exploit the possibilities
Showing 76 - 100 of 8,764 RSS Feed

Web Files

Red Hat Security Advisory 2021-2561-01
Posted Jun 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2561-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, java, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2021-25122, CVE-2021-25329
MD5 | 6cd2c7e1481129c67f6211b4cf9f46c4
Red Hat Security Advisory 2021-2562-01
Posted Jun 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2562-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, java, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2021-25122, CVE-2021-25329
MD5 | 34cc49fbb9619aa8e9c5a69c9b5bb5ac
node-serialize Remote Code Execution Web Shell
Posted Jun 18, 2021
Authored by Beren Kuday Gorun

Whitepaper called 'node-serialize' Remote Code Execution - Web Shell. Written in Turkish.

tags | paper, remote, web, shell, code execution
MD5 | 21b885a5861ff0b5f4ad35cd93e75af3
Red Hat Security Advisory 2021-2472-01
Posted Jun 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2472-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 7 and includes bug fixes and enhancements. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2020-8169, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22901, CVE-2021-31618
MD5 | c308d1b35aaee932e278bfd46fa969df
Red Hat Security Advisory 2021-2471-01
Posted Jun 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2471-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 7 and includes bug fixes and enhancements. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2020-8169, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22901, CVE-2021-31618
MD5 | 99808e8e4b3b8e79dea816b2780f6fd5
Penetration Testing Web Storage (User Experience)
Posted Jun 17, 2021
Authored by Abdulrahman Abdullah

Whitepaper called Penetration Testing Web Storage (User Experience). Written in Arabic.

tags | paper, web
MD5 | 4ec008539bf16dd7ff6ee0dfc84348f4
IPFire 2.25 Remote Code Execution
Posted Jun 15, 2021
Authored by Grant Willcox, Mucahit Saratar | Site metasploit.com

This Metasploit module exploits an authenticated command injection vulnerability in the /cgi-bin/pakfire.cgi web page of IPFire devices running versions 2.25 Core Update 156 and prior to execute arbitrary code as the root user.

tags | exploit, web, arbitrary, cgi, root
advisories | CVE-2021-33393
MD5 | 69d36ee1b60ffec6d31a6ebc94e2dc1e
SAP Hybris eCommerce Server-Side Request Forgery
Posted Jun 15, 2021
Authored by Gaston Traberg | Site onapsis.com

An unauthenticated server-side request forgery vulnerability exists in SAP Hybris acceleratorservices. This means that anyone accessing this extension is able to use it to make arbitrary HTTP requests, bypassing network restrictions. Versions affected include 1808, 1811, 1905, and 2005.

tags | advisory, web, arbitrary
advisories | CVE-2020-26811
MD5 | 69fa7d47d7943e9c390416ebee975337
Sami HTTP Server 2.0 Denial Of Service
Posted Jun 15, 2021
Authored by Fernando Mengali

Sami HTTP server version 2.0 suffers from a denial of service vulnerability.

tags | exploit, web, denial of service
MD5 | e4f77f7a968cac9e6f41e703a5a09a17
Cerberus FTP Web Service 11 Cross Site Scripting
Posted Jun 11, 2021
Authored by Mohammad Hossein Kaviyany

Cerberus FTP Web Service version 11 suffers from a persistent cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | 61f6e591d6e2aff86feea989a63f76e2
NSClient++ 0.5.2.35 Remote Code Execution
Posted Jun 10, 2021
Authored by kindredsec, Yann Castel | Site metasploit.com

This Metasploit module allows an attacker with knowledge of the admin password of NSClient++ to start a privileged shell. For this module to work, both web interface of NSClient++ and ExternalScripts feature should be enabled.

tags | exploit, web, shell
MD5 | ee03ba18004e1e17f2300e870c462d89
Red Hat Security Advisory 2021-2364-01
Posted Jun 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2364-01 - The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format. Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-25011, CVE-2020-36328, CVE-2020-36329
MD5 | 35165990f9f4577813e7206cad3a7bbe
Red Hat Security Advisory 2021-2365-01
Posted Jun 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2365-01 - The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format. Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-25011, CVE-2020-36328, CVE-2020-36329
MD5 | 8e349d249173666d30404c33a8b30059
Red Hat Security Advisory 2021-2354-01
Posted Jun 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2354-01 - The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format. Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-25011, CVE-2020-36328, CVE-2020-36329
MD5 | 8e68fd051f932578d59e80694e21ad5f
SQLMAP - Automatic SQL Injection Tool 1.5.6
Posted Jun 8, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 5d549a9d48f57591c03e5e02ad82cd9f
Red Hat Security Advisory 2021-2290-01
Posted Jun 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2290-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2021-23017
MD5 | 26016b477f5da28d5da72cb174382244
Red Hat Security Advisory 2021-2278-01
Posted Jun 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2278-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2021-23017
MD5 | 2c2f10d284d4920cd331e487e4186596
Red Hat Security Advisory 2021-2260-01
Posted Jun 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2260-01 - The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format. Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-25011, CVE-2020-36328, CVE-2020-36329
MD5 | c8afdc0122779702fef6a4818c1346fc
Red Hat Security Advisory 2021-2259-01
Posted Jun 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2259-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2021-23017
MD5 | c022d6a685c4da17a916f5ea74df4c4f
Red Hat Security Advisory 2021-2258-01
Posted Jun 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2258-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2021-23017
MD5 | 5f82b38331d93b1a18c80aa73a2c54f0
SuiteCRM Log File Remote Code Execution
Posted Jun 4, 2021
Authored by M. Cory Billington | Site metasploit.com

This Metasploit module exploits an input validation error on the log file extension parameter. It does not properly validate upper/lower case characters. Once this occurs, the application log file will be treated as a php file. The log file can then be populated with php code by changing the username of a valid user, as this info is logged. The php code in the file can then be executed by sending an HTTP request to the log file. A similar issue was reported by the same researcher where a blank file extension could be supplied and the extension could be provided in the file name. This exploit will work on those versions as well, and those references are included.

tags | exploit, web, php
advisories | CVE-2020-28328
MD5 | d7acd34cfa8d5f47a3eb69700fe86af1
Red Hat Security Advisory 2021-2229-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2229-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2020-25613, CVE-2021-28965
MD5 | cea33ad0e2b62557766732321333596d
Red Hat Security Advisory 2021-2230-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2230-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, information leakage, and insecure permissions vulnerabilities.

tags | advisory, web, denial of service, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2019-15845, CVE-2019-16201, CVE-2019-16254, CVE-2019-16255, CVE-2019-3881, CVE-2020-10663, CVE-2020-10933, CVE-2020-25613, CVE-2021-28965
MD5 | e3874da2921faf9eb845a84c5bf2d476
Red Hat Security Advisory 2021-2233-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2233-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.11.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-29967
MD5 | 866197a91446ad6261986ed4478850e6
Red Hat Security Advisory 2021-2214-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2214-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.11.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-29967
MD5 | 80f50636a41191b52ed6664cda134dce
Page 4 of 351
Back23456Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close