what you don't know can hurt you
Showing 51 - 75 of 27,926 RSS Feed

Remote Files

Ubuntu Security Notice USN-4430-1
Posted Jul 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4430-1 - It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted image file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-10177
MD5 | 2aa282afbaddbd1638fe8d89bc52768c
Ubuntu Security Notice USN-4429-1
Posted Jul 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4429-1 - It was discovered that Evolution Data Server incorrectly handled STARTTLS when using SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-14928
MD5 | 10493727fb9930c2ba04bc1be080e7ad
WordPress NexosReal Estate Theme 1.7 Cross Site Scripting / SQL Injection
Posted Jul 22, 2020
Authored by Vlad Vector

WordPress NexosReal Estate Theme version 1.7 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2020-15363, CVE-2020-15364
MD5 | a895e629a2ee4014db883d892ac2e0c7
Mida Solutions eFramework 2.9.0 XSS / Code Execution / SQL Injection
Posted Jul 21, 2020
Authored by Andrea Baesso

Mida Solutions eFramework versions 2.9.0 and below suffer from command execution, cross site scripting, denial of service, remote SQL injection, and path traversal vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, xss, sql injection, file inclusion
MD5 | cf1e3e8d713adde398b34963e73c3e6c
Directory Management System (DMS) 1.0 SQL Injection
Posted Jul 20, 2020
Authored by gh1mau

Directory Management System (DMS) version 1.0 suffers from multiple remote SQL Injection vulnerabilities, one of which allows for authentication bypass.

tags | exploit, remote, vulnerability, sql injection
MD5 | 58110b4b38b8d34cbd53898aea5017aa
Company Visitor Management System (CVMS) 1.0 SQL Injection
Posted Jul 20, 2020
Authored by gh1mau

Company Visitor Management System (CVMS) version 1.0 suffers from multiple remote SQL Injection vulnerabilities, one of which allows for authentication bypass.

tags | exploit, remote, vulnerability, sql injection
MD5 | e307837a6ab50ef05dc6f950aa7caaf8
Employee Record Management System 1.1 SQL Injection
Posted Jul 20, 2020
Authored by gh1mau

Employee Record Management System version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 72386ef61198416f9af7bac6b5bd8bdc
Daily Expense Tracker 1.0 SQL Injection
Posted Jul 20, 2020
Authored by gh1mau

Daily Expense Tracker version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | e919d8a11cd689e3e9b8cac4564e34eb
LibreHealth 2.0.0 Remote Code Execution
Posted Jul 20, 2020
Authored by Bobby Cooke

LibreHealth version 2.0.0 authentication remote code execution exploit that leverages file upload.

tags | exploit, remote, code execution, file upload
MD5 | fdb429c0607ceadf1536570f0e8ac8d9
Plex Unpickle Dict Windows Remote Code Execution
Posted Jul 17, 2020
Authored by h00die, Chris Lyne | Site metasploit.com

This Metasploit module exploits an authenticated Python unsafe pickle.load of a Dict file. An authenticated attacker can create a photo library and add arbitrary files to it. After setting the Windows only Plex variable LocalAppDataPath to the newly created photo library, a file named Dict will be unpickled, which causes remote code execution as the user who started Plex. Plex_Token is required, to get it you need to log-in through a web browser, then check the requests to grab the X-Plex-Token header. See info -d for additional details. If an exploit fails, or is cancelled, Dict is left on disk, a new ALBUM_NAME will be required as subsequent writes will make Dict-1, and not execute.

tags | exploit, remote, web, arbitrary, code execution, python
systems | windows
advisories | CVE-2020-5741
MD5 | 41eb0c77f9b7de3ab74e8c47a61a86c3
SMB12 Information Gathering
Posted Jul 17, 2020
Authored by Ivica Stipovic

SMB12 Information Gathering is a data gathering python script that inspects SMB1 and SMB2 endpoints. It will extract various attributes from the remote server such as OS version (only supported by SMB1 as per protocol definition), DNS computer name, DNS domain name, NetBIOS computer name and NetBIOS domain name (SMB1 and SMB2).

