Automated Logic WebCTRL version 6.5 suffers from an unrestricted file upload vulnerability that allows for remote code execution.
dfbd662ecb79e969664c3cfd3b845d91Automated Logic WebCTRL version 6.1 suffers from path traversal and arbitrary file write vulnerabilities.
ba74d7e72b8d250b3eb5121245e82a5fAutomated Logic WebCTRL version 6.5 suffers from an insecure file permission privilege escalation vulnerability.
bfe85c9a0561b977ce1f85fffe2a9011Progress Sitefinity version 9.1 suffers from cross site scripting, broken session management, and open redirection vulnerabilities.
4afe3027dc44e61418fd14ecec494013RedTeam Pentesting discovered that attackers can configure a proxy host and port to be used when fetching print jobs with WebClientPrint Processor (WCPP). This proxy setting may be distributed via specially crafted websites and is set without any user interaction as soon as the website is accessed. Version 2.0.15.109 is affected.
65bcf60f4004c2179e69c921c1d0d32eRedTeam Pentesting discovered that rogue updates trigger a remote code execution vulnerability in WebClientPrint Processor (WCPP). These updates may be distributed through specially crafted websites and are processed without any user interaction as soon as the website is accessed. However, the browser must run with administrative privileges. Version 2.0.15.109 is affected.
07b4b9ff9c5b4404c6ff6a8c28c57180RedTeam Pentesting discovered that WebClientPrint Processor (WCPP) does not validate TLS certificates when initiating HTTPS connections. Thus, a man-in-the-middle attacker may intercept and/or modify HTTPS traffic in transit. This may result in a disclosure of sensitive information and the integrity of printed documents cannot be guaranteed. Version 2.0.15.109 is affected.
2ab94fee77e67ce1fcb57508ff026f8eWebClientPrint Processor version 2.0.15.109 suffers from a remote code execution vulnerability via print jobs.
f0de493e09096c617a8989b48f1d528dBackdrop CMS versions 1.7.1 and below suffer from a persistent cross site scripting vulnerability.
3a5a51d7bbe3c89f83373c95b27188e1This Metasploit module will bypass Windows UAC by creating COM handler registry entries in the HKCU hive. When certain high integrity processes are loaded, these registry entries are referenced resulting in the process loading user-controlled DLLs. These DLLs contain the payloads that result in elevated sessions. Registry key modifications are cleaned up after payload invocation. This Metasploit module requires the architecture of the payload to match the OS, but the current low-privilege Meterpreter session architecture can be different. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process. This Metasploit module invokes the target binary via cmd.exe on the target. Therefore if cmd.exe access is restricted, this module will not run correctly.
73fea9d04345bcd15b0dc980da1ce0e1VMware vSphere Data Protection appliances 5.5.x through 6.1.x contain a known ssh private key for the local user admin who is a sudoer without password.
78afbce4852e1d46d51d532f9a44d891This Metasploit module exploits an unauthenticated remote PHP code execution vulnerability in IBM OpenAdmin Tool included with IBM Informix versions 11.5, 11.7, and 12.1. The 'welcomeServer' SOAP service does not properly validate user input in the 'new_home_page' parameter of the 'saveHomePage' method allowing arbitrary PHP code to be written to the config.php file. The config.php file is executed in most pages within the application, and accessible directly via the web root, resulting in code execution. This Metasploit module has been tested successfully on IBM OpenAdmin Tool 3.14 on Informix 12.10 Developer Edition (SUSE Linux 11) virtual appliance.
b78839adcfa2b9b750dba9d03fc684b8Disk Pulse Enterprise version 9.9.16 suffers from a buffer overflow vulnerability.
26d38ff2408eafa19af8bb94079c203dDisk Sorter Enterprise version 9.9.12 suffers from a buffer overflow vulnerability.
6961e113a3ac24650472c1e61138e4ecSync Breeze Enterprise version 9.9.16 suffers from a buffer overflow vulnerability.
649a8043481d1251c34c53ffd21bb3f3Apache2Triad version 1.5.4 suffers from session fixation, cross site request forgery, and cross site scripting vulnerabilities.
5f84ac13f6c4c57a37441585b0a25c8bJoomla Ajax Quiz component version 1.8 suffers from a remote SQL injection vulnerability.
d4ed9a9f7d426040140918b7d30f0178PHP Coupon Script version 6.0 suffers from a remote SQL injection vulnerability.
4d5d302c3fc2243a45c1479db0daa87eBitcoin / Dogecoin version 1.0 suffers from a remote SQL injection vulnerability.
ad2c57789c7661321778bc76e64ace95Microsoft Edge Chakra suffers from a chakra!Js::GlobalObject internet overflow vulnerability.
27bc98a6edda5dac2e242517a2a0c314Joomla Twitch Tv component version 1.1 suffers from a remote SQL injection vulnerability.
fe76eab51bcc20149a0edbcc4d23b498PHP-Lance version 1.52 suffers from a remote SQL injection vulnerability.
e8d2d0097ba26f9be292396680c25676PHPMyWind version 5.3 suffers from a cross site scripting vulnerability.
9c51d3db1a86e6f4a139731d8a2044c0PHP Jokesite version 2.0 suffers from a remote SQL injection vulnerability.
74908aabc66977a18175cabb83584b15TP-Link TD-W8901G suffers from default credential and authentication bypass vulnerabilities.
2b06bcd4f13729f6039bab7de4d929b7
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed