exploit the possibilities
Showing 1 - 25 of 114,755 RSS Feed

Files

Ubuntu Security Notice USN-4693-1
Posted Jan 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4693-1 - It was discovered that an SQL injection vulnerability exists in the Ampache search engine. Any user able to perform searches could dump any data contained in the database. An attacker could use this to disclose sensitive information. It was discovered that an XSS vulnerability in Ampache. An attacker could use this vulnerability to force an admin to create a new privileged user. Various other issues were also addressed.

tags | advisory, sql injection
systems | linux, ubuntu
advisories | CVE-2019-12385, CVE-2019-12386
MD5 | 19e32413eae87248300241c7423c86b4
UFW - A Beginners Guide To Linux Firewall
Posted Jan 15, 2021
Authored by Achint Basoya

Whitepaper called UFW - A Beginners Guide to Linux Firewall. The white paper is intended to provide information about a Linux firewall using a simple tool called UFW. It provides complete information on the tool and various ways through which users can create their own firewall rules to protects their assets.

tags | paper
systems | linux
MD5 | 3f0bb94817761f100839d5cdd6f95239
Netsia SEBA+ 0.16.1 Authentcation Bypass / Add Root User
Posted Jan 15, 2021
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits an authentication bypass in Netsia SEBA+ versions 0.16.1 and below to add a root user.

tags | exploit, root, bypass
MD5 | 48e1d8f9d10632c1de0461c5d272f23d
WhatWeb Scanner 0.5.5
Posted Jan 15, 2021
Authored by Andrew Horton | Site morningstarsecurity.com

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.

Changes: 1 fix, 8 new plugins, and 3 plugin updates.
tags | tool, web, scanner, javascript
systems | unix
MD5 | bc2f2e427e390103121096cda4697849
Alumni Management System 1.0 Cross Site Scripting
Posted Jan 15, 2021
Authored by Siva Rajendran

Alumni Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of cross scripting vulnerability in this version is attributed to Valerio Alessandroni in December of 2020.

tags | exploit, xss
MD5 | 7e7f7e920f13cf33daa0a40bb09f0cc3
E-Learning System 1.0 SQL Injection / Shell Upload
Posted Jan 15, 2021
Authored by Saurav Shukla, Himanshu Shukla

E-Learning System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass and also suffers from remote code execution via file upload functionality.

tags | exploit, remote, code execution, sql injection, file upload
MD5 | bd3d65870be0207ac9da305059435137
Ubuntu Security Notice USN-4694-1
Posted Jan 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4694-1 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-28374
MD5 | 39bd5d296c952869b692a804fbc44d89
Linux/x86 Bindshell Shellcode
Posted Jan 15, 2021
Authored by ac3

65 bytes small Linux/x86 bindshell shellcode that binds /bin/sh to TCP/0.0.0.0:13377.

tags | x86, tcp, shellcode
systems | linux
MD5 | b50ae92a79eb994d20eae879ab538a64
Backdoor.Win32.Ncx.bt Remote Stack Buffer Overflow
Posted Jan 15, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Ncx.bt malware suffers from a remote stack buffer overflow vulnerability.

tags | exploit, remote, overflow
systems | windows
MD5 | f5bce01787682bf3fb97234b39073682
EyesOfNetwork 5.3 Remote Code Execution
Posted Jan 15, 2021
Authored by Ariane.Blow

EyesOfNetwork version 5.3 suffers from a remote code execution vulnerability that leverages file upload. Original discovery of remote code execution in this version is attributed to Clement Billac in February of 2020.

tags | exploit, remote, code execution, file upload
MD5 | 080019485e2ef8b6d7f66a5cd8adfc99
Red Hat Security Advisory 2021-0146-01
Posted Jan 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0146-01 - Red Hat OpenShift Serverless 1.12.0 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.6, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2018-20843, CVE-2019-13050, CVE-2019-13627, CVE-2019-14889, CVE-2019-15903, CVE-2019-16168, CVE-2019-19221, CVE-2019-19906, CVE-2019-19956, CVE-2019-20218, CVE-2019-20387, CVE-2019-20388, CVE-2019-20454, CVE-2019-5018, CVE-2020-10029, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-1730, CVE-2020-1751, CVE-2020-1752, CVE-2020-1971, CVE-2020-24553, CVE-2020-24659, CVE-2020-28362, CVE-2020-28366, CVE-2020-28367
MD5 | 9dba7e8106d51a5107b866a1127bc064
Online Hotel Reservation System 1.0 Cross Site Request Forgery
Posted Jan 15, 2021
Authored by Mesut Cetin

