what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

CMS Made Simple (CMSMS) Showtime2 File Upload Remote Command Execution
Posted Mar 27, 2019
Authored by Daniele Scanu, Fabio Cogno | Site metasploit.com

This Metasploit module exploits a file upload vulnerability that allows for remote command execution in Showtime2 module versions 3.6.2 and below in CMS Made Simple (CMSMS). An authenticated user with "Use Showtime2" privilege could exploit the vulnerability. The vulnerability exists in the Showtime2 module, where the class "class.showtime2_image.php" does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). Tested on Showtime2 3.6.2, 3.6.1, 3.6.0, 3.5.4, 3.5.3, 3.5.2, 3.5.1, 3.5.0, 3.4.5, 3.4.3, 3.4.2 on CMS Made Simple (CMSMS) 2.2.9.1.

tags | exploit, remote, php, file upload
advisories | CVE-2019-9692
MD5 | 34616f7d15896f8238efb1b0c1d26897

Related Files

Secunia Security Advisory 50277
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for perl-YAML-LibYAML. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise an application using the module.

tags | advisory, perl, vulnerability
systems | linux, suse
MD5 | 182fbef40fb0a317fe74fe7ce4f34171
Adobe Flash Player 11.3 Font Parsing Code Execution
Posted Aug 17, 2012
Authored by sinn3r, Alexander Gavrun, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in the ActiveX component of Adobe Flash Player before 11.3.300.271. By supplying a corrupt Font file used by the SWF, it is possible to gain arbitrary remote code execution under the context of the user, as exploited in the wild.

tags | exploit, remote, arbitrary, code execution, activex
advisories | CVE-2012-1535, OSVDB-84607
MD5 | e01299565c3420ecbac1bfe81c71d308
Secunia Security Advisory 50274
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Justin C. Klein Keane has reported two vulnerabilities in the HotBlocks module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | 37563c39d2a304fca7ccf0815ac304d7
Secunia Security Advisory 50256
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Justin C. Klein Keane has reported a vulnerability in the Custom Publishing Options module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | c08202f37f04832c8e37ec9b9ee18953
Drupal Elegant Theme 7.x Cross Site Scripting
Posted Aug 15, 2012
Authored by Greg Knaddison | Site drupal.org

Drupal Elegant Theme third party module version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 93e1dd81ddd5ebda197e62d31db8ed27
Drupal Custom Publishing Options 6.x Cross Site Scripting
Posted Aug 15, 2012
Site drupal.org

Drupal Custom Publishing Options third party module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | c38c7bc131df55d6bc9236b34d4dc614
Drupal HotBlocks 6.x XSS / Denial Of Service
Posted Aug 15, 2012
Authored by Justin C. Klein Keane | Site drupal.org

Drupal Hotblocks third party module version 6.x suffers from cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
MD5 | 719b8de21e5b148dd54c9d579c03b197
Windows Service Trusted Path Privilege Escalation
Posted Aug 15, 2012
Authored by sinn3r | Site metasploit.com

This Metasploit module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths: C:\program.exe, and C:\program files\hello.exe, and then execute all of them. To some software developers, this is an unexpected behavior, which becomes a security problem if an attacker is able to place a malicious executable in one of these unexpected paths, sometimes escalate privileges if run as SYSTEM. Some softwares such as OpenVPN 2.1.1, or OpenSSH Server 5, etc... all have the same problem.

tags | exploit
systems | windows
MD5 | 1d4dd3fbed6dce4a1a0d0668447ab955
globalSCAPE CuteZIP Stack Buffer Overflow
Posted Aug 15, 2012
Authored by C4SS!0 G0M3S, juan vazquez | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in version 2.1 of CuteZIP. In order for the command to be executed, an attacker must convince the target user to open a specially crafted zip file with CuteZIP. By doing so, an attacker can execute arbitrary code as the target user.

tags | exploit, overflow, arbitrary
MD5 | 6eb4d1790c7b9fec75c5601a37cd6a05
Gentoo Linux Security Advisory 201208-05
Posted Aug 15, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201208-5 - An insecure temporary file usage has been reported in the Perl Config-IniFiles module, possibly allowing symlink attacks. Versions below 2.710.0 are affected.

tags | advisory, perl
systems | linux, gentoo
advisories | CVE-2012-2451
MD5 | 839c4b0674c414683b044d56b5f91739
Novell ZENworks Asset Management Remote Execution
Posted Aug 14, 2012
Authored by juan vazquez | Site metasploit.com

This Metasploit module exploits a path traversal flaw in Novell ZENworks Asset Management 7.5. By exploiting the CatchFileServlet, an attacker can upload a malicious file outside of the MalibuUploadDirectory and then make a secondary request that allows for arbitrary code execution.

tags | exploit, arbitrary, code execution
advisories | CVE-2011-2653, OSVDB-77583
MD5 | 8c94989c617aa92806f333c02a5ccf9e
Cyclope Employee Surveillance Solution 6 SQL Injection
Posted Aug 14, 2012
Authored by loneferret, sinn3r | Site metasploit.com

