what you don't know can hurt you
Showing 26 - 50 of 27,332 RSS Feed

Vulnerability Files

SQLMAP - Automatic SQL Injection Tool 1.3
Posted Jan 7, 2019
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 1a3875f12c086f1c3924014c72cdc928
Ox App Suite 7.8.4 / 7.8.3 XSS / CSRF / Information Disclosure
Posted Jan 7, 2019
Authored by Secator

Ox App Suite versions 7.8.4 and 7.8.3 suffer from cross site scripting, cross site request forgery, and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion, info disclosure, csrf
advisories | CVE-2018-12609, CVE-2018-12610, CVE-2018-12611
MD5 | 048df77a1ab85eecdd23b8f1251c22b1
Roxy Fileman 1.4.5 File Upload / Directory Traversal
Posted Jan 7, 2019
Authored by Pongtorn Angsuchotmetee, Vittawat Masaree

Roxy Fileman version 1.4.5 suffers from remote file upload and directory traversal vulnerabilities.

tags | exploit, remote, vulnerability, file inclusion, file upload
advisories | CVE-2018-20525, CVE-2018-20526
MD5 | f18d3ae1fe4f8aea768cdfcb18391024
BMC Remedy / ITAM 7.1.00 / 9.1.02.003 Information Disclosure
Posted Jan 7, 2019
Authored by Filip Palian

BMC Remedy and ITAM versions 7.1.00 and 9.1.02.003 suffer from multiple information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
advisories | CVE-2018-18862
MD5 | 183faa5958c41b0ce055d4b97e568dff
phpMoAdmin 1.1.5 Cross Site Request Forgery / Cross Site Scripting
Posted Jan 7, 2019
Authored by Ozer Goker

phpMoAdmin version 1.1.5 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 946994c07239d91153a9ec3e2374c276
Webgalamb Information Disclosure / XSS / CSRF / SQL Injection
Posted Jan 7, 2019
Authored by Daniel Jones

Webgalamb suffers from remote code execution, cross site request forgery, cross site scripting, information leakage, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection, info disclosure, csrf
advisories | CVE-2018-19509, CVE-2018-19510, CVE-2018-19511, CVE-2018-19512, CVE-2018-19513, CVE-2018-19514, CVE-2018-19515
MD5 | 1c993ff1caf37847e75ec6a54088c49a
Red Hat Security Advisory 2019-0022-01
Posted Jan 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0022-01 - The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server kernel module providing layer-4 load balancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage a load balanced server pool according to the health of the servers. Keepalived also implements the Virtual Router Redundancy Protocol to achieve high availability with director failover. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-19115
MD5 | b861d262ff7dc8c96c64b2ee9162c62a
Apache CouchDB 2.3.0 Cross Site Request Forgery
Posted Jan 3, 2019
Authored by Ozer Goker

Apache CouchDB version 2.3.0 suffers from cross site request forgery vulnerabilities providing there's a loose CORs policy.

tags | exploit, vulnerability, csrf
MD5 | c626175b164c90db6a2e2ae652f9bb90
Family Connections 3.7.0 Cross Site Scripting
Posted Jan 3, 2019
Authored by Zekvan Arslan | Site netsparker.com

Family Connections version 3.7.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | eb6d4b8a3e4a4594302db693c589af2d
GeniXCMS 1.1.5 Cross Site Scripting
Posted Jan 3, 2019
Authored by Omar Kurt | Site netsparker.com

GeniXCMS version 1.1.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-14476
MD5 | 9a3f79dc69849f79a17982e53208381c
Microweber 1.0.8 Cross Site Scripting
Posted Jan 3, 2019
Authored by Omar Kurt | Site netsparker.com

Microweber version 1.0.8 suffers from reflected cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-19917
MD5 | 8516d791c475cfb20c24e6fafd5dec48
Zurmo 2.3.4 Cross Site Scripting
Posted Jan 2, 2019
Authored by Zekvan Arslan | Site netsparker.com

Zurmo version 2.3.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 614f99555cb0715c695878c3e9b1c5bb
ImpressCMS 1.3.10 Cross Site Scripting
Posted Jan 2, 2019
Authored by Omar Kurt | Site netsparker.com

ImpressCMS version 1.3.10 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-13983
MD5 | 691831e4c147faae8d4fadc9ee37e335
ForkCMS 5.0.6 Cross Site Scripting
Posted Jan 1, 2019
Authored by Omer Citak | Site netsparker.com

ForkCMS version 5.0.6 suffers from persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 98602a5387fea2a4942718a799f776f9
Gentoo Linux Security Advisory 201812-11
Posted Dec 31, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201812-11 - Multiple vulnerabilities have been found in Rust, the worst which may allow local attackers to execute arbitrary code. Versions less than 1.29.1 are affected.