Online Hotel Reservation System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | fb9e7a0cd6253ffe05b2cf9641cb64f7
Online Hotel Reservation System 1.0 SQL Injection
Posted Jan 15, 2021
Authored by Mesut Cetin

Online Hotel Reservation System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version was discovered by Richard Jones in January of 2021.

tags | exploit, remote, vulnerability, sql injection
MD5 | 3aad311d35f1aea7bf29d2b04f9dd2a0
WordPress Easy Contact Form 1.1.7 Cross Site Scripting
Posted Jan 15, 2021
Authored by Rahul Ramakant Singh

WordPress Easy Contact Form plugin version 1.1.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 57ebb8109c315a9ed11b01cba6760fa7
Online Hotel Reservation System 1.0 Cross Site Scripting
Posted Jan 15, 2021
Authored by Mesut Cetin

Online Hotel Reservation System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 046061fd5a4b78f1d7d6cec21938c733
PHP-Fusion 9.03.90 Cross Site Request Forgery
Posted Jan 15, 2021
Authored by Mohamed Oosman B S

PHP-Fusion version 9.03.90 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf
MD5 | a76b7516f7ee7034ed0e11633425eb87
Red Hat Security Advisory 2021-0145-01
Posted Jan 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0145-01 - Red Hat OpenShift Serverless Client kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Red Hat OpenShift Serverless Client kn 1.12.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.12.0, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-24553, CVE-2020-28362, CVE-2020-28366, CVE-2020-28367
MD5 | 84bd3c7609f304afda32dcf7e6933684
Backdoor.Win32.Ketch.a Remote Stack Buffer Overflow
Posted Jan 14, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Ketch.a suffers from a remote stack buffer overflow vulnerability.

tags | exploit, remote, overflow
systems | windows
MD5 | 2b2dc699e19a395de36fa5e2527ce2c4
Cisco RV110W 1.2.1.7 Denial Of Service
Posted Jan 14, 2021
Authored by Shizhi He

Cisco RV110W version 1.2.1.7 vpn_account denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | cisco
advisories | CVE-2021-1167
MD5 | 22bfead549943dbe0007ce4ce4a7b6f5
Red Hat Security Advisory 2021-0136-01
Posted Jan 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0136-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2020-25641
MD5 | 1d49a6729e2d0a14c1ec07cecb765517
Laravel 8.4.2 Remote Code Execution
Posted Jan 14, 2021
Authored by SunCSR Team

Laravel version 8.4.2 suffers from a debug mode remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 777a54e04861b26de13d508208e0dd5b
Backdoor.Win32.Ketch.i Remote Stack Buffer Overflow
Posted Jan 14, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Ketch.i malware suffers from a remote stack buffer overflow vulnerability.

tags | exploit, remote, overflow
systems | windows
MD5 | db079ee4491b3f466c3e96c16dc1b444
Online Shopping Cart 1.0 SQL Injection
Posted Jan 14, 2021
Authored by Aydin Baran Ertemir

Online Shopping Cart version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | dea39b3434f697b559c641e668911a5e
Nagios XI 5.7.x Remote Code Execution
Posted Jan 14, 2021
Authored by Haboob Team

Nagios XI version 5.7.x authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-35578
MD5 | f073a75639db0a35ee5dc80c46f26db4
Ubuntu Security Notice USN-4692-1
Posted Jan 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4692-1 - Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Daniel Axtens discovered that tar incorrectly handled certain malformed tar files. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to cause tar to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-20482, CVE-2019-9923
MD5 | 344cbf5822690466c47037ca26772ba8
Page 1 of 4,591
Back12345Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close