This Metasploit module exploits a SQL injection found in Cyclope Employee Surveillance Solution. Because the login script does not properly handle the user-supplied username parameter, a malicious user can manipulate the SQL query, and allows arbitrary code execution under the context of 'SYSTEM'.

tags | exploit, arbitrary, code execution, sql injection
advisories | OSVDB-84517
MD5 | 837146f8a3b99b3c8dfc3c6b60f22822
TestLink 1.9.3 Arbitrary File Upload
Posted Aug 14, 2012
Authored by Brendan Coles | Site metasploit.com

This Metasploit module exploits a vulnerability in TestLink versions 1.9.3 and prior. This application has an upload feature that allows any authenticated user to upload arbitrary files to the '/upload_area/nodes_hierarchy/' directory with a randomized file name. The file name can be retrieved from the database using SQL injection.

tags | exploit, arbitrary, sql injection
MD5 | 5d45fc6e2938c21b4e62206f1750ded1
Ubuntu Security Notice USN-1529-1
Posted Aug 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1529-1 - A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM (Kernel-based Virtual Machine) to create a network bridge between host and guest. A privileged user in a guest could exploit this flaw to crash the host, if the vhost_net module is loaded with the experimental_zcopytx option enabled. An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-2119, CVE-2012-2136, CVE-2012-2137, CVE-2012-2372, CVE-2012-2373, CVE-2012-3364, CVE-2012-3375, CVE-2012-3400, CVE-2012-2119, CVE-2012-2136, CVE-2012-2137, CVE-2012-2372, CVE-2012-2373, CVE-2012-3364, CVE-2012-3375, CVE-2012-3400
MD5 | af2ef686a035e339e802557747aba3df
Ubuntu Security Notice USN-1514-1
Posted Aug 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1514-1 - A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM (Kernel-based Virtual Machine) to create a network bridge between host and guest. A privileged user in a guest could exploit this flaw to crash the host, if the vhost_net module is loaded with the experimental_zcopytx option enabled. An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-2119, CVE-2012-2136, CVE-2012-2137, CVE-2012-2372, CVE-2012-2373, CVE-2012-3364, CVE-2012-3375, CVE-2012-3400, CVE-2012-2119, CVE-2012-2136, CVE-2012-2137, CVE-2012-2372, CVE-2012-2373, CVE-2012-3364, CVE-2012-3375, CVE-2012-3400
MD5 | 135d74622b0eb63c6f412c8920b6b530
Secunia Security Advisory 50179
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Better Revisions module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | 05f0ef64935e6a6da3d46d3b8e61a537
Secunia Security Advisory 50182
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Shorten URLs module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | 7d9fb095184ffbe8bb472d81dd0755de
Secunia Security Advisory 50170
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the Mime Mail module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
MD5 | e3b59c4f4ff234f6e01175bafd104c8a
NetDecision 4.2 TFTP Writable Directory Traversal Execution
Posted Aug 9, 2012
Authored by Rob Kraus, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in NetDecision 4.2 TFTP server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file system, which results in code execution under the context of user executing the TFTP Server.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2009-1730, OSVDB-54607
MD5 | 50854cb971dc87b2cb4c48dcf38444d5
Drupal Mime Mail 6.x Access Bypass
Posted Aug 9, 2012
Authored by Greg Knaddison, Gabor Seljan | Site drupal.org

Drupal Mime Mail third party module version 6.x suffers from an access bypass vulnerability.

tags | advisory, bypass
MD5 | 1447dc1eb6484e99e64b941188f83595
Drupal Shibboleth Authentication 6.x Access Bypass
Posted Aug 9, 2012
Authored by Brian Swaney | Site drupal.org

Drupal Shibboleth Authentication third party module version 6.x suffers from an access bypass vulnerability.

tags | advisory, bypass
MD5 | b5cffd5144032fa1f3093ebebfdb0175
Drupal Better Revisions 7.x Cross Site Scripting
Posted Aug 9, 2012
Authored by Klaus Purer | Site drupal.org

Drupal Better Revisions third party module version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 984dcbf57cde6d8447e0a9b296ffa068
Secunia Security Advisory 50168
Posted Aug 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Chaos tool suite module for Drupal, which can be exploited by malicious users to disclose potentially sensitive information.

tags | advisory
MD5 | bc757f8e74e0e3a929d505a787d3ef24
Drupal Shorten URLs 6.x / 7.x Cross Site Scripting
Posted Aug 9, 2012
Authored by Justin C. Klein Keane, Isaac Sukin, Zach Alexander | Site drupal.org

Drupal Short URLs third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 53e7d7fe3d27b7f9816f9530c71334c0
Drupal Chaos Tool Suite 6.x / 7.x LFI / XSS
Posted Aug 9, 2012
Authored by Casey | Site drupal.org

Drupal Chaos Tool Suite (ctools) third party module versions 6.x and 7.x suffer from cross site scripting and local file inclusion vulnerabilities.

tags | advisory, local, vulnerability, xss, file inclusion
MD5 | 161cabd8e0d53da5296d440b62ec5f88
Page 1 of 4
Back1234Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close