Ubuntu Security Notice 4097-2 - USN-4097-1 fixed several vulnerabilities in php5. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
78dca1533d9f697a55b2bb9ad0c98d47Ubuntu Security Notice 4097-1 - It was discovered that PHP incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
8f4b0ec2ca1de60068711607cd3619f2Joomla JS Support Ticket component version 1.1.6 suffers from a remote SQL injection vulnerability in ticketreply.php.
3ea9e32ea71f28703d1ccfca184e503fBSI Advance Hotel Booking System version 2.0 suffers from a persistent cross site scripting vulnerability in booking_details.php.
cb91e2a4b389dc6caaadf2ebafb7bb6dJoomla JS Support Ticket component version 1.1.6 suffers from an arbitrary file deletion vulnerability in ticket.php.
d5c4574a75aefd5ce55aeb970189d93dUNA version 10.0.0 RC1 suffers from a persistent cross site scripting vulnerability in polyglot.php.
ec9eee5192777cb8c329f9ce8f2c7370Joomla JS Jobs component version 1.2.5 suffers from a remote SQL injection vulnerability in cities.php.
8f0f4fdcefb3d109c21dff30c8ed8860An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in those fields leads to the execution of those queries. This can further lead to cookie stealing or other malicious actions.
e8e356d6eb5ab1df3d21abcb7dadd26fUbuntu Security Notice 4088-1 - It was discovered that PHP incorrectly handled certain regular expressions. An attacker could possibly use this issue to expose sensitive information, cause a denial of service or execute arbitrary code.
ed4b58bc7094ad86318294e6a345fed2Active PHP Bookmarks version 1.3 suffer from a cookie_auth error-based remote SQL injection vulnerability.
95549322c6d6c54be90a59cfcd3af5fcYahei-PHP Prober version 0.4.7 (speed) suffers from a remote html injection vulnerability.
eb98108b01a92b8fac447bf19361759aThis Metasploit module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x up to 5.6.29. Remote command execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in Illuminate/Encryption/Encrypter.php. Authentication is not required, however exploitation requires knowledge of the Laravel APP_KEY. Similar vulnerabilities appear to exist within Laravel cookie tokens based on the code fix. In some cases the APP_KEY is leaked which allows for discovery and exploitation.
7094c48d642dbb2c66067663c6ef39d9FaceSentry Access Control System version 6.4.8 is vulnerable to multiple cross site scripting vulnerabilities. This issue is due to the application's failure to properly sanitize user-supplied input thru the 'msg' parameter (GET) in pluginInstall.php script. An attacker may leverage any of the cross-site scripting issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials, phishing, as well as other attacks.
4b4dab0df321f565a9ff46178b0c3e27FaceSentry Access Control System version 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' POST parameter in pingTest PHP script.
dd18875e9898a4dc1ba25878fabbd4acFaceSentry Access Control System version 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' and 'strInPort' parameters (POST) in pingTest and tcpPortTest PHP scripts.
199e4f309260b0968b822e4736a02fc7SeedDMS versions prior to 5.1.11 suffers from persistent cross site scripting vulnerability in out.GroupMgr.php.
efab9c0a2c9907f8dd00137f56bab316SeedDMS versions prior to 5.1.11 suffers from persistent cross site scripting vulnerability in out.UsrMgr.php.
c5f95efb508f1b497856340ab872055aDebian Linux Security Advisory 4468-1 - A path traversal vulnerability due to an unsanitized POST parameter was discovered in php-horde-form, a package providing form rendering, validation, and other functionality for the Horde Application Framework. An attacker can take advantage of this flaw for remote code execution.
8986d8b459935d9effe1ace9426849dbThis Metasploit module exploits a command execution vulnerability in AROX School-ERP. "import_stud.php" and "upload_fille.php" do not have session control. Session start/check functions in Line 8,9,10 are disabled with slashes. Therefore an unauthenticated user can execute the command on the system.
535708ae0f4586c8a0feda2390f4b619WebLord WL-Nuke Coppermine for PHP-Nuke version 1.3.1c suffers from a remote SQL injection vulnerability.
3f432015c33a468b733bff06ec61ce49Ubuntu Security Notice 4009-2 - USN-4009-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly decoding certain MIME headers. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. Various other issues were also addressed.
ab60086f80ef9a8e14e53528324d4180Ubuntu Security Notice 4009-1 - It was discovered that PHP incorrectly handled certain exif tags in images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that PHP incorrectly decoding certain MIME headers. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. Various other issues were also addressed.
638d5cd9888d64fae8449b7f0ed21c05This Metasploit module exploits a command injection vulnerability in the open source network management software known as LibreNMS. The community parameter used in a POST request to the addhost functionality is unsanitized. This parameter is later used as part of a shell command that gets passed to the popen function in capture.inc.php, which can result in execution of arbitrary code. This module requires authentication to LibreNMS first.
1e5777dda1da78cd1019c88880b3908dInterspire Email Marketer version 6.20 suffers from a remote code execution vulnerability in surveys_submit.php.
b195e66a0ac9e8901e18bb374e2f4d7aUbuntu Security Notice 3566-2 - USN-3566-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information or possibly cause a crash, resulting in a denial of service. Various other issues were also addressed.
58559ab5996b6d070244fb449b0aaed5
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed