability.
tags | tool, rootkit
systems | unix
SHA-256 | f6e4355d08634ff461526acba4fbfe0418340d80014fb3535d0553d3f4423448
Transposh WordPress Translation 1.0.8.1 Improper Authorization
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.8.1 and below do not properly enforce authorization on functionalities available on the plugin's "Utilities" page leading to unauthorized access for all user roles, including "Subscriber".

tags | exploit
advisories | CVE-2022-25810
SHA-256 | af33faff2eac2d7e60b23a09b13a21e743b2acab343abb9a1ba1e8f3913a386d
Red Hat Security Advisory 2022-5753-01
Posted Jul 29, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5753-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat, windows
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | f8378570cf35560179a4d3e79ab2bdff5edbdb9ae5318dc950cbf998c4e25013
Geonetwork 4.2.0 XML Injection
Posted Jul 29, 2022
Authored by Amel Bouziane-Leblond

Geonetwork versions 3.1.x through 4.2.0 suffer from an XML external entity injection vulnerability.

tags | exploit
SHA-256 | b6960c0b16c14d8c15e9fb95af349b9c0df4129ca1c1ec5012226c0cf1bf3a8b
Ubuntu Security Notice USN-5539-1
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5539-1 - It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service. Duoming Zhou discovered that the AX.25 amateur radio protocol implementation in the Linux kernel did not handle detach events properly in some situations. A local attacker could possibly use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-1195, CVE-2022-1199, CVE-2022-1204, CVE-2022-1205, CVE-2022-1789, CVE-2022-28388, CVE-2022-33981
SHA-256 | e0f1dc9c61a271fdd2e51e74092004e7786f7464ac5a1e07c3a459de607c3aff
Transposh WordPress Translation 1.0.8.1 Information Disclosure
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.8.1 and below have an ajax action called "tp_history" which is intended to return data about who has translated a text given by the "token" parameter. However, the plugin also returns the user's login name as part of the "user_login" attribute. Successful exploits can allow an unauthenticated attacker to leak the WordPress username of translators. If an anonymous user submitted the translation, then the user's IP address is returned.

tags | exploit, info disclosure
advisories | CVE-2022-2462
SHA-256 | 9edfbd7e51dbf96c4ec365750f8acbdc5e0bcb40dfa07245a905258f418c9681
Ubuntu Security Notice USN-5536-1
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5536-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, bypass Subresource Integrity protections, obtain sensitive information, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2022-2505, CVE-2022-36319
SHA-256 | a3f6eb274e9d4bb1910c15874d1f521d440de1c77c380a3de951175d7068aea7
Crime Reporting System 1.0 Cross Site Scripting
Posted Jul 29, 2022
Authored by Eslam Reda

Crime Reporting System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 134f7cc89e016dd40ec6f94be6c14e9a72f24e41d92ceac88aa2cd6916a78c10
Transposh WordPress Translation 1.0.8.1 Cross Site Request Forgery
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.8.1 and below suffer from cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2021-24912
SHA-256 | 00f492b81f8c36b3158ff92303a3ed9b8713a137b201a866100dd6430cd9a03c
Ubuntu Security Notice USN-5537-2
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5537-2 - USN-5537-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.7.39 in Ubuntu 16.04 ESM.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-21515
SHA-256 | 91ad3492d567b8359bd5f30f89f31f5809fa70a509cd42e4271733886d69ece0
rpc.py 0.6.0 Remote Code Execution
Posted Jul 29, 2022
Authored by Elias Hohl

rpc.py version 0.6.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2022-35411
SHA-256 | 33abea8f61fd6b17f12060c9cb706fdb9f1133ee39f527443f669393e2991229
Ubuntu Security Notice USN-5538-1
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5538-1 - It was discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-46828
SHA-256 | 92956c09842ba4745140cc0741ff13b31c793230ff51a01187672043280bfa9d
Transposh WordPress Translation 1.0.7 Incorrect Authorization
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.7 and below suffer from an incorrect authorization vulnerability. When installed, Transposh comes with a set of pre-configured options, one of these is the "Who can translate" setting under the "Settings" tab, which by default allows "Anonymous" users to add translations via the plugin's "tp_translation" ajax action. Successful exploits can allow an unauthenticated attacker to add translations to the WordPress site and thereby influence what is actually shown on the site.

tags | exploit
advisories | CVE-2022-2461
SHA-256 | c25e589bc0f339822e669aa5ee336af340896bf3579587f6ad8e5c6ae0691179
Red Hat Security Advisory 2022-5754-01
Posted Jul 29, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5754-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 26f47682777977fda3a4989390cfccb9c0053ddf9c75c92ad2fd0395143846ef
Dingtian-DT-R002 3.1.276A Authentication Bypass
Posted Jul 29, 2022
Authored by Victor Hanna

Dingtian-DT-R002 version 3.1.276A suffers from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2022-29593
SHA-256 | c4aafb04ab940ad8ed639d090f1cb3dab189b7a09aab3cd311715b6cd8f14560
Ubuntu Security Notice USN-5537-1
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5537-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.30 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.39. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-21509, CVE-2022-21525, CVE-2022-21529, CVE-2022-21537, CVE-2022-21553
SHA-256 | cdeec5366a2b7a76fe29f05a0289b9a37f2b6e645a369069aada53fbbd5ad0b1
Transposh WordPress Translation 1.0.7 Cross Site Scripting
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.7 and below have an ajax action "tp_translation" which is available to authenticated or unauthenticated users (see CVE-2022-2461) that allows them to submit new translations. Translations submitted this way are shown on the Transposh administrative interface on the pages "tp_main" and "tp_editor". However, since the plugin does not properly validate and sanitize the submitted translation, arbitrary Javascript code can be permanently injected and executed directly within the backend across all users visiting the page with the roles of at least "Subscriber" and up to "Administrator".

tags | exploit, arbitrary, javascript, xss
advisories | CVE-2021-24911
SHA-256 | 484332c9e36ec88f8a190cc80119a1f22da60e0f49e9a327a7f7268bba597fb7
Transposh WordPress Translation 1.0.7 Cross Site Scripting
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.7 and below have an ajax action "tp_tp" that is vulnerable to an unauthenticated/authenticated reflected cross site scripting vulnerability when user-supplied input to the HTTP GET parameter "q" is processed by the web application. Since the application does not properly validate and sanitize this parameter, it is possible to place arbitrary script code onto the same page.

tags | exploit, web, arbitrary, xss
advisories | CVE-2021-24910
SHA-256 | 126f6f0908b2d0af3788074669b78c52b992a1d268ad9fca40e951bf16e63e90
Abusing Microsoft System Center Configuration Manager (SCCM)
Posted Jul 29, 2022
Authored by Mazen Al-Faifi

Whitepaper called Abusing Microsoft System Center Configuration Manager (SCCM). Written in Arabic.

tags | paper
SHA-256 | 5b72b4426c74f72b869bca4e8c0638cb710f8a84b85dbb67be5d85a25110f951
WordPress WP-UserOnline 2.87.6 Cross Site Scripting
Posted Jul 29, 2022
Authored by Steffin Stanly

WordPress WP-UserOnline plugin versions 2.87.6 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f6801eabd968457a104d901ce64897fb4b492fbd508a10ad3532e3d5615da08a
Wireshark Analyzer 3.6.7
Posted Jul 28, 2022
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: 9 bug fixes and updated protocol support for BGP, DTLS, EtherCAT, EtherCAT Mailbox, HTTP, IEC 104, MEGACO, NHRP, PPPoE, QUIC, RTCP, Signal PDU, SOME/IP, and X509IF.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | cce10a35caa2f79b73d3e6e4dc5388dd47d216114a550fdeb06ae78da0edb7c5
Page 1 of 11
Back12345Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close