exploit the possibilities
Showing 101 - 125 of 28,216 RSS Feed

Remote Files

Ubuntu Security Notice USN-4593-1
Posted Oct 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4593-1 - Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15999
MD5 | e2d87527b97b4f6bcee00e01fde7e52a
LISTSERV Maestro 9.0-8 Remote Code Execution
Posted Oct 20, 2020
Authored by b0yd | Site securifera.com

An unauthenticated remote code execution vulnerability was found in the LISTSERV Maestro software, versions 9.0-8 and below. This vulnerability stems from a known issue in struts, CVE-2010-1870, that allows for code execution via OGNL Injection. This vulnerability has been confirmed to be exploitable in both the Windows and Linux version of the software and has existed in the LISTSERV Maestro software since at least version 8.1-5. As a result, a specially crafted HTTP request can be constructed that executes code in the context of the web application. Exploitation of this vulnerability does not require authentication and can lead to root level privilege on any system running the LISTServ Maestro services.

tags | advisory, remote, web, root, code execution
systems | linux, windows
advisories | CVE-2010-1870
MD5 | a3168454ee163a5555ee9cdd35609b72
Ubuntu Security Notice USN-4592-1
Posted Oct 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4592-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-24490
MD5 | ea8ffa29056c97fd916af3807500cfd8
WordPress Rest Google Maps SQL Injection
Posted Oct 20, 2020
Authored by Jonatas Fil

WordPress Rest Google Maps plugin versions prior to 7.11.18 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2019-10692
MD5 | 099630f13baa8394edaff5afba8207ca
Visitor Management System In PHP 1.0 SQL Injection
Posted Oct 20, 2020
Authored by Rahul Ramkumar

Visitor Management System in PHP version 1.0 suffers from an authenticated remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
advisories | CVE-2020-25760
MD5 | 8033f7aca5a8c9fe62862c58e36e983e
Gentoo Linux Security Advisory 202010-03
Posted Oct 20, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202010-3 - An information disclosure vulnerability in libjpeg-turbo allow remote attackers to obtain sensitive information. Versions 2.0.4-r1 are affected.

tags | advisory, remote, info disclosure
systems | linux, gentoo
advisories | CVE-2020-13790
MD5 | c41e8764f72fbfba8fd43336c2c227d5
WordPress HS Brand Logo Slider 2.1 Shell Upload
Posted Oct 20, 2020
Authored by Net-Hunter

WordPress HS Brand Logo Slider plugin version 2.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 247365fd8094a2f47aef67d768cb364f
Ubuntu Security Notice USN-4591-1
Posted Oct 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4591-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2020-12351, CVE-2020-12352
MD5 | 5d0eee3a0d51a48fdc43a1f3e9d24038
Ultimate Project Manager CRM PRO 2.05 SQL Injection
Posted Oct 20, 2020
Authored by nag0mez

Ultimate Project Manager CRM PRO versions 2.0.5 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0218911dc1316838cdde1cba109f6620
Apache Struts 2 Remote Code Execution
Posted Oct 20, 2020
Authored by Jonatas Fil

Apache Struts 2 DefaultActionMapper Prefixes OGNL remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2013-2251
MD5 | 4bacfb503bb7a49d5262f888693bb1b8
WordPress SuperStoreFinder 6.1 CSRF / Shell Upload
Posted Oct 20, 2020
Authored by Joe Iz

WordPress SuperStoreFinder plugin version 6.1 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | d65d9b7ecb896e5b99b319e01822cb42
Rite CMS 2.2.1 Remote Code Execution
Posted Oct 20, 2020
Authored by H0j3n

Rite CMS version 2.2.1 authenticated remote code execution exploit. Original finding for remote code execution in this version of Rite CMS is attributed to Enes Ozeser.

tags | exploit, remote, code execution
MD5 | ae908efdadf489d50daf07ce1577dbb2
Typesetter CMS 5.1 Remote Code Execution
Posted Oct 20, 2020
Authored by Rodolfo Tavares

