exploit the possibilities
Showing 1 - 25 of 26,719 RSS Feed

Remote Files

Gentoo Linux Security Advisory 201903-15
Posted Mar 19, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-15 - Multiple vulnerabilities have been found in NTP, the worst of which could result in the remote execution of arbitrary code. Versions less than 4.2.8_p13 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-12327, CVE-2019-8936
MD5 | 8df860a16344eea891017b2ab32a71ef
eNdonesia Portal 8.7 Iframe Injection / SQL Injection
Posted Mar 19, 2019
Authored by Mehmet Emiroglu

eNdonesia Portal version 8.7 suffers from remote SQL injection and iframe injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | b099a2b684a207b7fd0c44f79a71a037
Netartmedia PHP Mall 4.1 SQL Injection
Posted Mar 19, 2019
Authored by Ahmet Umit Bayram

Netartmedia PHP Mall version 4.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 137db9a66101e3096824f22d24d3c15c
Netartmedia Event Portal 2.0 SQL Injection
Posted Mar 19, 2019
Authored by Ahmet Umit Bayram

Netartmedia Event Portal version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7376fb572e9d675521a6918563b56747
Netartmedia Real Estate Portal 5.0 SQL Injection
Posted Mar 19, 2019
Authored by Ahmet Umit Bayram

Netartmedia Real Estate Portal version 5.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3c11212afdb861fe4e2d3cc0f8e1218b
Ubuntu Security Notice USN-3906-2
Posted Mar 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3906-2 - USN-3906-1 and USN-3864-1 fixed several vulnerabilities in LibTIFF. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-10779, CVE-2018-17101
MD5 | d6332636e5ade7508bf28fbcac3c59cc
Red Hat Security Advisory 2019-0590-01
Posted Mar 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0590-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
MD5 | 9ced9e836d867662811d99f22eea78e8
TheCarProject 2 SQL Injection
Posted Mar 18, 2019
Authored by Mehmet Emiroglu

TheCarProject version 2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4798d80d4bad5e0537cc5cd98a477adf
PHP MySQLi Database Class 2.9.2 SQL Injection
Posted Mar 16, 2019
Authored by Jaroslav Lobacevski

PHP MySQLi Database Class version 2.9.2 which is from joshcam suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 91d10b8a3c32ac8a868953e610dcaa2f
Webmin 1.900 Upload Authenticated Remote Command Execution
Posted Mar 15, 2019
Authored by Ozkan Mustafa Akkus, Ziconius | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin 1.900 and lower versions. Any user authorized to the "Upload and Download" module can execute arbitrary commands with root privileges. In addition, if the Running Processes (proc) privilege is set the user can accurately determine which directory to upload to. Webmin application files can be written/overwritten, which allows remote code execution. The module has been tested successfully with Webmin 1.900 on Ubuntu v18.04.

tags | exploit, remote, arbitrary, root, code execution
systems | linux, ubuntu
MD5 | 3ba74c7641d287a5a1d6cee6bdb0eff5
BMC Patrol Agent Privilege Escalation / Command Execution
Posted Mar 15, 2019
Authored by b0yd | Site metasploit.com

This Metasploit module leverages the remote command execution feature provided by the BMC Patrol Agent software. It can also be used to escalate privileges on Windows hosts as the software runs as SYSTEM but only verifies that the password of the provided user is correct. This also means if the software is running on a domain controller, it can be used to escalate from a normal domain user to domain admin as SYSTEM on a DC is DA. **WARNING** The windows version of this exploit uses powershell to execute the payload. The powershell version tends to timeout on the first run so it may take multiple tries.

tags | exploit, remote
systems | windows
advisories | CVE-2018-20735
MD5 | 07522a05b37456d4fcb66eb0e429685a
Moodle 3.4.1 Remote Code Execution
Posted Mar 15, 2019
Authored by Darryn Ten

Moodle version 3.4.1 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2018-1133
MD5 | bd02c3aeef707232a71ffa986a5773f5
ICE HRM 23.0 SQL / Iframe Injection
Posted Mar 15, 2019
Authored by Mehmet Emiroglu

ICE HRM version 23.0 suffers from remote SQL injection and iframe injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 88f32bcf40b75d3ec675f719b69058c2
Laundry CMS SQL / Iframe Injection
Posted Mar 15, 2019
Authored by Mehmet Emiroglu