tags | advisory, arbitrary, local, vulnerability
systems | linux, gentoo
advisories | CVE-2018-1000622, CVE-2018-1000810
MD5 | 8bd40344a33775e5023f354026bc9486
Bitsolution.ws ICT Consulting Firm 1.0 Bypass / SQL Injection
Posted Dec 31, 2018
Authored by KingSkrupellos

Bitsolution.ws ICT Consulting Firm version 1.0 suffers from bypass and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 656201d9584504f33368fed8d730f52d
Debian Security Advisory 4361-1
Posted Dec 29, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4361-1 - Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or memory disclosure if a malformed OLE file is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-20430, CVE-2018-20431
MD5 | b43be8237a136841f4750d9c2097b56b
Debian Security Advisory 4359-1
Posted Dec 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4359-1 - Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability, protocol
systems | linux, debian
advisories | CVE-2018-12086, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227, CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628
MD5 | d98736f909db3a6d8c9f16012f775c11
WebKit JSC JSArray::shiftCountWithArrayStorage Out-Of-Band Read / Write
Posted Dec 27, 2018
Authored by Google Security Research, lokihardt

WebKit JSC suffers from out-of-bounds read and write vulnerabilities in JSArray::shiftCountWithArrayStorage.

tags | exploit, vulnerability
advisories | CVE-2018-4441
MD5 | 75dbb70a739e6c66466398a40ffdab49
PrestaShop PM_AdvancedTopMenu 1.4.6.2 Database Disclosure / SQL Injection
Posted Dec 24, 2018
Authored by KingSkrupellos

PrestaShop PM_AdvancedTopMenu version 1.4.6.2 suffers from database disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
MD5 | 84b5bf3ed364b1b7a1b98025319b9469
Gentoo Linux Security Advisory 201812-09
Posted Dec 22, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201812-9 - Multiple vulnerabilities have been found in Go, the worst which could lead to the execution of arbitrary code. Versions less than 1.10.7 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-16873, CVE-2018-16874, CVE-2018-16875
MD5 | 399ebf3a21c402d1d7fd3777c8d29050
WordPress Firma Rehberi 4.9.9 Shell Upload / SQL Injection
Posted Dec 22, 2018
Authored by KingSkrupellos

WordPress Firma Rehberi theme version 4.9.9 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
MD5 | e71809bce3fc6606f39e6e94200149a8
GIGABYTE Driver Privilege Escalation
Posted Dec 21, 2018
Authored by Core Security Technologies, Diego Juarez | Site coresecurity.com

Multiple vulnerabilities were found in the GPCIDrv and GDrv drivers as bundled with several GIGABYTE and AORUS branded motherboard and graphics card utilities, which could allow a local attacker to elevate privileges. Affected versions include GIGABYTE APP Center 1.05.21 and below, AORUS GRAPHICS ENGINE 1.33 and below, XTREME GAMING ENGINE 1.25 and below, and OC GURU II 2.08.

tags | exploit, local, vulnerability
advisories | CVE-2018-19320, CVE-2018-19321, CVE-2018-19322, CVE-2018-19323
MD5 | 5cad18f5b078e0d55bd9a0c74f26e7cc
ASUS Driver Privilege Escalation
Posted Dec 21, 2018
Authored by Core Security Technologies, Diego Juarez | Site coresecurity.com

Multiple vulnerabilities were found in the GLCKIo and Asusgio drivers installed by ASUS Aura Sync, which could allow a local attacker to elevate privileges. ASUS Aura Sync versions 1.07.22 and below are affected.

tags | exploit, local, vulnerability
advisories | CVE-2018-18535, CVE-2018-18536, CVE-2018-18537
MD5 | bf9ed2614877e99c373ab955e1c3e901
LibTIFF 4.0.8 Memory Leak
Posted Dec 21, 2018
Authored by Jiawang Zhang

LibTIFF version 4.0.8 suffers from multiple memory leak vulnerabilities.

tags | advisory, vulnerability, memory leak, info disclosure
advisories | CVE-2017-16232
MD5 | 503f0927a50cb910585dab9890fa2f1b
Page 2 of 1,094
Back12345Next

File Archive:

January 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    15 Files
  • 2
    Jan 2nd
    15 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    1 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    24 Files
  • 8
    Jan 8th
    15 Files
  • 9
    Jan 9th
    16 Files
  • 10
    Jan 10th
    23 Files
  • 11
    Jan 11th
    17 Files
  • 12
    Jan 12th
    3 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    33 Files
  • 16
    Jan 16th
    23 Files
  • 17
    Jan 17th
    29 Files
  • 18
    Jan 18th
    15 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close