exploit the possibilities
Showing 1 - 25 of 28,736 RSS Feed

Remote Files

Ubuntu Security Notice USN-4953-1
Posted May 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4953-1 - Sean Boran discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code. It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to access sensitive information.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-1000501, CVE-2020-29600, CVE-2020-35176
MD5 | 3aace51e610892c6e72b5665dc467353
Chamilo LMS 1.11.14 Remote Code Execution
Posted May 14, 2021
Authored by M. Cory Billington

Chamilo LMS version 1.11.14 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2021-31933
MD5 | 5a8f8f1545cefe375862b9f2c4609083
Ubuntu Security Notice USN-4932-2
Posted May 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4932-2 - USN-4932-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-31542
MD5 | 154fb54d376a39328dac652b07c44eee
OpenPLC WebServer 3 Remote Code Execution
Posted May 13, 2021
Authored by Fellipe Oliveira

OpenPLC WebServer version 3 authentication remote code execution exploit.

tags | exploit, remote, code execution
MD5 | b43b406cdd773e40446d95720bd60c23
Dental Clinic Appointment Reservation System 1.0 SQL Injection
Posted May 13, 2021
Authored by Mesut Cetin

Dental Clinic Appointment Reservation System version 1.0 suffers from multiple remote SQL injection vulnerabilities with one of them allowing for authentication bypass.

tags | exploit, remote, vulnerability, sql injection
MD5 | 590039c72fd98d00add5038df52eb7a0
ZeroShell 3.9.0 Remote Command Execution
Posted May 13, 2021
Authored by Fellipe Oliveira

ZeroShell version 3.9.0 remote command execution exploit.

tags | exploit, remote
advisories | CVE-2019-12725
MD5 | 6136d89b624e83529112cda72e8b9e5e
Packet Fence 10.3.0
Posted May 13, 2021
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: New features include Static routes management via admin gui, Aruba CX support, Aruba 2930M Web Authentication and Dynamic ACL support, Meraki DPSK support, Ruckus DPSK support, and more.
tags | tool, remote
systems | unix
MD5 | 95203f2b8e1b9385f5e0ab7343853d97
Customer Relationship Management (CRM) System 1.0 Shell Upload
Posted May 11, 2021
Authored by Richard Jones

Customer Relationship Management (CRM) System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | fd0485926223aa2206f5546dccf46c64
Customer Relationship Management (CRM) System 1.0 SQL Injection
Posted May 11, 2021
Authored by Richard Jones

Customer Relationship Management (CRM) System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | df2f1ca3c4905b571716bcf98058482c
Hexagon G!nius Auskunftsportal SQL Injection
Posted May 11, 2021
Authored by Marcel Keiffenheim

Hexagon G!nius Auskunftsportal versions prior to 5.0.0.0 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2021-32051
MD5 | d6dd0935d69c6151673cc0768d99190a
ERPNext 12.18.0 / 13.0.0 SQL Injection
Posted May 11, 2021
Authored by Stefan Pietsch, Nick Decker | Site trovent.io

ERPNext versions 12.18.0 and 13.0.0 suffer from an authenticated remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6c329df5e9d8646f43166acb54002a9b
Ubuntu Security Notice USN-4943-1
Posted May 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4943-1 - Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. This issue affected only affected Ubuntu 20.10. It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. This issue only affected Ubuntu 20.10. Various other issues were also addressed.

tags | advisory, remote, arbitrary, shell, code execution
systems | linux, ubuntu
advisories | CVE-2020-26217, CVE-2020-26258, CVE-2020-26259, CVE-2021-21342, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350
MD5 | a565fe2178a44c21cfecd0d125585112
TOR Virtual Network Tunneling Tool 0.4.5.8
Posted May 11, 2021
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.4.5.8 fixes several bugs in earlier versions, backporting fixes from the 0.4.6.x series.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | a39d9b930a19936b57f097051c0ad509
Ubuntu Security Notice USN-4940-1
Posted May 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4940-1 - It was discovered that PyYAML incorrectly handled untrusted YAML files with the FullLoader loader. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-14343
MD5 | 5c9054e5dcb84fcca5e0b7bb231e1dfd
AWS CloudShell Terminal Escape Injection / Remote Code Execution
Posted May 10, 2021
Authored by Google Security Research, Felix Wilhelm

The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance.

tags | exploit, remote, javascript, code execution
MD5 | a07ebf4a753f14e46c966e23a4c3cf0b
Ubuntu Security Notice USN-4939-1
Posted May 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4939-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-1788
MD5 | af4558d62abbfd5bae4e9822b097ced0
OpenNetAdmin 18.1.1 Remote Command Execution
Posted May 10, 2021
Authored by Alexandre Zanni

OpenNetAdmin versions 8.5.14 through 18.1.1 remote command execution exploit written in Ruby. This exploit was based on the original discovery of the issue by mattpascoe.

tags | exploit, remote, ruby
MD5 | b2ea2bd02abebc013ca6ae8665950e12
Microweber CMS 1.1.20 Remote Code Execution
Posted May 10, 2021
Authored by sl1nki

Microweber CMS versions 1.1.20 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-28337
MD5 | 0063a431388f4fe7ccd8fa8d5d7c584a
PHP Timeclock 1.04 SQL Injection
Posted May 8, 2021
Authored by Tyler Butler

PHP Timeclock version 1.04 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 72d88bfd629409e56ac9c276b3ce34ec
Voting System 1.0 Shell Upload
Posted May 7, 2021
Authored by secure77

Voting System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 50bd682d293cd6f65051ddf82595a097
Human Resource Information System 0.1 Remote Code Execution
Posted May 7, 2021
Authored by Reza Afsahi

Human Resource Information System version 0.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | c139e5c61c62259488f405263626f9ed
Voting System 1.0 SQL Injection
Posted May 7, 2021
Authored by secure77

Voting System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Original discovery of SQL injection in this version is attributed to Syed Sheeraz Ali in May of 2021.

tags | exploit, remote, sql injection
MD5 | 8afb5f8641ff27243de8d79704ae5532
Ubuntu Security Notice USN-4938-1
Posted May 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4938-1 - It was discovered that Unbound contained multiple security issues. A remote attacker could possibly use these issues to cause a denial of service, inject arbitrary commands, execute arbitrary code, and overwrite local files.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-25031, CVE-2019-25035, CVE-2019-25039, CVE-2020-28935
MD5 | 7cbc6ff7f46d7928484a4e834e459fb3
b2evolution 7-2-2 SQL Injection
Posted May 6, 2021
Authored by nu11secur1ty

b2evolution version 7-2-2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2021-28242
MD5 | 1ced09b619490337be3ea86e23221667
Ubuntu Security Notice USN-4937-1
Posted May 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4937-1 - Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution.

tags | advisory, remote, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2021-28650
MD5 | 1ce6ba4e9126d4f4a6fd550fa9b85f39
Page 1 of 1,150
Back12345Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    17 Files
  • 12
    May 12th
    22 Files
  • 13
    May 13th
    11 Files
  • 14
    May 14th
    9 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close