Laundry CMS suffers from remote SQL injection and iframe injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 91203e9cc32fd60108329b5447497452
Apache UNO API Remote Code Execution
Posted Mar 14, 2019
Authored by sud0woodo

Apache UNO with LibreOffice version 6.1.2 and OpenOffice version 4.1.6 API remote code execution exploit.

tags | exploit, remote, code execution
MD5 | c108a620394311b96490df6e51bc7967
Red Hat Security Advisory 2019-0564-01
Posted Mar 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0564-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
MD5 | 948448d2cd42a869cd6d18a8e33317e0
Gentoo Linux Security Advisory 201903-11
Posted Mar 14, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-11 - A vulnerability was discovered in XRootD which could lead to the remote execution of code. Versions less than 4.8.3 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2017-1000215
MD5 | 4241df9594cdfa9173b4a193db98e5b1
FTPGetter Standard 5.97.0.177 Remote Code Execution
Posted Mar 14, 2019
Authored by w4fz5uck5

FTPGetter Standard version 5.97.0.177 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-9760
MD5 | c1f2598ede851e2d8bd34a3937a8b1db
Ubuntu Security Notice USN-3902-2
Posted Mar 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3902-2 - USN-3902-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the PHP XML-RPC module incorrectly handled decoding XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, php
systems | linux, ubuntu
advisories | CVE-2019-9020, CVE-2019-9021, CVE-2019-9023, CVE-2019-9024
MD5 | 65357e37cae18068e3e84434235d1e1f
elFinder PHP Connector exiftran Command Injection
Posted Mar 12, 2019
Authored by Brendan Coles, Thomas Chauchefoin, q3rv0 | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in elFinder versions prior to 2.1.48. The PHP connector component allows unauthenticated users to upload files and perform file modification operations, such as resizing and rotation of an image. The file name of uploaded files is not validated, allowing shell metacharacters. When performing image operations on JPEG files, the filename is passed to the exiftran utility without appropriate sanitization, causing shell commands in the file name to be executed, resulting in remote command injection as the web server user. The PHP connector is not enabled by default. The system must have exiftran installed and in the PATH. This module has been tested successfully on elFinder versions 2.1.47, 2.1.20, and 2.1.16 on Ubuntu.

tags | exploit, remote, web, shell, php
systems | linux, ubuntu
MD5 | 3664569f65ef2128717bd5e02f29d7b4
Ubuntu Security Notice USN-3906-1
Posted Mar 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3906-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10779, CVE-2019-6128
MD5 | 56e847616d505958b3eb0f59eaea2e67
NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code Execution
Posted Mar 11, 2019
Authored by LiquidWorm | Site zeroscience.mk

BEopt suffers from a DLL Hijacking issue. The vulnerability is caused due to the application loading libraries (sdl2.dll and libegl.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening a related application file .BEopt located on a remote WebDAV or SMB share. Version 2.8.0 is affected.

tags | exploit, remote, arbitrary
MD5 | 7aee5a2862d6abbe08b84cd641d5b068
Gentoo Linux Security Advisory 201903-06
Posted Mar 11, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-6 - Multiple vulnerabilities have been discovered in rdesktop, the worst of which could result in the remote execution of arbitrary code. Versions less than 1.8.4 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-20174, CVE-2018-20175, CVE-2018-20176, CVE-2018-20177, CVE-2018-20178, CVE-2018-20179, CVE-2018-20180, CVE-2018-20181, CVE-2018-20182, CVE-2018-8791, CVE-2018-8792, CVE-2018-8793, CVE-2018-8794, CVE-2018-8795, CVE-2018-8796, CVE-2018-8797, CVE-2018-8798, CVE-2018-8799, CVE-2018-8800
MD5 | bd29d49587b4aa9a06f853c5a4f16d28
Debian Security Advisory 4405-1
Posted Mar 11, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4405-1 - Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, that could be leveraged to cause a denial of service or possibly remote code execution.

tags | advisory, remote, denial of service, vulnerability, code execution
systems | linux, debian
advisories | CVE-2017-17480, CVE-2018-14423, CVE-2018-18088, CVE-2018-5785, CVE-2018-6616
MD5 | dd68b6adb0b142371c9fa559b22fea4a
PRTG Network Monitor 18.2.38 Remote Code Execution
Posted Mar 11, 2019
Authored by M4LV0

PRTG Network Monitor version 18.2.38 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2018-9276
MD5 | 2b06f9eabbc967f98e8aa874f74fd388
Page 1 of 1,069
Back12345Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close