what you don't know can hurt you
Showing 101 - 125 of 27,763 RSS Feed

Remote Files

Kentico CMS 12.0.14 Remote Command Execution
Posted May 6, 2020
Authored by aushack, Manoj Cherukuri, Justin LeMay | Site metasploit.com

This Metasploit module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote command execution is possible via unauthenticated XML requests to the Staging Service SyncServer.asmx interface ProcessSynchronizationTaskData method stagingTaskData parameter. XML input is passed to an insecure .NET deserialize call which allows for remote command execution.

tags | exploit, remote
advisories | CVE-2019-10068
MD5 | 56021ce239bc4ef2d157567974ec70ff
Extreme Networks Aerohive HiveOS 11.x Denial Of Service
Posted May 6, 2020
Authored by LiquidWorm | Site zeroscience.mk

Extreme Networks Aerohive HiveOS versions 11.x and below remote denial of service exploit. An unauthenticated malicious user can trigger a denial of service (DoS) attack when sending specific application layer packets towards the Aerohive NetConfig UI. This proof of concept exploit renders the application unusable for 305 seconds or 5 minutes with a single HTTP request using the action.php5 script calling the CliWindow function thru the _page parameter, denying access to the web server hive user interface.

tags | exploit, remote, web, denial of service, proof of concept
MD5 | 8bc523d3b61e243e2e55cdddefe4c905
Online Clothing Store 1.0 SQL Injection
Posted May 6, 2020
Authored by Sushant Kamble

Online Clothing Store version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ff6487a8ff05ed05abe1c7c229afe958
YesWiki cercopitheque 2020.04.18.1 SQL Injection
Posted May 6, 2020
Authored by coiffeur

YesWiki cercopitheque version 2020.04.18.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8ffa605c3b8536237c57ba523f09defd
Pisay Online E-Learning System 1.0 SQL Injection / Code Execution
Posted May 6, 2020
Authored by Bobby Cooke

Pisay Online E-Learning System version 1.0 suffers from remote SQL Injection and code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection
MD5 | c0c573cce24cfaa86ad1d9b4c0ba79e7
IBM Data Risk Manager 2.0.3 Remote Code Execution
Posted May 5, 2020
Authored by Pedro Ribeiro | Site metasploit.com

IBM Data Risk Manager (IDRM) contains three vulnerabilities that can be chained by an unauthenticated attacker to achieve remote code execution as root. The first is an unauthenticated bypass, followed by a command injection as the server user, and finally abuse of an insecure default password. This module exploits all three vulnerabilities, giving the attacker a root shell. At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be affected, and the latest 2.0.6 is most likely affected too.

tags | exploit, remote, shell, root, vulnerability, code execution
advisories | CVE-2020-4427, CVE-2020-4428, CVE-2020-4429
MD5 | 3146f36e720ad41b90d484a8f93fd1de
Saltstack 3000.1 Remote Code Execution
Posted May 5, 2020
Authored by Jasper Lievisse Adriaanse

Saltstack version 3000.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-11651, CVE-2020-11652
MD5 | 3d2d2a6913589181fa16c72fa6595c90
SimplePHPGal 0.7 Remote File Inclusion
Posted May 5, 2020
Authored by h4shur

SimplePHPGal version 0.7 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 69eb6230d589074cf1c0543f754f010b
PhreeBooks ERP 5.2.5 Remote Command Execution
Posted May 5, 2020
Authored by Besim Altinok

PhreeBooks ERP version 5.2.5 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 3eb38b6112cfe92587bb29732357294b
Online Scheduling System 1.0 SQL Injection
Posted May 5, 2020
Authored by Saurav Shukla

Online Scheduling System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a849e94015acb2832049808370ead33c
addressbook 9.0.0.1 SQL Injection
Posted May 4, 2020
Authored by David Velazquez

addressbook version 9.0.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 46f9e67a67921a342beaa2b6469e0931
Fishing Reservation System SQL Injection
Posted May 4, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Fishing Reservation System suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 2aaa59d78fca12b13c59f0f84e809e13
iJoomla AdAgency 6.0.9 SQL Injection
Posted May 2, 2020
Authored by Milad Karimi

iJoomla AdAgency component version 6.0.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 30318823aa8bf5f59681179d5513c3c7
FlashGet 1.9.6 Buffer Overflow Proof Of Concept
Posted May 2, 2020
Authored by Milad Karimi

FlashGet version 1.9.6 remote buffer overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
MD5 | 78034629a3a69d6e02974c388fd4049b
Ubuntu Security Notice USN-4333-2
Posted Apr 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4333-2 - USN-4333-1 fixed vulnerabilities in Python. This update provides the corresponding update for Ubuntu 20.04 LTS. It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. Various other issues were also addressed.

tags | advisory, remote, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2019-18348, CVE-2020-8492
MD5 | 2dbbfbaed601e32e6da1b12707626d46
Ubuntu Security Notice USN-4341-2
Posted Apr 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4341-2 - USN-4341-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-10704
MD5 | 7f4f95a8935362a14eb9d57fe1cd57a0
Apache Shiro 1.2.4 Remote Code Execution
Posted Apr 29, 2020
Authored by L | Site metasploit.com

This Metasploit module exploits a vulnerability that allows remote attackers to execute arbitrary code on vulnerable installations of Apache Shiro version 1.2.4.

tags | exploit, remote, arbitrary
advisories | CVE-2016-4437
MD5 | 50bc5cef4f68b32fda9b582ca1462094
Ubuntu Security Notice USN-4341-3
Posted Apr 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4341-3 - USN-4341-1 fixed vulnerabilities in Samba. The updated packages for Ubuntu 16.04 LTS introduced a regression when using LDAP. This update fixes the problem. It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-10704
MD5 | 87e404efb185f6aae61c399f2cacb653
Ubuntu Security Notice USN-4347-1
Posted Apr 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4347-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2020-3899
MD5 | 380e072a308e347bf34eabb33090812c
hits script 1.0 SQL Injection
Posted Apr 29, 2020
Authored by sajjadbnd

hits script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | cca4702b603ff9b386579c0fbf4238f2
Open-AudIT Professional 3.3.1 Remote Code Execution
Posted Apr 29, 2020
Authored by Askar

Open-AudIT Professional version 3.3.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-12078
MD5 | f1858718f305636a70afa52eb45eee3a
Open-AudIT 3.2.2 Command Injection / SQL Injection
Posted Apr 29, 2020
Authored by Core Security Technologies, Ivan Huertas, Pablo A. Zurro | Site coresecurity.com

Open-AudIT version 3.2.2 suffers from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection, file upload
advisories | CVE-2020-11941, CVE-2020-11942, CVE-2020-11943
MD5 | 7ea2efd5fece16f023d6a11fbc170dd9
School ERP Pro 1.0 Remote Code Execution
Posted Apr 29, 2020
Authored by Besim Altinok

School ERP Pro version 1.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | e8c1176525438a945e38eefe3db8e8ec
School ERP Pro 1.0 SQL Injection
Posted Apr 29, 2020
Authored by Besim Altinok

School ERP Pro version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ede193aee7ab43343b5ef4a91a825d59
Ubuntu Security Notice USN-4341-1
Posted Apr 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4341-1 - Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-10700, CVE-2020-10704
MD5 | 2bccbe86ea1f3ad867880a05f786d1ff
Page 5 of 1,111
Back34567Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    15 Files
  • 4
    Jun 4th
    25 Files
  • 5
    Jun 5th
    8 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close