Exploit the possiblities
Showing 76 - 100 of 25,257 RSS Feed

Remote Files

Simple Chatting System 1.0.0 Arbitrary File Upload
Posted Dec 8, 2017
Authored by Ihsan Sencan

Simple Chatting System version 1.0.0 suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | 77413507fd2922a9057592b309ab06a4
DomainSale PHP Script 1.0 SQL Injection
Posted Dec 8, 2017
Authored by Ihsan Sencan

DomainSale PHP Script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | a56a1dda75e54598cd5a61f9e56fd517
Red Hat Security Advisory 2017-3399-01
Posted Dec 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3399-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for log4j package in Red Hat JBoss Enterprise Application Platform 5.2.0. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645
MD5 | fd3fa5c76fa52ea11d8e205fc0649bcc
Red Hat Security Advisory 2017-3400-01
Posted Dec 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3400-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for log4j package in Red Hat JBoss Enterprise Application Platform 5.2.0. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645
MD5 | df040496bdde37bdd121a27c3c866ad2
LaCie 5big Network 2.2.8 Command Injection
Posted Dec 7, 2017
Authored by Timo Sablowski

LaCie 5big Network version 2.2.8 suffers from a remote command injection vulnerability.

tags | exploit, remote
MD5 | 64fbc0e2733b195f3cc694a961649343
Ubuntu Security Notice USN-3505-1
Posted Dec 6, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3505-1 - Mathy Vanhoef discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-13080, CVE-2017-13081
MD5 | 87ee0f831e0f3c683bf51d16e35f5313
FS Makemytrip Clone SQL Injection
Posted Dec 6, 2017
Authored by Dan

FS Makemytrip Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e305582e65439f726fde6ea6a87d454f
FS Facebook Clone SQL Injection
Posted Dec 6, 2017
Authored by Dan

FS Facebook Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e8c441e14dd728768602f14a04824f86
FS IMDB Clone SQL Injection
Posted Dec 6, 2017
Authored by Dan

FS IMDB Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4c7487245675efcec29a6bfcf80c3bfa
FS Shaadi Clone SQL Injection
Posted Dec 6, 2017
Authored by Dan

FS Shaadi Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7d87501b93ac4462455d270ce9d6f85c
Readymade Classifieds Script 1.0 SQL Injection
Posted Dec 6, 2017
Authored by Ihsan Sencan

Readymade Classifieds Script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-17111
MD5 | 694339b453a6f67a04e333d0405311ac
Techno Portfolio Management Panel 1.0 SQL Injection
Posted Dec 6, 2017
Authored by Ihsan Sencan

Techno Portfolio Management Panel version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-17110
MD5 | af118cd6bb3ec6d0ef9ce43b061f32b9
VirtualBox Man-In-The-Middle
Posted Dec 5, 2017
Authored by Mark Wadham

VirtualBox suffers from a remote code execution vulnerability due to downloading updates over HTTP.

tags | exploit, remote, web, code execution
MD5 | ec205f1c7d32d9c26e1cabb826548444
Ubuntu Security Notice USN-3498-2
Posted Dec 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3498-2 - USN-3498-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that curl incorrectly handled FTP wildcard matching. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-8817
MD5 | 26d30b6c5e75b0330e6d2d9aa3568ea6
Red Hat Security Advisory 2017-3379-01
Posted Dec 4, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3379-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Security Fix: It was found that sssd's sysdb_search_user_by_upn_res() function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.

tags | advisory, remote, local
systems | linux, redhat
advisories | CVE-2017-12173
MD5 | 7f4b313a6c09b1de5b59cb9a844524f0
TOR Virtual Network Tunneling Tool 0.3.1.9
Posted Dec 4, 2017
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.1.9 backports important security and stability fixes from the 0.3.2 development series.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 585e62d086ae7df7cd873f735d726118
HP iMC Plat 7.2 Remote Code Execution
Posted Dec 2, 2017
Authored by Chris Lyne

HP iMC Plat version 7.2 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-5816
MD5 | 8baebfa60a6f51e59e3521de21d45b0a
Jobs2Careers / Coroflot Clone SQL Injection
Posted Dec 2, 2017
Authored by 8bitsec

Jobs2Careers / Coroflot Clone suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 89c18bd7067c0b5f7e78b774adc42b16
Artica Web Proxy 3.06.112216 Remote Code Execution
Posted Dec 1, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Artica Web Proxy version 3.06.112216 suffers from a remote code execution vulnerability.

tags | exploit, remote, web, code execution
advisories | CVE-2017-17055
MD5 | 90c89dcf50c8e44aab718305bfd8452f
Debian Security Advisory 4052-1
Posted Nov 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4052-1 - Adam Collard discovered that Bazaar, an easy to use distributed version control system, did not correctly handle maliciously constructed bzr+ssh URLs, allowing a remote attackers to run an arbitrary shell command.

tags | advisory, remote, arbitrary, shell
systems | linux, debian
advisories | CVE-2017-14176
MD5 | 0fa35f0a8b504f19587654a03b18d2bc
Hipchat For Mac 4.x Remote Code Execution
Posted Nov 29, 2017
Authored by Matthew Hart

Hipchat for Mac desktop client versions prior to 4.30 suffer from a remote code execution vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2017-14586
MD5 | bc9f76c16c2234a3266f91910a0c367f
Asterisk 13.17.2~dfsg-2 Memory Exhaustion
Posted Nov 29, 2017
Authored by Juan Sacco

Asterisk version 13.17.2~dfsg-2 suffers from a remote unauthenticated memory exhaustion vulnerability.

tags | exploit, remote, denial of service
MD5 | 359301b570dd73a9d68c81fd132e7f30
Ubuntu Security Notice USN-3499-1
Posted Nov 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3499-1 - It was discovered that Exim incorrectly handled certain BDAT data headers. A remote attacker could possibly use this issue to cause Exim to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-16944
MD5 | 76413a0a0b86941ed4c9ab6ea5adcb1a
Hipchat Data Center / Hipchat Server Code Execution / SSRF
Posted Nov 29, 2017
Authored by Matthew Hart

Hipchat Data Center and Hipchat Server suffer from server-side request forgery and remote code execution vulnerabilities.

tags | advisory, remote, vulnerability, code execution
advisories | CVE-2017-14585
MD5 | e2f2ba4acc611b0394376429fc3f7a13
Synology StorageManager 5.2 Remote Command Execution
Posted Nov 29, 2017
Authored by securiteam

Synology StorageManager version 5.2 suffers from a remote root command execution vulnerability in smart.cgi.

tags | exploit, remote, cgi, root
MD5 | 0e725291dedfc743e647723b95b3a423
Page 4 of 1,011
Back23456Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    33 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close