exploit the possibilities
Showing 51 - 75 of 29,080 RSS Feed

Remote Files

Ubuntu Security Notice USN-5064-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5064-1 - Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-38185
MD5 | 9673414a57ebfe220bde6cce1e16a47a
Packet Fence 11.0.0
Posted Sep 7, 2021
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Red Hat Enterprise Linux 8 and Debian 11 support added. Microsoft Azure AD authentication and authorization support added. Google Workspace integration for LDAP and Chromebooks added. Automation of upgrades from 10.3 and above added. Forwarding support for audit logs stored in database added. Over a dozen enhancements and bug fixes.
tags | tool, remote
systems | unix
MD5 | 9b8a0276b56230bf7153d63530ec4d08
WordPress Survey And Poll 1.5.7.3 SQL Injection
Posted Sep 7, 2021
Authored by Mohin Paramasivam

WordPress Survey and Poll plugin version 1.5.7.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 99817a48711d4060322930fec52027cf
Patient Appointment Scheduler System 1.0 Shell Upload
Posted Sep 7, 2021
Authored by a-rey

Patient Appointment Scheduler System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 4c0c21239894f3ed1286f3d420aefb9d
Online Learning System 2 SQL Injection
Posted Sep 6, 2021
Authored by nu11secur1ty

Online Learning System version 2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 013bcdc529b93f597062a770fe2ee2b2
FlatCore CMS 2.0.7 Remote Code Execution
Posted Sep 5, 2021
Authored by Mason Soroka-Gill

FlatCore CMS version 2.0.7 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2021-39608
MD5 | e06c9340c593f5ab077c881d44707427
Remote Mouse 4.002 Unquoted Service Path
Posted Sep 3, 2021
Authored by Salman Asad

Remote Mouse version 4.002 suffers from an unquoted service path vulnerability.

tags | exploit, remote
MD5 | 1a0690ef5839f55c744ed5a73d3fb409
Geutebruck Remote Command Execution
Posted Sep 2, 2021
Authored by Titouan Lazard, Sebastien Charbonnier, Ibrahim Ayadhi | Site metasploit.com

This Metasploit module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder and exploits multiple authenticated arbitrary command execution vulnerabilities within the parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions 1.12.0.27 and below as well as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in remote code execution as the root user.

tags | exploit, remote, web, arbitrary, cgi, root, vulnerability, code execution
advisories | CVE-2021-33543, CVE-2021-33544, CVE-2021-33548, CVE-2021-33550, CVE-2021-33551, CVE-2021-33552, CVE-2021-33553, CVE-2021-33554
MD5 | 92b73b5927fb8541093395f2793bd346
Ubuntu Security Notice USN-5051-4
Posted Sep 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5051-4 - USN-5051-2 introduced a regression in OpenSSL that affected only Ubuntu 14.04 ESM. This update fix the regression. Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-3712
MD5 | f7ae821f135540d98b207c14a8d8cf8e
Backdoor.Win32.MoonPie.40 Remote Command Execution
Posted Sep 2, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.MoonPie.40 malware suffers from an unauthenticated remote command execution vulnerability.

tags | exploit, remote
systems | windows
MD5 | cd2528f4b937fccf3252fd2ff824d4e0
OpenSIS Community 8.0 SQL Injection
Posted Sep 2, 2021
Authored by Eric Salario

OpenSIS Community version 8.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f6ec06f5199d921c579c4ca3d1ba53d8
WPanel 4.3.1 Remote Code Execution
Posted Sep 2, 2021
Authored by Sentinal920

WPanel version 4.3.1 authenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 98f907af7b13f3c7d59def1f5f35ac5d
Confluence Server 7.12.4 OGNL Injection Remote Code Execution
Posted Sep 1, 2021
Authored by h3v0x

Confluence Server version 7.12.4 unauthenticated OGNL injection remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2021-26084
MD5 | 0340434a86c779c9694e3699eb42446f
Traffic Offense Management System 1.0 SQL Injection / Remote Code Execution
Posted Sep 1, 2021
Authored by Tagoletta

Traffic Offense Management System version 1.0 remote code execution exploit that leverages a remote SQL vulnerability.

tags | exploit, remote, code execution, sql injection
MD5 | b273c6fcac7e557727fa0ed573991ad0
COVID-19 Contact Tracing System With QR Code Scanning 1.0 SQL Injection
Posted Sep 1, 2021
Authored by nu11secur1ty

COVID-19 Contact Tracing System web app with QR Code Scanning version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, web, sql injection
MD5 | f33613a39be7abe868a0a2dd4d91f0ec
Red Hat Security Advisory 2021-3365-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3365-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Issues addressed include a code execution vulnerability.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2021-3621
MD5 | 50dcd1431c236a477839e4b01f0ace72
Ubuntu Security Notice USN-5054-1
Posted Aug 31, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5054-1 - Felix Wilhelm discovered a buffer overflow flaw in the mod_proxy_uwsgi module. An attacker could use this vulnerability to provoke an information disclosure or potentially remote code execution.

tags | advisory, remote, overflow, code execution, info disclosure
systems | linux, ubuntu
advisories | CVE-2020-11984
MD5 | 020feed894a3c2eeaf34898ceb9a2a21
BSCW Server Remote Code Execution
Posted Aug 31, 2021
Authored by Armin Stock | Site sec-consult.com

BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2021-39271
MD5 | 12410f10bd52d3cf3699a47fcca71d3b
Git LFS Clone Command Execution
Posted Aug 31, 2021
Authored by Shelby Pace, Matheus Tavares, Johannes Schindelin | Site metasploit.com

Git clients that support delay-capable clean / smudge filters and symbolic links on case-insensitive file systems are vulnerable to remote code execution while cloning a repository. Usage of clean / smudge filters through Git LFS and a case-insensitive file system changes the checkout order of repository files which enables the placement of a Git hook in the .git/hooks directory. By default, this Metasploit module writes a post-checkout script so that the payload will automatically be executed upon checkout of the repository.

tags | exploit, remote, code execution
advisories | CVE-2021-21300
MD5 | b389779a9c5da6a81739bfdce3bfb340
Red Hat Security Advisory 2021-3336-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3336-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Issues addressed include code execution and memory leak vulnerabilities.

tags | advisory, remote, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2021-3621
MD5 | 2123481367856498a2969f1d72ed5139
Online Leave Management System 1.0 SQL Injection
Posted Aug 31, 2021
Authored by nu11secur1ty

Online Leave Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 75edb87267a1be86c4de86ef35642dda
Ship Ferry Ticket Reservation System 1.0 SQL Injection
Posted Aug 30, 2021
Authored by nu11secur1ty

Ship Ferry Ticket Reservation System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 131358c58697ad6558b4d36e32ececbc
Strapi CMS 3.0.0-beta.17.4 Remote Code Execution
Posted Aug 30, 2021
Authored by Musyoka Ian

Strapi CMS version 3.0.0-beta.17.4 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2019-18818, CVE-2019-19609
MD5 | 24052d1b097427f8b6282a7680d8abbc
Bus Pass Management System 1.0 SQL Injection
Posted Aug 30, 2021
Authored by Aryan Chehreghani

Bus Pass Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | cfdfe1a1baab9ad28e9966c12a5dbd74
Strapi 3.0.0-beta.17.7 Remote Code Execution
Posted Aug 30, 2021
Authored by David Uton

Strapi version 3.0.0-beta.17.7 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2019-19609
MD5 | 14652910b1bea391615b3abe532186d4
Page 3 of 1,164
Back12345Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    28 Files
  • 23
    Sep 23rd
    13 Files
  • 24
    Sep 24th
    10 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close