what you don't know can hurt you
Showing 101 - 125 of 29,211 RSS Feed

Remote Files

Ubuntu Security Notice USN-5100-1
Posted Oct 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5100-1 - It was discovered that containerd insufficiently restricted permissions on container root and plugin directories. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could traverse directory contents and modify files and execute programs on the host filesystem, possibly leading to privilege escalation.

tags | advisory, remote, root
systems | linux, ubuntu
advisories | CVE-2021-41103
MD5 | bc2839346203abd22e30f4ef10721232
Company's Recruitment Management System SQL Injection
Posted Oct 4, 2021
Authored by nu11secur1ty

Company's Recruitment Management System in PHP and SQLite Free Source Code suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 5dad0ab07935fd852a5f37380715c9c9
Local Offices Contact Directory Site SQL Injection
Posted Oct 4, 2021
Authored by nu11secur1ty

Local Offices Contact Directory Site using PHP and SQLite Free Source Code suffers from a remote SQL injection vulnerability.

tags | exploit, remote, local, php, sql injection
MD5 | b6786101aa6c4cb696251f2b75da6e63
Ubuntu Security Notice USN-4973-2
Posted Oct 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4973-2 - USN-4973-1 fixed this vulnerability previously, but it was re-introduced in python3.8 in focal because of the SRU in LP: #1928057. This update fixes the problem. It was discovered that the Python stdlib ipaddress API incorrectly handled octal strings. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions. Various other issues were also addressed.

tags | advisory, remote, python
systems | linux, ubuntu
advisories | CVE-2021-29921
MD5 | 67f887f3360fc14e1a1b82575e61a138
College Management System 1.0 SQL Injection
Posted Oct 4, 2021
Authored by Abdulrahman

College Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 84866bb31f560e1ed138462bda9a7b1b
PyRDP RDP Man-In-The-Middle Tool
Posted Oct 4, 2021
Authored by Francis Labelle, Emilio Gonzalez, Alexandre Beaulieu, Olivier Bilodeau | Site github.com

PyRDP is a Python Remote Desktop Protocol (RDP) Monster-in-the-Middle (MITM) tool and library.

tags | tool, remote, protocol, python
systems | unix
MD5 | 06c0d9021f660b1493c9e09fb8e332da
Young Entrepreneur E-Negosyo System 1.0 SQL Injection
Posted Oct 4, 2021
Authored by Jordan Glover

Young Entrepreneur E-Negosyo System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 2760849f509e93f7ee98ccc1565239ee
Vehicle Service Managment System 1.0 Shell Upload
Posted Oct 4, 2021
Authored by Richard Jones

Vehicle Service Management System version 1.0 unauthenticated remote shell upload exploit that uses authentication bypass with SQL injection.

tags | exploit, remote, shell, sql injection
MD5 | 243eaba5d6291c10ea45e14a67617fbf
Vehicle Service Management System 1.0 SQL Injection
Posted Oct 4, 2021
Authored by Richard Jones

Vehicle Service Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities one of which allows for authentication bypass.

tags | exploit, remote, vulnerability, sql injection
MD5 | d3cafda8b344117eabc44ad3416220ca
Open Game Panel Remote Code Execution
Posted Oct 4, 2021
Authored by prey

Open Game Panel suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 4a44064f3593b04c3c02e8b2d071ef52
Pet Shop Management System 1.0 Privilege Escalation / Shell Upload
Posted Oct 4, 2021
Authored by Oscar Gutierrez

Pet Shop Management System version 1.0 suffers from privilege escalation and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability
MD5 | 210c02bde43decbb2a8119311298118b
Lodging Reservation Management System 1.0 SQL Injection
Posted Oct 3, 2021
Authored by Nitin Sharma

Lodging Reservation Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
advisories | CVE-2021-41511
MD5 | e4175bcca9ec82a6eda311e7c9e874e1
Blood Bank System 1.0 SQL Injection
Posted Oct 1, 2021
Authored by Nitin Sharma

Blood Bank System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | b76eb3055e476a79c965525db05053e1
Exam Form Submission System 1.0 SQL Injection
Posted Oct 1, 2021
Authored by Nitin Sharma

Exam Form Submission System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 6689a4a7872f85c4771509d97920922e
Vehicle Service Management System 1.0 Shell Upload
Posted Oct 1, 2021
Authored by Fikrat Ghuliev

Vehicle Service Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 01d3085f8bd760fde3397a0c284829f2
CMSimple_XH 1.7.4 Remote Command Execution
Posted Oct 1, 2021
Authored by Halit Akaydin

CMSimple_XH version 1.7.4 remote command execution exploit.

tags | exploit, remote
MD5 | 7c5ab76fd7a908c0d56543e343c41964
Cmsimple 5.4 Remote Code Execution
Posted Sep 30, 2021
Authored by pussycat0x

Cmsimple version 5.4 authenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 46792c26a9315734cd7d64fb53dadde5
Pharmacy Point Of Sale System 1.0 SQL Injection
Posted Sep 30, 2021
Authored by Murat

Pharmacy Point of Sale System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Janik Wehrli in September of 2021.

tags | exploit, remote, vulnerability, sql injection
MD5 | 67cb3f0f5642965281dd9c95b04997cc
Pet Shop Management System 1.0 Shell Upload
Posted Sep 29, 2021
Authored by Mr.Gedik

Pet Shop Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 627f1d99e1a6128d4f0c6fe3fd446a5b
Storage Unit Rental Management System 1.0 Shell Upload
Posted Sep 29, 2021
Authored by Fikrat Ghuliev

Storage Unit Rental Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 5421a7893a6512edbf13aa29036effff
Ubuntu Security Notice USN-5090-4
Posted Sep 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5090-4 - USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. It was discovered that the Apache HTTP Server incorrectly handled certain malformed requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. It was discovered that the Apache HTTP Server incorrectly handled escaping quotes. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-39275, CVE-2021-40438
MD5 | 90831576b5e159be92f9a4a7af321eef
Covid Vaccination Scheduler System 1.0 SQL Injection / Cross Site Scripting
Posted Sep 29, 2021
Authored by nu11secur1ty | Site github.com

Covid Vaccination Scheduler System version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to faisalfs10x in July of 2021.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2021-36621
MD5 | 244e4f5a3652b8edf45eaf6f522a54a4
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Privilege Escalation
Posted Sep 28, 2021
Authored by LiquidWorm | Site zeroscience.mk

FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 suffers from a remote privilege escalation vulnerability.

tags | exploit, remote
MD5 | 55a8a0546a607614640ebbecb5a328b5
Ubuntu Security Notice USN-5090-3
Posted Sep 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5090-3 - USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem.

tags | advisory, remote, web, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-39275, CVE-2021-40438
MD5 | 5608f104eebba750eb15f048c91ed22d
Ubuntu Security Notice USN-5093-1
Posted Sep 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5093-1 - Brian Carpenter discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. Brian Carpenter discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3770, CVE-2021-3778, CVE-2021-3796
MD5 | d62db22a529fb4b0551f5eaa73d5af5c
Page 5 of 1,169
Back34567Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close