what you don't know can hurt you
Showing 51 - 75 of 100 RSS Feed

Files

PHP Login And User Management 4.1.0 Shell Upload
Posted May 24, 2018
Authored by Reginald Dodd

PHP Login and User Management versions 4.1.0 and below suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, php
advisories | CVE-2018-11392
MD5 | bd0631b0840255f200ab219736fbbaaa

Related Files

Secunia Security Advisory 49094
Posted May 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in CiscoWorks Prime LAN Management Solution (LMS), which can be exploited by malicious people to conduct HTTP response splitting attacks, disclose potentially sensitive information, and bypass certain security restrictions.

tags | advisory, web, vulnerability
MD5 | 531d211757d8e8b4606b0149231db834
HP Security Bulletin HPSBMU02770 SSRT100848
Posted May 2, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02770 SSRT100848 - Potential security vulnerabilities have been identified with HP Insight Management Agents for Windows Server. The vulnerabilities could be exploited remotely resulting in cross site request forgery (CSRF), cross site scripting (XSS), URL redirection, unauthorized modification, and Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, xss, csrf
systems | windows
advisories | CVE-2012-2003, CVE-2012-2004, CVE-2012-2005, CVE-2012-2006
MD5 | 45fd6681a71b053808dba6cbfc591495
Websense (Triton 7.6) Authentication Bypass
Posted May 2, 2012
Authored by Ben Williams | Site ngssoftware.com

Websense (Triton version 7.6) suffers from an authentication bypass vulnerability in the report management UI.

tags | exploit, bypass
MD5 | 95c35e7dca133ded811d4ac9798a6f6f
Secunia Security Advisory 49054
Posted May 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Insight Management Agents, which can be exploited by malicious users to manipulate certain data and cause a DoS (Denial of Service) and by malicious people to conduct spoofing, cross-site scripting, and cross-site request forgery attacks.

tags | advisory, denial of service, spoof, vulnerability, xss, csrf
MD5 | c821a2c93125729215e79247ad1001cd
Red Hat Security Advisory 2012-0529-01
Posted May 1, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0529-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. MRG Messaging is a high-speed reliable messaging distribution for Linux based on AMQP, an open protocol standard for enterprise messaging that is designed to make mission critical messaging widely available as a standard service, and to make enterprise messaging interoperable across platforms, programming languages, and vendors. MRG Messaging includes an AMQP 0-10 messaging broker; AMQP 0-10 client libraries for C++, Java JMS, and Python; as well as persistence libraries and management tools.

tags | advisory, java, protocol, python
systems | linux, redhat
advisories | CVE-2011-3620
MD5 | 8c0244885a612ed657af80d5d87abe9e
Red Hat Security Advisory 2012-0528-01
Posted May 1, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0528-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. MRG Messaging is a high-speed reliable messaging distribution for Linux based on AMQP, an open protocol standard for enterprise messaging that is designed to make mission critical messaging widely available as a standard service, and to make enterprise messaging interoperable across platforms, programming languages, and vendors. MRG Messaging includes an AMQP 0-10 messaging broker; AMQP 0-10 client libraries for C++, Java JMS, and Python; as well as persistence libraries and management tools.

tags | advisory, java, protocol, python
systems | linux, redhat
advisories | CVE-2011-3620
MD5 | f0370fdb36b19a2ab902db3245d65dda
PHP Volunteer Management 1.0.2 SQL Injection
Posted May 1, 2012
Authored by eidelweiss

PHP Volunteer Management version 1.0.2 suffers from a remote SQL injection vulnerability in get_messages.php.

tags | exploit, remote, php, sql injection
MD5 | 2417eddc3bf12db62df922d474f46cd9
PHP Volunteer Management 1.0.2 SQL Injection
Posted Apr 30, 2012
Authored by eidelweiss

PHP Volunteer Management version 1.0.2 suffers from a remote SQL injection vulnerability in get_messages.php.

tags | exploit, remote, php, sql injection
MD5 | 3e0f2910740ee66fc78fe170dce97825
Secunia Security Advisory 48988
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - G13 has discovered two vulnerabilities in PHP Volunteer Management, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, php, vulnerability, xss, sql injection
MD5 | 7d219928faad92df5c9dc02d27ace282
PHP Volunteer Management 1.0.2 Cross Site Scripting / SQL Injection
Posted Apr 26, 2012
Authored by G13

