sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
1a3875f12c086f1c3924014c72cdc928Ox App Suite versions 7.8.4 and 7.8.3 suffer from cross site scripting, cross site request forgery, and information disclosure vulnerabilities.
048df77a1ab85eecdd23b8f1251c22b1Roxy Fileman version 1.4.5 suffers from remote file upload and directory traversal vulnerabilities.
f18d3ae1fe4f8aea768cdfcb18391024BMC Remedy and ITAM versions 7.1.00 and 9.1.02.003 suffer from multiple information disclosure vulnerabilities.
183faa5958c41b0ce055d4b97e568dffphpMoAdmin version 1.1.5 suffers from cross site request forgery and cross site scripting vulnerabilities.
946994c07239d91153a9ec3e2374c276Webgalamb suffers from remote code execution, cross site request forgery, cross site scripting, information leakage, and remote SQL injection vulnerabilities.
1c993ff1caf37847e75ec6a54088c49aRed Hat Security Advisory 2019-0022-01 - The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server kernel module providing layer-4 load balancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage a load balanced server pool according to the health of the servers. Keepalived also implements the Virtual Router Redundancy Protocol to achieve high availability with director failover. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
b861d262ff7dc8c96c64b2ee9162c62aApache CouchDB version 2.3.0 suffers from cross site request forgery vulnerabilities providing there's a loose CORs policy.
c626175b164c90db6a2e2ae652f9bb90Family Connections version 3.7.0 suffers from multiple cross site scripting vulnerabilities.
eb6d4b8a3e4a4594302db693c589af2dGeniXCMS version 1.1.5 suffers from multiple cross site scripting vulnerabilities.
9a3f79dc69849f79a17982e53208381cMicroweber version 1.0.8 suffers from reflected cross site scripting vulnerabilities.
8516d791c475cfb20c24e6fafd5dec48Zurmo version 2.3.4 suffers from multiple cross site scripting vulnerabilities.
614f99555cb0715c695878c3e9b1c5bbImpressCMS version 1.3.10 suffers from multiple cross site scripting vulnerabilities.
691831e4c147faae8d4fadc9ee37e335ForkCMS version 5.0.6 suffers from persistent cross site scripting vulnerabilities.
98602a5387fea2a4942718a799f776f9Gentoo Linux Security Advisory 201812-11 - Multiple vulnerabilities have been found in Rust, the worst which may allow local attackers to execute arbitrary code. Versions less than 1.29.1 are affected.
8bd40344a33775e5023f354026bc9486Bitsolution.ws ICT Consulting Firm version 1.0 suffers from bypass and remote SQL injection vulnerabilities.
656201d9584504f33368fed8d730f52dDebian Linux Security Advisory 4361-1 - Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or memory disclosure if a malformed OLE file is processed.
b43be8237a136841f4750d9c2097b56bDebian Linux Security Advisory 4359-1 - Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code.
d98736f909db3a6d8c9f16012f775c11WebKit JSC suffers from out-of-bounds read and write vulnerabilities in JSArray::shiftCountWithArrayStorage.
75dbb70a739e6c66466398a40ffdab49PrestaShop PM_AdvancedTopMenu version 1.4.6.2 suffers from database disclosure and remote SQL injection vulnerabilities.
84b5bf3ed364b1b7a1b98025319b9469Gentoo Linux Security Advisory 201812-9 - Multiple vulnerabilities have been found in Go, the worst which could lead to the execution of arbitrary code. Versions less than 1.10.7 are affected.
399ebf3a21c402d1d7fd3777c8d29050WordPress Firma Rehberi theme version 4.9.9 suffers from remote shell upload and remote SQL injection vulnerabilities.
e71809bce3fc6606f39e6e94200149a8Multiple vulnerabilities were found in the GPCIDrv and GDrv drivers as bundled with several GIGABYTE and AORUS branded motherboard and graphics card utilities, which could allow a local attacker to elevate privileges. Affected versions include GIGABYTE APP Center 1.05.21 and below, AORUS GRAPHICS ENGINE 1.33 and below, XTREME GAMING ENGINE 1.25 and below, and OC GURU II 2.08.
5cad18f5b078e0d55bd9a0c74f26e7ccMultiple vulnerabilities were found in the GLCKIo and Asusgio drivers installed by ASUS Aura Sync, which could allow a local attacker to elevate privileges. ASUS Aura Sync versions 1.07.22 and below are affected.
bf9ed2614877e99c373ab955e1c3e901LibTIFF version 4.0.8 suffers from multiple memory leak vulnerabilities.
503f0927a50cb910585dab9890fa2f1b
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed