exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 30,024 RSS Feed

Remote Files

WordPress Elementor 3.6.2 Shell Upload
Posted Oct 4, 2022
Authored by h00die, Ramuel Gall, AkuCyberSec | Site metasploit.com

WordPress Elementor plugin versions 3.6.0 through 3.6.2 suffer from a remote shell upload vulnerability. This is achieved by sending a request to install Elementor Pro from a user supplied zip file. Any user with Subscriber or more permissions is able to execute this.

tags | exploit, remote, shell
advisories | CVE-2022-1329
SHA-256 | 0537a61d8c7e168ee93f25ae88cc62b13741cb186c02291ebc2f946f834cd81f
Ubuntu Security Notice USN-5651-2
Posted Oct 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5651-2 - USN-5651-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2022-40617
SHA-256 | 759a27511c8f487803c7aa104783c2c246c6fddf62edc3b8d14f204cff8a093e
Ubuntu Security Notice USN-5651-1
Posted Oct 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5651-1 - Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2022-40617
SHA-256 | 307727d9f9df8f35a12cad1acef25cb191f668ed5401e4156a8ff7369ecdc831
Ubuntu Security Notice USN-5653-1
Posted Oct 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5653-1 - Benjamin Balder Bach discovered that Django incorrectly handled certain internationalized URLs. A remote attacker could possibly use this issue to cause Django to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-41323
SHA-256 | 9243a60f7904a4b165533d79fb778a5eaf28db2dcb1af8c5196198b7945e326e
Canteen Management 1.0-2022 SQL Injection
Posted Oct 4, 2022
Authored by nu11secur1ty

Canteen Management version 1.0-2022 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2d4328d6484fdeed0350fcb19dc9fe4f3d5499e3bb9f44d105865efdc3315733
Ubuntu Security Notice USN-5652-1
Posted Oct 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5652-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-36946
SHA-256 | da237cf0c69ad0299d2d45386e0353a125c52434eb9c8e1c7b9ba1d5a9cfa13a
Backdoor.Win32.Delf.eg MVID-2022-0647 Remote Command Execution
Posted Oct 3, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Delf.eg malware suffers from an unauthenticated remote command execution vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | 647bd7e9095b288a89ae94fb9fdf863e6f1885af0b181b032ba01f65602b3f36
Joomla MarvikShop ShoppingCart 3.4 SQL Injection
Posted Oct 3, 2022
Authored by CraCkEr

Joomla MarvikShop ShoppingCart extension version 3.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | af41f883caada44f1dff993f8717a577f62a5db925c277a7fdd1059acaa38172
Joomla JKassa ShoppingCart 2.0.0 SQL Injection
Posted Oct 3, 2022
Authored by CraCkEr

Joomla JKassa ShoppingCart extension version 2.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1d286657a6509ab45feb55b36b0bc01dd8f56873e7fc43f5845bda2adfc98272
Joomla JUX Charity Hub 1.0.4 SQL Injection
Posted Oct 3, 2022
Authored by CraCkEr

Joomla JUX Charity Hub extension version 1.0.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dd85f026aa28d0d837d9b8f6e68a55f63645f20a0ae801b2099b5ca88441771b
ZKSecurity BIO 4.1.2 SQL Injection / Code Execution
Posted Oct 1, 2022
Authored by Silton Santos, Caio Burgardt

ZKSecurity BIO version 4.1.2 suffers from a remote SQL injection vulnerability that can allow for remote code execution.

tags | exploit, remote, code execution, sql injection
advisories | CVE-2022-36635
SHA-256 | 2f5ddba7cf7e3024ddc6ad5a39968b8c149a652831c65c828f1565ea29f0e84d
GuppY CMS 6.00.10 Shell Upload
Posted Oct 1, 2022
Authored by Chokri Hammedi

GuppY CMS version 6.00.10 suffers from an authenticated remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 7379f5703f8c8447e89b8393459ce54d04deb30eed715a6df6b281a1b380609b
Joomla MyMuse 4.3.0 SQL Injection
Posted Oct 1, 2022
Authored by CraCkEr

Joomla MyMuse extension version 4.3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5deedb4e9c6f4ba784330c0618c0b611b0d2f5c953c41021281d833c3fab451c
Joomla JS Jobs Pro 1.3.6 SQL Injection
Posted Oct 1, 2022
Authored by CraCkEr

