Nikto version 2.1.6 suffers from a csv injection vulnerability.
aedc26323562020a43750f0d92a863caRedatam Web Server prior to version 7 suffer from a directory traversal vulnerability.
0584808e1c49454251c2d5a7207ce5efRedis-cli versions prior to 5.0 buffer overflow proof of concept exploit.
a53747670c7b2fd888620a15cd0610c7Audiograbber version 1.83 local SEH buffer overflow exploit.
8737acad1660bbb2394fd9aba67a272fJoomla Jomres component version 9.11.2 suffers from a cross site request forgery vulnerability.
85f5c9da3da7654810d5acb079efaa95phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.
40f298aed179561d60e3ea947664bb79Tapplock Smart Lock suffers from multiple insecure direct object reference vulnerabilities.
763446d7594572376c209584efb7e078WordPress Redirection plugin version 2.7.1 suffers from a code execution vulnerability.
1e14e58ceb21022344666e902766b80bEasy Chat Server version 3.1 add user local buffer overflow exploit.
bcabdbd0527bd278db11840e1c948973rtorrent versions 0.9.6 and below denial of service exploit.
9112f5a4b93d3f374dd3059e367d761dJoomla Ek Rishta component version 2.10 suffers from a remote SQL injection vulnerability.
c9cf00e1bcf138179996aad2f1258826Soroush IM Desktop App version 0.15 suffers from an authentication bypass vulnerability.
8b2face38684b376cf73245beb80de94Eclipse Vert.x versions 3.0.0 through 3.5.1 suffer from an HTTP header injection vulnerability.
b0bcdd2957a82518f6bc91174e6bea0cSamsung Web Viewer for Samsung DVR suffers from a cross site scripting vulnerability.
4c1965dce41d570dded8761c42edd7e7Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway suffer from a privilege escalation vulnerability. Rockwell Automation RSLinx Classic versions 3.90.01, 3.73.00, 3.72.00, and 2.58.00 are susceptible. Rockwell Automation FactoryTalk Linx Gateway version 3.90.00 is susceptible.
59c9bf7a610c8becf0674a228bcebf7bEcos Secure Boot Stick version 5.6.5 and System Management version 5.2.68 suffers from credential disclosure and various other security vulnerabilities that can lead to information disclosure.
410ebe83f339489d39f169146778451aMicrosoft Windows 10 version 1709 suffers from a child process restriction mitigation bypass vulnerability.
14320128fadf9ab6d9bdc495b2999b56Redaxo CMS Mediapool add-on versions prior to 5.5.1 suffer from a remote file upload vulnerability.
2ee9e258e0cbc86d2f56b93a4898abbbMACCMS version 10 suffers from a cross site request forgery vulnerability.
ee33d43696b35ae5172cabdee9ebf0b1This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in GNU C Library (glibc) version 2.26 and prior. This Metasploit module uses halfdog's RationalLove exploit to exploit a buffer underflow in glibc realpath() and create a SUID root shell. The exploit has offsets for glibc versions 2.23-0ubuntu9 and 2.24-11+deb9u1. The target system must have unprivileged user namespaces enabled. This Metasploit module has been tested successfully on Ubuntu Linux 16.04.3 (x86_64) with glibc version 2.23-0ubuntu9; and Debian 9.0 (x86_64) with glibc version 2.24-11+deb9u1.
fdde72feb2388aee3f2e93395c3c6363This Metasploit module exploits the DynoRoot vulnerability, a flaw in how the NetworkManager integration script included in the DHCP client in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier processes DHCP options. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
5260d2ef5bb8f8bbc5edbc0ec7cb7c67WordPress Tooltipy plugin version 5.0 suffers from a cross site request forgery vulnerability.
a73ed2fa150749fa9b7b1f8405ab4402WordPress Tooltipy plugin version 5.0 suffers from a cross site scripting vulnerability.
b6c5e7774fb62ebf84c690fa5e490b74WordPress Redirection plugin version 2.7.3 suffers from a remote file inclusion vulnerability.
ad8fd6f0edda2fb7d07a6e8d56138be6Canon PrintMe EFI suffers from a cross site scripting vulnerability.
1b32c8d5e91282bc9f3a9fa12654d6f4
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed