exploit the possibilities
Showing 51 - 75 of 8,162 RSS Feed

Web Files

Red Hat Security Advisory 2020-0111-01
Posted Jan 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0111-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.4.1 ESR. Issues addressed include a bypass vulnerability.

tags | advisory, web, bypass
systems | linux, redhat
advisories | CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 36adb5f774a4e684239d2466916380dd
Barco WePresent file_transfer.cgi Command Injection
Posted Jan 14, 2020
Authored by Jacob Baines | Site metasploit.com

This Metasploit module exploits an unauthenticated remote command injection vulnerability found in Barco WePresent and related OEM'ed products. The vulnerability is triggered via an HTTP POST request to the file_transfer.cgi endpoint.

tags | exploit, remote, web, cgi
advisories | CVE-2019-3929
MD5 | 9bf16d3b24df38008118d2a86f469b2e
Red Hat Security Advisory 2020-0085-01
Posted Jan 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0085-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.4.1 ESR. Issues addressed include a bypass vulnerability.

tags | advisory, web, bypass
systems | linux, redhat
advisories | CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 27d1f7894855bbe772cc12a4aca4b134
Red Hat Security Advisory 2020-0086-01
Posted Jan 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0086-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.4.1 ESR. Issues addressed include a bypass vulnerability.

tags | advisory, web, bypass
systems | linux, redhat
advisories | CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 4037d1911aa9507b6c6224fdbdce9776
Ubuntu Security Notice USN-4235-1
Posted Jan 13, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4235-1 - Bert JW Regeer and Francisco Oca Gonzalez discovered that nginx incorrectly handled certain error_page configurations. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks and access resources contrary to expectations.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2019-20372
MD5 | c85cca82ee0dd4f5217de8cc90b4a010
Red Hat Security Advisory 2020-0084-01
Posted Jan 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0084-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 79.0.3945.117. A use-after-free vulnerability was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-6377
MD5 | ef00de891f14bcadc1cb2100710b1e4d
Debian Security Advisory 4600-1
Posted Jan 9, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4600-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, data exfiltration or cross-site scripting.

tags | advisory, web, arbitrary, xss
systems | linux, debian
advisories | CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 5c389eae58b71f0e5752b71079631732
Debian Security Advisory 4598-1
Posted Jan 8, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4598-1 - Simon Charette reported that the password reset functionality in Django, a high-level Python web development framework, uses a Unicode case-insensitive query to retrieve accounts matching the email address requesting the password reset. An attacker can take advantage of this flaw to potentially retrieve password reset tokens and hijack accounts.

tags | advisory, web, python
systems | linux, debian
advisories | CVE-2019-19844
MD5 | c6581f7a746d8444fc15505cf63908ce
Debian Security Advisory 4599-1
Posted Jan 8, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4599-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks, create open redirects, poison cache, and bypass authorization access and input sanitation.

tags | advisory, remote, web, vulnerability, csrf
systems | linux, debian
advisories | CVE-2019-16217, CVE-2019-16218, CVE-2019-16219, CVE-2019-16220, CVE-2019-16221, CVE-2019-16222, CVE-2019-16223, CVE-2019-16780, CVE-2019-16781, CVE-2019-17669, CVE-2019-17671, CVE-2019-17672, CVE-2019-17673, CVE-2019-17674, CVE-2019-17675, CVE-2019-20041, CVE-2019-20042, CVE-2019-20043
MD5 | 4cfa3cf73bd5ad4d9281921b1a5f55a1
Debian Security Advisory 4597-1
Posted Jan 6, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4597-1 - It was reported that Netty, a Java NIO client/server framework, is prone to a HTTP request smuggling vulnerability due to mishandling whitespace before the colon in HTTP headers.

tags | advisory, java, web
systems | linux, debian
advisories | CVE-2019-16869
MD5 | f0f479f5c550a02c1106263b7c463eee
Adaware Web Companion 4.9.2159 WCAssistantService Unquoted Service Path
Posted Jan 5, 2020
Authored by ZwX

Adaware Web Companion version 4.9.2159 suffers from a WCAssistantService unquoted service path vulnerability.

