exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2024-04-19 to 2024-04-20

FlatPress 1.3 Shell Upload
Posted Apr 19, 2024
Authored by Ahmet Umit Bayram

FlatPress version 1.3 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 95b37bcd0ee004b10ed07d1d5449e20f0b6c896143d3d34e105388324e4c71e6
MindManager Local Privilege Escalation
Posted Apr 19, 2024
Authored by Julian Horoszkiewicz, Pawel Karwowski | Site github.com

MindManager suffers from a local privilege escalation vulnerability via MSI installer Repair Mode.

tags | exploit, local
advisories | CVE-2021-41526
SHA-256 | ab9b32a15211295bcafeec5242eb488f9dfcc8f2e3a1d0f8296e98ddcd9286e5
Ubuntu Security Notice USN-6741-1
Posted Apr 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6741-1 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel, protocol
systems | linux, ubuntu
advisories | CVE-2023-24023, CVE-2024-26589
SHA-256 | c6b3855c5a30ae98458ae3e5b1858440f9d4c3d136432f67ecdd3beeeb05fc11
WordPress Background Image Cropper 1.2 Shell Upload
Posted Apr 19, 2024
Authored by Milad Karimi

WordPress Background Image Cropper plugin version 1.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 7fde3f2c891e83214995aac3e02a1bffb22561963731277fa9a9d738f179af92
Flowise 1.6.5 Authentication Bypass
Posted Apr 19, 2024
Authored by Maerifat Majeed

Flowise version 1.6.5 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2024-31621
SHA-256 | 3e1f90eb3e5b1062684116e0ad3ee800ad56cd0568e9f1d337614220c32d8dba
Ubuntu Security Notice USN-6740-1
Posted Apr 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6740-1 - Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that the virtio network implementation in the Linux kernel did not properly handle file references in the host, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2023-1382, CVE-2023-1838, CVE-2023-1998, CVE-2023-24023, CVE-2023-51043, CVE-2023-51779, CVE-2023-52451, CVE-2023-6915, CVE-2024-0639
SHA-256 | 444f68d723cc469e212afdb8cada5cf6504c7f71ead1646805559424b443f87e
Ubuntu Security Notice USN-6739-1
Posted Apr 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6739-1 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2019-25162, CVE-2021-46990, CVE-2022-20422, CVE-2023-1382, CVE-2023-1998, CVE-2023-24023, CVE-2023-51043, CVE-2023-51779, CVE-2023-52445, CVE-2023-52600, CVE-2023-52603, CVE-2024-23851
SHA-256 | 5f4dadac1f0ffbad1948bc44ea21d9526e86681e856c3a3cb7fb406e90965bf4
Relate Learning And Teaching System SSTI / Remote Code Execution
Posted Apr 19, 2024
Authored by kai6u

Relate Learning and Teaching System versions prior to 2024.1 suffers from a server-side template injection vulnerability that leads to remote code execution. This particular finding targets the Markup Sandbox function.

tags | exploit, remote, code execution
SHA-256 | dc9ebb411726c774da4987d54d2ba2f224359e747d24c55618c19978e8b73e8a
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close