Typesetter CMS version 5.1 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-25790
MD5 | be124f8d98baac1116395606bbbfd43c
Sifter 10.4g
Posted Oct 20, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: GHunt added for email reconnaissance. DeadTrap has been readded. Various other updates and additions.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 295e8fb0ea4fe941b286e8c39240f816
ReQuest Serious Play F3 Media Server 7.0.3 Unauthenticated Remote Code Execution
Posted Oct 19, 2020
Authored by LiquidWorm | Site zeroscience.mk

ReQuest Serious Play F3 Media Server version 7.0.3 suffers from an unauthenticated remote code execution vulnerability. Abusing the hidden ReQuest Internal Utilities page (/tools) from the services provided, an attacker can exploit the Quick File Uploader (/tools/upload.html) page and upload PHP executable files that results in remote code execution as the web server user.

tags | exploit, remote, web, php, code execution, file upload
MD5 | 27df19dca8c37dc3db671041baa681bf
HiSilicon Video Encoder Malicious Firmware Code Execution
Posted Oct 19, 2020
Authored by Alexei Kojenov

HiSilicon Video Encoder suffers from a remote code execution vulnerability via an unauthenticated upload of malicious firmware. Versions affected are vendor specific.

tags | exploit, remote, code execution
advisories | CVE-2020-24217
MD5 | fb0734a3ffef68b6b5ea982d4b944b8c
HiSilicon Video Encoder Command Injection
Posted Oct 19, 2020
Authored by Alexei Kojenov

HiSilicon Video Encoder suffers from a remote command injection vulnerability. Versions affected are vendor specific.

tags | exploit, remote
advisories | CVE-2020-24217
MD5 | c8f693a6270fba4d7d7d538abe23ea48
Online Student's Management System 1.0 Shell Upload
Posted Oct 19, 2020
Authored by Akiner Kisa

Online Student's Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | d8d317865accc39f0ea9c31f5b1c18ab
Nagios XI 5.7.3 SQL Injection
Posted Oct 19, 2020
Authored by Matthew Aberegg

Nagios XI version 5.7.3 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 01febd1da2bfd95f219977a57c5aea72
Tourism Management System 1.0 Shell Upload
Posted Oct 19, 2020
Authored by Saurav Shukla, Ankita Pal

Tourism Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 023224c77cadc9a82e003c481b8f416f
Company Visitor Management System (CVMS) 1.0 SQL Injection
Posted Oct 16, 2020
Authored by Oguz Turkgenc

Company Visitor Management System (CVMS) version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 4157302994cd9e55e94b6aa44dd0fed1
Ubuntu Security Notice USN-4585-1
Posted Oct 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4585-1 - It was discovered that Newsbeuter didn't handle the command line input properly. An remote attacker could use it to ran remote code by crafting a special input file. It was discovered that Newsbeuter didn't handle metacharacters in its filename properly. An remote attacker could use it to ran remote code by crafting a special filename.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-12904, CVE-2017-14500
MD5 | 328a24e2a98284b91341a4629d487991
Hotel Management System 1.0 Remote Code Execution
Posted Oct 16, 2020
Authored by Eren Simsek

Hotel Management System version 1.0 authenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | b1e5c8ead51128c4406e997548fee939
CS-Cart 1.3.3 Remote Code Execution
Posted Oct 16, 2020
Authored by 0xmmnbassel

Details for achieving remote code execution on CS-Cart version 1.3.3, a really old version.

tags | exploit, remote, code execution
MD5 | 0df18b37ecb146e84ab2c6be59243438
Ubuntu Security Notice USN-4589-2
Posted Oct 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4589-2 - USN-4589-1 fixed a vulnerability in containerd. This update provides the corresponding update for docker.io. It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials. Various other issues were also addressed.

tags | advisory, remote, registry
systems | linux, ubuntu
advisories | CVE-2020-15157
MD5 | 0ff1cab3c8d8dd33e88294428bb3c3f2
Page 5 of 1,129
Back34567Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close