tags | tool, remote, scanner, protocol, python
systems | unix
MD5 | ddda39cbd4570cf2fc5b7af60557808c
Sifter 8.5
Posted Jul 17, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Additions and updates.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 648a4a1b121aef29f6ad6efa41f49b08
Web Based Online Hotel Booking System 0.1.0 SQL Injection
Posted Jul 16, 2020
Authored by KeopssGroup0day Inc

Web Based Online Hotel Booking System version 0.1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, web, sql injection
MD5 | d38e98cd98ee43c2aa1167c212cbc21d
Infor Storefront B2B 1.0 SQL Injection
Posted Jul 16, 2020
Authored by ratboy

Infor Storefront B2B version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d98e1207f816dcb03b3acdcd92a182a3
Wing FTP Server 6.3.8 Remote Code Execution
Posted Jul 16, 2020
Authored by V1n1v131r4

Wing FTP Server version 6.3.8 authenticated remote code execution exploit that leverages the web console.

tags | exploit, remote, web, code execution
MD5 | b103c764509737c359f33833e2aa71ae
Vehicle Parking Management System 1.0 SQL Injection
Posted Jul 16, 2020
Authored by gh1mau

Vehicle Parking Management System version 1.0 suffer from multiple remote SQL Injection vulnerabilities, one of which allows for authentication bypass.

tags | exploit, remote, vulnerability, sql injection
MD5 | f46450b4127d964d6a31894bc38a977b
Online Course Registration 1.0 Remote Code Execution
Posted Jul 16, 2020
Authored by Bobby Cooke

Online Course Registration version 1.0 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 29323f09b2dcf8094d31e62a8ddf1759
Ubuntu Security Notice USN-4199-2
Posted Jul 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4199-2 - USN-4199-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-13194
MD5 | 6d26a2ce8c8d4bb8f1bda85ce67bd696
Red Hat Security Advisory 2020-2954-01
Posted Jul 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2954-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.106 and .NET Core Runtime 3.1.6. .NET Core: XML source markup processing remote code execution. Issues addressed include a code execution vulnerability.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2020-1147
MD5 | d2e2524b75a5471c8ec3a10f36e09baf
SecZetta NEProfile 3.3.11 Remote Code Execution
Posted Jul 15, 2020
Authored by Josh Sheppard

SecZetta NEProfile version 3.3.11 suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2020-12854
MD5 | f14b49d5bf3f7e700db26375e42265ae
Ubuntu Security Notice USN-4422-1
Posted Jul 14, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4422-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2020-13753, CVE-2020-9806
MD5 | 1b8543f2c71af096df5e32c7f265fadc
Trend Micro Web Security Remote Code Execution
Posted Jul 14, 2020
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits multiple vulnerabilities together in order to achieve remote code execution in Trend Micro Web Security versions prior to 6.5 SP2 Patch 4 (Build 1901).

tags | exploit, remote, web, vulnerability, code execution
advisories | CVE-2020-8604, CVE-2020-8605, CVE-2020-8606
MD5 | d7036cbc4fecb0531893b183314bceb1
Apartment Visitors Management System Project 1.0 SQL Injection
Posted Jul 14, 2020
Authored by gh1mau

Apartment Visitors Management System Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 91b58f16959b350a171ce9b91dc1c50a
Cyber Cafe Management System SQL Injection
Posted Jul 14, 2020
Authored by gh1mau

Cyber Cafe Management System from phpgurukul.com suffers from multiple remote SQL injection vulnerabilities. One allows for authentication bypass.

tags | exploit, remote, vulnerability, sql injection
MD5 | 46f2d88200e3723d579cd1ca4acfb52d
Teachers Record Management System 1.0 SQL Injection
Posted Jul 14, 2020
Authored by gh1mau

Teachers Record Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4437bc02a5029d5d8cde47fcc28c6470
Page 3 of 1,117
Back12345Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close