PHP Volunteer Management version 1.0.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, xss, sql injection
MD5 | 69de340dd3b829a3440ceb4acbffdbc3
Secunia Security Advisory 48921
Posted Apr 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Argyll Color Management System, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
MD5 | 1c4f775925db755f0ec24395f1821f12
Secunia Security Advisory 48843
Posted Apr 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Hitachi JP1/IT Desktop Management, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability, xss
MD5 | 4e80ddc3b5026f31d4c082760e67f23e
HP Security Bulletin HPSBMU02764 SSRT100827 2
Posted Apr 20, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02764 SSRT100827 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, csrf
systems | linux, windows
advisories | CVE-2009-0037, CVE-2010-0734, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-0014, CVE-2011-0195, CVE-2011-0419, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1928, CVE-2011-1938, CVE-2011-1945, CVE-2011-2192, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3192
MD5 | aff846af673c7b44d692485afd250089
Debian Security Advisory 2455-1
Posted Apr 20, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2455-1 - Helmut Hummel of the typo3 security team discovered that typo3, a web content management system, is not properly sanitizing output of the exception handler. This allows an attacker to conduct cross-site scripting attacks if either third-party extensions are installed that do not sanitize this output on their own or in the presence of extensions using the extbase MVC framework which accept objects to controller actions.

tags | advisory, web, xss
systems | linux, debian
advisories | CVE-2012-2112
MD5 | 5f9d9d8e05c845911b4758c7c3903684
Secunia Security Advisory 48877
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle PeopleSoft Human Capital Management, which can be exploited by malicious users to disclose potentially sensitive information.

tags | advisory
MD5 | 12d0a368df471e4881029160b69782a2
Secunia Security Advisory 48858
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Identity Manager Connector for Database User Management, which can be exploited by malicious users to manipulate certain data.

tags | advisory
MD5 | c8dcd943c4dd9d8457b06931070ab192
Secunia Security Advisory 48888
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Primavera P6 Enterprise Project Portfolio Management, which can be exploited by malicious people to manipulate certain data.

tags | advisory
MD5 | 2ebb476293183373c4f6cf92f8fdb99d
Secunia Security Advisory 48878
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle PeopleSoft Enterprise Human Resource Management System, which can be exploited by malicious users to disclose sensitive information and manipulate certain data.

tags | advisory, vulnerability
MD5 | eb7794185469e19ec74106173bac029f
Secunia Security Advisory 48884
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Oracle PeopleSoft Enterprise Supply Chain Management, which can be exploited by malicious users to disclose sensitive information and manipulate certain data.

tags | advisory, vulnerability
MD5 | dc9f94258db9544f29159d26e0ee774f
HP Security Bulletin HPSBMU02764 SSRT100827
Posted Apr 17, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02764 SSRT100827 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, csrf
systems | linux, windows
advisories | CVE-2009-0037, CVE-2010-0734, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-0014, CVE-2011-0195, CVE-2011-0419, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1928, CVE-2011-1938, CVE-2011-1945, CVE-2011-2192, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3192
MD5 | 230e5876c2c2c77609e110526b8cc06b
Debian Security Advisory 2451-1
Posted Apr 13, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2451-1 - Several vulnerabilities have been discovered in puppet, a centralized configuration management system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-1906, CVE-2012-1986, CVE-2012-1987, CVE-2012-1988
MD5 | 2c9a80b47d58210b03775dc110ae6eec
Red Hat Security Advisory 2012-0476-01
Posted Apr 12, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0476-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. Several cross-site scripting flaws were found in the MRG Management Console. An authorized user on the local network could use these flaws to perform cross-site scripting attacks against MRG Management Console users.

tags | advisory, local, xss
systems | linux, redhat
advisories | CVE-2012-1575
MD5 | ada85046e9e7acc12b8273312ac56e7e
Red Hat Security Advisory 2012-0477-01
Posted Apr 12, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0477-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. Several cross-site scripting flaws were found in the MRG Management Console. An authorized user on the local network could use these flaws to perform cross-site scripting attacks against MRG Management Console users.

tags | advisory, local, xss
systems | linux, redhat
advisories | CVE-2012-1575
MD5 | 120bb7a37abdd3c283860374b7457fd9
Secunia Security Advisory 43012
Posted Apr 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sow Ching Shiong has discovered a vulnerability in HP System Management Homepage, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 0bd3c53ef4e11f6d3015217d8609b22e
LANDesk Lenovo ThinkManagement Console Remote Command Execution
Posted Apr 10, 2012
Authored by Andrea Micalizzi, juan vazquez | Site metasploit.com

This Metasploit module can be used to execute a payload on LANDesk Lenovo ThinkManagement Suite 9.0.2 and 9.0.3. The payload is uploaded as an ASP script by sending a specially crafted SOAP request to "/landesk/managementsuite/core/core.anonymous/ServerSetup.asmx" , via a "RunAMTCommand" operation with the command '-PutUpdateFileCore' as the argument. After execution, the ASP script with the payload is deleted by sending another specially crafted SOAP request to "WSVulnerabilityCore/VulCore.asmx" via a "SetTaskLogByFile" operation.

tags | exploit, asp
advisories | CVE-2012-1195, CVE-2012-1196, OSVDB-79276, OSVDB-79277
MD5 | 7e622d16202980709325aec7154b625c
Page 3 of 4
Back1234Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close