Joomla JS Jobs Pro extension version 1.3.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1660f7d887aa22210db0f906f32132f8374ecb3142a0efecf10ad4eff14b83fa
Gentoo Linux Security Advisory 202209-23
Posted Sep 30, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202209-23 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 105.0.5195.125 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-3038, CVE-2022-3039, CVE-2022-3040, CVE-2022-3041, CVE-2022-3042, CVE-2022-3043, CVE-2022-3044, CVE-2022-3045, CVE-2022-3046, CVE-2022-3047, CVE-2022-3048, CVE-2022-3049, CVE-2022-3050, CVE-2022-3051
SHA-256 | cdc8ee89e740628d11a899ae470b25cff194a96171905579abdf7bb65d0a72c5
qdPM 9.1 Authenticated Shell Upload
Posted Sep 29, 2022
Authored by Rishal Dwivedi, Leon Trappett, Giacomo Casoni | Site metasploit.com

A remote code execution vulnerability exists in qdPM versions 9.1 and below. An attacker can upload a malicious PHP code file via the profile photo functionality by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature thus allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884.

tags | exploit, remote, php, code execution
advisories | CVE-2015-3884, CVE-2020-7246
SHA-256 | 41d2d18aa9196d7f57810fe954d8362f8c6f3662e5ba2a143d334cd07ac9b371
Joomla AdsManager 3.2.0 SQL Injection
Posted Sep 29, 2022
Authored by CraCkEr

Joomla AdsManager extension version 3.2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d94efabfad9904e592ec82124c03316f4ce8b774ae57879750a98a1445884262
Ubuntu Security Notice USN-5646-1
Posted Sep 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5646-1 - Tobias Stoeckmann discovered that libXi did not properly manage memory when handling X server responses. A remote attacker could use this issue to cause libXi to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-7945
SHA-256 | 46c4a791137670f7e5bdbac84f1b17ad4b368c2214d2709f79e8c9bd7c67e379
Ubuntu Security Notice USN-5645-1
Posted Sep 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5645-1 - Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established. Tom Lane discovered that PostgreSQL incorrect handled certain array subscripting calculations. An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-23214, CVE-2021-32027
SHA-256 | fa94546c58f17991b5a646049ec8ec30cd923dd7fcf8ea2301f30eeeb7d86f13
Online Examination System 1.0 SQL Injection
Posted Sep 29, 2022
Authored by Yousef Alraddadi

Online Examination System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dba8c93e85cd1df6195d39d4a331df0a884b158c86b28ffa00bd3dea43e7b6ba
Ubuntu Security Notice USN-5643-1
Posted Sep 27, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5643-1 - It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-27792, CVE-2022-2085
SHA-256 | 9ddb6beb5a0c7f182f8769c40dd4c0e7d3469c4fb93b3442d282bbf5574f3e0f
Ubuntu Security Notice USN-5642-1
Posted Sep 27, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5642-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2022-32886
SHA-256 | a741c88fdbcebba263f141b68dade06af9876160b8164996177be9bce2fc3196
Ubuntu Security Notice USN-5641-1
Posted Sep 27, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5641-1 - Mikhail Evdokimov discovered that Squid incorrectly handled cache manager ACLs. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that Squid incorrectly handled SSPI and SMB authentication. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly obtain sensitive information.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-41317, CVE-2022-41318
SHA-256 | e3be1c2d3e1c33766fc12005e97a52783721d5bebbcafa1253447b986f555895
Food Ordering Management System 1.0 SQL Injection
Posted Sep 27, 2022
Authored by Yousef Alraddadi

Food Ordering Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1be2c696b62c411f0a88c3819a1d4653e0f042e7aa59018ccd5596555ca02a4b
Ubuntu Security Notice USN-5637-1
Posted Sep 26, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5637-1 - It was discovered that libvpx incorrectly handled certain WebM media files. A remote attacker could use this issue to crash an application using libvpx under certain conditions, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-0034
SHA-256 | 62acfeee21a05d07af7c6e293d6841f7a19ff21ba74bd33367cd0ea77a38691a
Page 5 of 1,201
Back34567Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close