what you don't know can hurt you
Showing 1 - 25 of 29,157 RSS Feed

Remote Files

Apache 2.4.49 / 2.4.50 Traversal / Remote Code Execution
Posted Oct 25, 2021
Authored by Dhiraj Mishra, Ramella Sebastien, Ash Daulton | Site metasploit.com

This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands. This vulnerability has been reintroduced in the Apache 2.4.50 fix (CVE-2021-42013).

tags | exploit, remote, arbitrary, cgi, root, code execution
advisories | CVE-2021-41773, CVE-2021-42013
MD5 | 9970ee35481f7a20c300ee03a6bed878
Online Student Admission System 1.0 SQL Injection / Shell Upload
Posted Oct 25, 2021
Authored by Gerard Carbonell

Online Student Admission System version 1.0 suffers from remote SQL injection and shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
advisories | CVE-2021-37371, CVE-2021-37372
MD5 | 7c229a5b9a8e0f3ef87c71a68a2a9b33
phpMyAdmin 4.8.1 Remote Code Execution
Posted Oct 25, 2021
Authored by samguy

phpMyAdmin version 4.8.1 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2018-12613
MD5 | fbe5f0286e41025da8054b2489a24c20
Engineers Online Portal 1.0 SQL Injection
Posted Oct 25, 2021
Authored by Alon Leviev

Engineers Online Portal version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to n11secur1ty in October of 2021.

tags | exploit, remote, vulnerability, sql injection
MD5 | 69aac892466cdfbbe69f5600c743d5fd
Balbooa Joomla Forms Builder 2.0.6 SQL Injection
Posted Oct 25, 2021
Authored by blockomat2100

Balbooa Joomla Forms Builder version 2.0.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 385f0773184063e0770d4e424bbaa68a
Build Smart ERP 21.0817 SQL Injection
Posted Oct 25, 2021
Authored by Nehru Sethuraman

Build Smart ERP version 21.0817 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 38e4219e22f894d3059ef94d52d0748a
Apache HTTP Server 2.4.50 Remote Code Execution
Posted Oct 24, 2021
Authored by thelastvvv

Apache HTTP Server version 2.4.50 remote code execution exploit.

tags | exploit, remote, web, code execution
advisories | CVE-2021-42013
MD5 | 00e3007a5d132ef7e927cc763523a813
Engineers Online Portal 1.0 Shell Upload
Posted Oct 23, 2021
Authored by SadKris

Engineers Online Portal version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 0b750d8a34a7cb1264a710eafc36a645
Ubuntu Security Notice USN-5121-1
Posted Oct 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5121-1 - Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman did not properly associate cross-site request forgery tokens to specific accounts. A remote attacker could use this to perform a CSRF attack to gain access to another account. Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman's cross-site request forgery tokens for the options page are derived from the admin password. A remote attacker could possibly use this to assist in performing a brute force attack against the admin password. Various other issues were also addressed.

tags | advisory, remote, csrf
systems | linux, ubuntu
advisories | CVE-2021-42096, CVE-2021-42097
MD5 | e580a4cebc05a472a168210820d5451c
Online Course Registration 1.0 SQL Injection
Posted Oct 22, 2021
Authored by Drew Jones, Sam Ferguson

Online Course Registration version 1.0 suffers from a blind boolean-based remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9b97a78d2175eb8afde44e9c7ed943ef
Clinic Management System 1.0 Code Execution / SQL Injection
Posted Oct 22, 2021
Authored by Pablo Santiago

Clinic Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for a shell upload.

tags | exploit, remote, shell, sql injection
MD5 | 89d48af5619424e600f5f3f549e39af5
SonicWall SMA 10.2.1.0-17sv Password Reset
Posted Oct 20, 2021
Authored by Jacob Baines

SonicWall SMA version 10.2.1.0-17sv suffers from a remote password reset vulnerability.

tags | exploit, remote
advisories | CVE-2021-20034
MD5 | fc825fd8b67124f85d0945de3adb5652
Red Hat Security Advisory 2021-3942-01
Posted Oct 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3942-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a use-after-free vulnerability.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2021-36980
MD5 | 319c80d9bc008e3f1933956b4aedbf41
Ubuntu Security Notice USN-5111-2
Posted Oct 20, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5111-2 - USN-5111-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-41991
MD5 | 7500b7c4a02c2f112707a0502a50de50
Ubuntu Security Notice USN-5111-1
Posted Oct 19, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5111-1 - It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-41990, CVE-2021-41991
MD5 | d642b815ed1027cedc528205f2749233
Online Motorcycle (Bike) Rental System 1.0 SQL Injection
Posted Oct 19, 2021
Authored by Chase Comardelle

Online Motorcycle (Bike) Rental System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7b19436e360e5b2ef26427b96797a3b1
Ubuntu Security Notice USN-5109-1
Posted Oct 18, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5109-1 - It was discovered that nginx incorrectly handled files with certain modification dates. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-20005
MD5 | f3a7d2fb8ecd1f45d342d3994d131223
Virus.Win32.Ipamor.c Unauthenticated Remote System Reboot
Posted Oct 18, 2021
Authored by malvuln | Site malvuln.com

Virus.Win32.Ipamor.c malware suffers from an unauthenticated remote system reboot vulnerability.

tags | exploit, remote, virus
systems | windows
MD5 | 2f19f129868bcea8d1756c51f3bece25
Engineers Online Portal 1.0 SQL Injection
Posted Oct 18, 2021
Authored by nu11secur1ty

Engineers Online Portal version 1.0 suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 0ffc9687a1009102fe51cfb9fa30ee29
Red Hat Security Advisory 2021-3872-01
Posted Oct 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3872-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2021-3620
MD5 | a43690cd08c3f98691e6365feb793e65
Red Hat Security Advisory 2021-3871-01
Posted Oct 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3871-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2021-3620
MD5 | dce38a2c46b9fe4613dc07e9302afd66
IFSC Code Finder Project 1.0 SQL Injection
Posted Oct 14, 2021
Authored by nu11secur1ty

IFSC Code Finder Project version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2021-42224
MD5 | c1f94e7de16c295c0c0e95d1a45fe558
TextPattern CMS 4.8.7 Shell Upload
Posted Oct 14, 2021
Authored by Mert Das

TextPattern CMS version 4.8.7 suffers from an authenticated remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | a48c73645293b99b6fbcfeb552bf7cc4
Simple Payroll System 1.0 SQL Injection
Posted Oct 13, 2021
Authored by Yash Mahajan

Simple Payroll System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 216367c07b58ea8e258e33f401324ced
Simple Issue Tracker System 1.0 SQL Injection
Posted Oct 13, 2021
Authored by Bekir Bugra Turkoglu

Simple Issue Tracker System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 9ca937bb43f720def1537a3345212cf1
Page 1 of 1,167
Back12345Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    3 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    33 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close