what you don't know can hurt you
Showing 101 - 125 of 28,030 RSS Feed

Remote Files

ManageEngine ADSelfService Plus 6000 Remote Code Execution
Posted Aug 10, 2020
Authored by Bhadresh Patel

ManageEngine ADSelfService Plus 6000 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-11552
MD5 | 0261c2ef1439e755fd4c0111baa4b914
Gentoo Linux Security Advisory 202008-05
Posted Aug 10, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202008-5 - A buffer overflow in gThumb might allow remote attacker(s) to execute arbitrary code. Versions less than 3.10.0 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2019-20326
MD5 | 6079dfd95b3c1cbab40ba699c0ff8af7
Sifter 9.3
Posted Aug 10, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Various runtime fixes in execution scripts.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 6d82476f65ba61ff6c5cfee3aa5d1d0d
Gentoo Linux Security Advisory 202008-02
Posted Aug 9, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202008-2 - A vulnerability in GNU GLOBAL was discovered, possibly allowing remote attackers to execute arbitrary code. Versions less than 6.6.4 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2017-17531
MD5 | c31763322e1337796431bbb6158d0fc0
Tailor Management System 1.0 SQL Injection
Posted Aug 7, 2020
Authored by Mucahit Karadag

Tailor Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 8698574c326306e45ce56e22c93d48e3
Victor CMS 1.0 SQL Injection
Posted Aug 6, 2020
Authored by Edo Maland

Victor CMS version 1.0 suffers from a search remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to BKpatron.

tags | exploit, remote, sql injection
MD5 | 68049baf49f74824b0b93ea4e1fc7670
Daily Expenses Management System 1.0 SQL Injection
Posted Aug 6, 2020
Authored by Edo Maland

Daily Expenses Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Daniel Ortiz.

tags | exploit, remote, vulnerability, sql injection
MD5 | 1e0fcc5209709de3fa6c0c22a21e0f65
Curfew e-Pass Management System 1.0 SQL Injection
Posted Aug 6, 2020
Authored by Mucahit Karadag

Curfew e-Pass Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to gh1mau.

tags | exploit, remote, vulnerability, sql injection
MD5 | a86ff9fc24a454605eb91b9a93042a64
Online Shopping Alphaware 1.0 SQL Injection
Posted Aug 5, 2020
Authored by Edo Maland

Online Shopping Alphaware version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version attributed to Ahmed Abbas.

tags | exploit, remote, vulnerability, sql injection
MD5 | 204f998c116fde2ccd7e7f83d5a48685
Ubuntu Security Notice USN-4448-1
Posted Aug 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4448-1 - It was discovered that Tomcat incorrectly validated the payload length in a WebSocket frame. A remote attacker could possibly use this issue to cause Tomcat to hang, resulting in a denial of service. It was discovered that Tomcat incorrectly handled HTTP header parsing. In certain environments where Tomcat is located behind a reverse proxy, a remote attacker could possibly use this issue to perform HTTP Request Smuggling. Various other issues were also addressed.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2020-13935, CVE-2020-1935, CVE-2020-9484
MD5 | f490bd6674a82d8af4d84ba15996c17f
Documalis Free PDF Editor 5.7.2.26 / Documalis Free PDF Scanner 5.7.2.122 Buffer Overflow
Posted Aug 4, 2020
Authored by metacom | Site metasploit.com

Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit this vulnerability to trigger a buffer overflow on the stack and gain remote code execution as the user running the Documalis Free PDF Editor or Documalis Free PDF Scanner software.

tags | exploit, remote, overflow, code execution
MD5 | 0d0a1918990afa2cbe664861b2ed5a5d
Daily Expenses Management System 1.0 SQL Injection
Posted Aug 4, 2020
Authored by Daniel Ortiz

Daily Expenses Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9e6e99fea6a5022fef764d130ffc1573
Pi-hole 4.3.2 Remote Code Execution
Posted Aug 4, 2020
Authored by Luis Vacacas

Pi-hole version 4.3.2 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-8816
MD5 | c974a233e43e84e556dfc6ea373f51a4
Sifter 9.2
Posted Aug 4, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Various runtime fixes in execution scripts.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 1d51fc20c08bea73509e929eb29de8f1
Car Rental Management System 1.0 Remote Code Execution
Posted Aug 4, 2020
Authored by hyd3sec

Car Rental Management System version 1.0 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | fc76a860fbf88ef19ed2574d10b76719
Ubuntu Security Notice USN-4445-1
Posted Aug 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4445-1 - It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code,

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15900
MD5 | e5cd22ad9394fc8739acbf87db5ba61d
Ubuntu Security Notice USN-4446-1
Posted Aug 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4446-1 - Jeriko One discovered that Squid incorrectly handled caching certain requests. A remote attacker could possibly use this issue to perform cache-injection attacks or gain access to reverse proxy features such as ESI. Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled certain URN requests. A remote attacker could possibly use this issue to bypass access checks. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-12520, CVE-2019-12523, CVE-2019-12524, CVE-2019-18676
MD5 | 0645410abcb063dfc2a9e47806b54c82
Stock Management System 1.0 SQL Injection
Posted Aug 3, 2020
Authored by hyd3sec

Stock Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 86a8471246e2649f885e68626bf61d29
Umbraco CMS 7.12.4 Remote Code Execution
Posted Aug 3, 2020
Authored by Alexandre Zanni | Site github.com

Umbraco CMS version 7.12.4 authenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | c6a4a934c6775c455e5e4f225dec66c0
OpenEMR 5.0.1 Remote Code Execution
Posted Aug 3, 2020
Authored by Alexandre Zanni | Site github.com

OpenEMR versions 5.0.1 and below authenticated remote code execution exploit written in ruby.

tags | exploit, remote, code execution, ruby
MD5 | 0c4b5a66f0b188dd68ac3a5de13961d4
Ubuntu Security Notice USN-4444-1
Posted Aug 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4444-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2020-9862, CVE-2020-9915
MD5 | 41e64fcb2adc18e2a3f8f179c1a36e11
Sifter 9.1
Posted Aug 3, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Various runtime fixes in execution scripts.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | c707bd94569962d87610241093f6bc0a
Online Bike Rental 1.0 Shell Upload
Posted Aug 1, 2020
Authored by Bobby Cooke, hyd3sec

Online Bike Rental version 1.0 suffers from an authenticated remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | c24d92ba32b907f53df823c312feb8d2
SharePoint DataSet / DataTable Deserialization
Posted Jul 31, 2020
Authored by Soroush Dalili, mr_me, Spencer McIntyre | Site metasploit.com

A remotely exploitable vulnerability exists within SharePoint that can be leveraged by a remote authenticated attacker to execute code within the context of the SharePoint application service. The privileges in this execution context are determined by the account that is specified when SharePoint is installed and configured. The vulnerability is related to a failure to validate the source of XML input data, leading to an unsafe deserialization operation that can be triggered from a page that initializes either the ContactLinksSuggestionsMicroView type or a derivative of it. In a default configuration, a Domain User account is sufficient to access SharePoint and exploit this vulnerability.

tags | exploit, remote
advisories | CVE-2020-1147
MD5 | 1951b8a6649841f289b9e4feb3f9e3b0
Gentoo Linux Security Advisory 202007-62
Posted Jul 31, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-62 - A flaw in PyCrypto allow remote attackers to obtain sensitive information. Versions less than or equal to 2.6.1-r2 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2018-6594
MD5 | 80d76ca85d2e9711881765ca3dea3df9
Page 5 of 1,122
Back34567Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    7 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close