Exploit the possiblities
Showing 1 - 25 of 25,277 RSS Feed

Remote Files

Telegram Messenger For Android Directory Traversal
Posted Dec 17, 2017
Authored by Google Security Research, natashenka

There is a directory traversal issue in the Telegram client for Android. The method saveFile in MediaController.java saves a file to external memory based on an optional name that is not filtered. The name is provided by the remote peer when sending a document or music file.

tags | exploit, java, remote
MD5 | 1d4fa9a377be38dd028f42d795557548
Monstra CMS 3.0.4 Remote Shell Upload
Posted Dec 17, 2017
Authored by Ishaq Mohammed

Monstra CMS version 3.0.4 suffers from a remote shell upload vulnerability that allows for remote code execution.

tags | exploit, remote, shell, code execution
MD5 | 232ceeef3d1b599e0679a64c3c4ba7f7
Bus Booking Script 1.0 SQL Injection
Posted Dec 15, 2017
Authored by Ihsan Sencan

Bus Booking Script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-17645
MD5 | 1a5d06ca50412d3ea1618cf7e571f4ad
FS Lynda Clone 1.0 SQL Injection
Posted Dec 15, 2017
Authored by Ihsan Sencan

FS Lynda Clone version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-17643
MD5 | 93b52c246755254ff7aa57b5c5d0ed1a
Movie Guide 2.0 SQL Injection
Posted Dec 15, 2017
Authored by Ihsan Sencan

Movie Guide version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | fa1fcffffe6c7f17040a8f614cf5f4cc
Piwigo 2.9.1 SQL Injection
Posted Dec 15, 2017
Authored by Akityo

Piwigo version 2.9.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-10682
MD5 | 7dcb87848320df6b3827d114d752b690
Paid To Read Script 2.0.5 SQL Injection
Posted Dec 15, 2017
Authored by Ihsan Sencan

Paid To Read Script version 2.0.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-17651
MD5 | 545bfdb1f82a68e71a7cad4dc9bd9a1f
Joomla! JEXTN Video Gallery 3.0.5 SQL Injection
Posted Dec 15, 2017
Authored by Ihsan Sencan

Joomla! JEXTN Video Gallery component version 3.0.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b9e24f7c25d109c4e2090e8221cc0cd0
Joomla! JEXTN Question And Answer 3.1.0 SQL Injection
Posted Dec 15, 2017
Authored by Ihsan Sencan

Joomla! JEXTN Question and Answer component version 3.1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5d9a350f41b12d85b1e0616b9a338e0d
Red Hat Security Advisory 2017-3474-01
Posted Dec 15, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3474-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: An assertion-failure flaw was found in the Network Block Device server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2017-10664, CVE-2017-11334, CVE-2017-14167, CVE-2017-15289, CVE-2017-7539
MD5 | b377cde0952495aa6f0f019183098bb5
Red Hat Security Advisory 2017-3466-01
Posted Dec 15, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3466-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: An assertion-failure flaw was found in the Network Block Device server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2017-10664, CVE-2017-11334, CVE-2017-14167, CVE-2017-15289, CVE-2017-7539
MD5 | 80f1b1f9f53f4d7dc4ab91f430db374e
Red Hat Security Advisory 2017-3473-01
Posted Dec 15, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3473-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: An assertion-failure flaw was found in the Network Block Device server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2017-10664, CVE-2017-11334, CVE-2017-14167, CVE-2017-15289, CVE-2017-7539
MD5 | 094e78a87a857ab71224ec7c92cf7bec
Red Hat Security Advisory 2017-3472-01
Posted Dec 15, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3472-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: An assertion-failure flaw was found in the Network Block Device server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2017-10664, CVE-2017-11334, CVE-2017-14167, CVE-2017-15289, CVE-2017-7539
MD5 | 967fda92af9f44bdbcfe1a331bb66a41
ITGuard-Manager 0.0.0.1 Remote Command Execution
Posted Dec 15, 2017
Authored by Nassim Asrir

ITGuard-Manager version 0.0.0.1 suffers from a pre-authentication remote command execution vulnerability.

tags | exploit, remote
MD5 | 48d3d8f91cfef30e61484bc35145eee4
Red Hat Security Advisory 2017-3470-01
Posted Dec 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3470-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: An assertion-failure flaw was found in the Network Block Device server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2017-10664, CVE-2017-11334, CVE-2017-14167, CVE-2017-15289, CVE-2017-7539
MD5 | a3e77be981d017364740e80ed5d2467d
Red Hat Security Advisory 2017-3463-01
Posted Dec 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3463-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix: An arbitrary command execution flaw was found in the way Go's "go get" command handled the checkout of source code repositories. A remote attacker capable of hosting malicious repositories could potentially use this flaw to cause arbitrary command execution on the client side. It was found that smtp.PlainAuth authentication scheme in Go did not verify the TLS requirement properly. A remote man-in-the-middle attacker could potentially use this flaw to sniff SMTP credentials sent by a Go application.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2017-15041, CVE-2017-15042
MD5 | 565b46ec35ed4f8b9253642745a167e1
Red Hat Security Advisory 2017-3471-01
Posted Dec 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3471-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: An assertion-failure flaw was found in the Network Block Device server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2017-10664, CVE-2017-11334, CVE-2017-14167, CVE-2017-15289, CVE-2017-7539
MD5 | 1af1b4cdf573ac1364295af118e3b1f1
Joomla JBuildozer 1.4.1 SQL Injection
Posted Dec 13, 2017
Authored by Ihsan Sencan

Joomla! JBuildozer component version 1.4.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b95d34e92c1cc7f5191068d8cde1471b
PS4 Remote Play 2.5.0.9220 DLL Hijacking
Posted Dec 13, 2017
Authored by Maelstrom Security

PS4 Remote Play version 2.5.0.9220 suffers from a dll hijacking vulnerability.

tags | advisory, remote
systems | windows
MD5 | 75dc08c32f295ed4d0c576c54e2e2294
Ubuntu Security Notice USN-3512-1
Posted Dec 12, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3512-1 - David Benjamin discovered that OpenSSL did not correctly prevent buggy applications that ignore handshake errors from subsequently calling certain functions. It was discovered that OpenSSL incorrectly performed the x86_64 Montgomery multiplication procedure. While unlikely, a remote attacker could possibly use this issue to recover private keys.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-3737, CVE-2017-3738
MD5 | 0cc0ee9bc2108ca4e7a6bf8e0410739c
Vanguard 1.4 SQL Injection
Posted Dec 12, 2017
Authored by Ihsan Sencan

Vanguard version 1.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 743cb476678f11288642320dc9d7c025
Basic Job Site Script 2.0.5 SQL Injection
Posted Dec 12, 2017
Authored by Ihsan Sencan

Basic Job Site Script version 2.0.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b6d4b17370cf8c74e783b9d74f8716a1
Resume Clone Script 2.0.5 SQL Injection
Posted Dec 12, 2017
Authored by Ihsan Sencan

Resume Clone Script version 2.0.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c5b43f61ef320354c7d769d35638db2c
Advanced World Database 2.0.5 SQL Injection
Posted Dec 12, 2017
Authored by Ihsan Sencan

Advanced World Database version 2.0.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3eb1680d43fd159476699475df4ee382
Muslim Matrimonial Script 3.02 SQL Injection
Posted Dec 12, 2017
Authored by Ihsan Sencan

Muslim Matrimonial Script version 3.02 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6ba30c3c7421421e1330be6cfd4d82d8
Page 1 of 1,012
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close