tags | exploit, web
MD5 | 99f266127d433f435cf6f7c6e805b77f
Karakuzu ERP Management Web 5.7.0 SQL Injection
Posted Jan 3, 2020
Authored by Hakan Taskopru

Karakuzu ERP Management Web version 5.7.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | a8fa1ad24436b2f3a5c05a2b660a030b
Red Hat Security Advisory 2020-0005-01
Posted Jan 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0005-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 79.0.3945.88 and addresses a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-13767
MD5 | 2d5c328bc8a4cbeaec39780236b20c63
SQLMAP - Automatic SQL Injection Tool 1.4
Posted Jan 1, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: This is the first offering in the 1.4 release.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 4e346f6f7a6d4c3c9bc9de36413c7fc5
RICOH Web Image Monitor 1.09 HTML Injection
Posted Dec 26, 2019
Authored by Ismail Tasdelen

RICOH Web Image Monitor version 1.09 suffers from an html injection vulnerability.

tags | exploit, web
MD5 | 5e18cb775b04704a5782215fc6330fa8
GRR 3.4.0.1
Posted Dec 18, 2019
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: GRR server debian package now has to be installed on Ubuntu 18. UpdateClient flow fixed for Ubuntu clients. A number of bugfixes and minor enhancements for YARA memory scanning.
tags | tool, remote, web, forensics
systems | unix
MD5 | 7df8bc2c0ab8d2e194c383c9d4df7169
Rumpus FTP Web File Manager 8.2.9.1 Cross Site Scripting
Posted Dec 18, 2019
Authored by Sudeepto Roy, Harshit Shukla

Rumpus FTP Web File Manager version 8.2.9.1 suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
advisories | CVE-2019-19368
MD5 | e8cd7b0d4d80042cf785c07043e43423
Control Web Panel 0.9.8.864 phpMyAdmin Password Disclosure
Posted Dec 16, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

Control Web Panel versions 0.9.8.856 through 0.9.8.864 suffer from a phpMyAdmin password disclosure vulnerability.

tags | exploit, web, info disclosure
advisories | CVE-2019-14782, CVE-2019-15235
MD5 | 350c05e4dacfce98d3811879f2066056
Red Hat Security Advisory 2019-4238-01
Posted Dec 16, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4238-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 79.0.3945.79. Issues addressed include buffer overflow and out of bounds write vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-13725, CVE-2019-13726, CVE-2019-13727, CVE-2019-13728, CVE-2019-13729, CVE-2019-13730, CVE-2019-13732, CVE-2019-13734, CVE-2019-13735, CVE-2019-13736, CVE-2019-13737, CVE-2019-13738, CVE-2019-13739, CVE-2019-13740, CVE-2019-13741, CVE-2019-13742, CVE-2019-13743, CVE-2019-13744, CVE-2019-13745, CVE-2019-13746, CVE-2019-13747, CVE-2019-13748, CVE-2019-13749, CVE-2019-13750, CVE-2019-13751, CVE-2019-13752
MD5 | 20980c96db48008e7dd521ea466566da
Red Hat Security Advisory 2019-4201-01
Posted Dec 13, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4201-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, ruby
systems | linux, redhat
advisories | CVE-2019-16892
MD5 | 08e20393122a6da4e8925ddc027a47b1
Red Hat Security Advisory 2019-4126-01
Posted Dec 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4126-01 - The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-17189, CVE-2018-17199, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10097
MD5 | 602096697b45c7d0c9c93c83cbe8fa44
Debian Security Advisory 4580-1
Posted Dec 9, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4580-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012
MD5 | 5176500062acdb776a9d23f488f2b8a8
PRO-7070 Hazir Profesyonel Web Sitesi 1.0 SQL Injection
Posted Dec 9, 2019
Authored by Ahmet Umit Bayram

PRO-7070 Hazir Profesyonel Web Sitesi version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, web, sql injection
MD5 | 791eab6baad5a9a9903848ffb987623d
Red Hat Security Advisory 2019-4111-01
Posted Dec 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4111-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.3.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012
MD5 | fbce1768ad1633dc0cf0179ec0309414
Red Hat Security Advisory 2019-4107-01
Posted Dec 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4107-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.3.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012
MD5 | 6bff7ac71ae7e89a366b71e05135ca0a
Page 3 of 327
Back12345Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close