exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2018-08-06

cgit cgit_clone_objects() Directory Traversal
Posted Aug 6, 2018
Authored by Jann Horn, Google Security Research

cgit suffers from a directory traversal vulnerability in cgit_clone_objects().

tags | exploit
advisories | CVE-2018-14912
SHA-256 | 37831299c41cbf8b4276c28e94d3615148e9fe86404363c2b69eae6eba250c7c
Ubuntu Security Notice USN-3731-1
Posted Aug 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3731-1 - It was discovered that LFTP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-10196
SHA-256 | 24f7d77db4111d22f1a7b40cc49cfba90871eb9bcfae80999dc5fb738b2e2c7d
OCS Inventory NG Webconsole Shell Upload
Posted Aug 6, 2018
Authored by Simon Uvarov

OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.

tags | exploit, php, file upload
advisories | CVE-2018-14857
SHA-256 | 2f71b923fd12139847ac2ff8144d07a7250e7131bad2b3d7db85ba17ff41bf94
Open-AudIT Community 2.2.6 Cross Site Scripting
Posted Aug 6, 2018
Authored by Ranjeet Jaiswal

Open-AudIT Community version 2.2.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-14493
SHA-256 | da3bf7bef2852d4e737ba63cc33ce00378a52e76356eefbf2cbcf87512c34227
Dell EMC Data Protection Advisor XML Injection
Posted Aug 6, 2018
Site emc.com

Dell EMC Data Protection Advisor, versions 6.4 through 6.5, contains a XML External Entity (XXE) Injection vulnerability in the REST API. An authenticated remote malicious user could potentially exploit this vulnerability to read certain system files in the server or cause denial of service by supplying specially crafted Document Type Definitions (DTDs) in an XML request.

tags | advisory, remote, denial of service
advisories | CVE-2018-11048
SHA-256 | 7262794bbeb917e7e2c99abb41baa2f271a39f4c1762b712654d0947ea15b677
Ubuntu Security Notice USN-3730-1
Posted Aug 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3730-1 - Matthias Gerstner discovered that LXC incorrectly handled the lxc-user-nic utility. A local attacker could possibly use this issue to open arbitrary files.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2018-6556
SHA-256 | 20b451992a911148667d7967308162587130dc75ed9ecbf9dd9cb11668d1038b
Ubuntu Security Notice USN-3729-1
Posted Aug 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3729-1 - It was discovered that libxcursor incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-9262
SHA-256 | 986839c6683740b7ccde40cb3062bb92868dacca05a4fd8565e0493b102faf72
Debian Security Advisory 4262-1
Posted Aug 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4262-1 - Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to open redirects, cross-site request forgery, information disclosure, session fixation or denial of service.

tags | advisory, denial of service, php, vulnerability, info disclosure, csrf
systems | linux, debian
advisories | CVE-2016-2403, CVE-2017-1665, CVE-2017-16653, CVE-2017-16654, CVE-2017-16790, CVE-2018-11385, CVE-2018-11386, CVE-2018-11406
SHA-256 | 2f604d49a2ad57ea254ad69536e651ce2f33d102ce98567981b98321ecc0a5f1
Debian Security Advisory 4265-1
Posted Aug 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4265-1 - It was discovered that the Apache XML Security for C++ library performed insufficient validation of KeyInfo hints, which could result in denial of service via NULL pointer dereferences when processing malformed XML data.

tags | advisory, denial of service
systems | linux, debian
SHA-256 | dbb2a2a995ed1855235811a955c6fa11845c29765ce3a36561ef8d40c22d47eb
CA API Developer Portal Cross Site Scripting
Posted Aug 6, 2018
Authored by Kevin Kotas, Joe Schottman | Site www3.ca.com

CA Technologies Support is alerting customers to a potential risk with CA API Developer Portal. A medium risk vulnerability exists that can allow a remote attacker to conduct reflected cross-site scripting attacks. CA published solutions to address the vulnerability. The vulnerability occurs due to insufficient parameter filtering in the web user interface, which can allow a remote attacker to launch reflected cross-site scripting attacks.

tags | advisory, remote, web, xss
advisories | CVE-2018-6590
SHA-256 | 386c272271ed091041f86901b4ba0bfa774336602c3837ec4f71eafb764baa48
Monstra-Dev 3.0.4 Cross Site Scripting
Posted Aug 6, 2018
Authored by Nainsi Gupta

Monstra-Dev version 3.0.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-14922
SHA-256 | 83d4e2fee79b8990dc5328c8bbb80e1b7b70a7629cbc73c058d35df9b8ac219d
LAMS Cross Site Scripting
Posted Aug 6, 2018
Authored by Nikola Kojic

LAMS versions prior to 3.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-12090
SHA-256 | a31a6bb96a4a36442255ec0624f9efe7e3e2df9abc927c97ece1225c2bf89247
Microsoft Windows SCF File Feature Bypass
Posted Aug 6, 2018
Authored by Eduardo Braun Prado

Microsoft Windows suffers from an SCF open file security warning feature bypass vulnerability.

tags | exploit, bypass
systems | windows
SHA-256 | 958717cd8872e33b9b2a3c4b625a8d892418f613f8faacd62f3dfc64af556111
onArcade 2.4.2 Cross Site Request Forgery
Posted Aug 6, 2018
Authored by r3m0t3nu11

onArcade version 2.4.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 54626ca3c318d64213981a9d8cc93fe8af457f70f998f7ee04637a2f570bfd1a
SMPlayer 18.6.0 DLL Hijacking
Posted Aug 6, 2018
Authored by ZwX

SMPlayer version 18.6.0 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 1ba3d2d6a8690986ae9955caca1828fe61f254de9080bcf10011814985e06f07
CMS ISWEB 3.5.3 Directory Traversal
Posted Aug 6, 2018
Authored by Thiago Sena

CMS ISWEB version 3.5.3 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2018-14957
SHA-256 | 8aa0ff13b51f6c607e0125e9f50cdd3b15376a9f0b867622c365ab666d22c459
Rufus 3.0 / 3.1 Privilege Escalation
Posted Aug 6, 2018
Authored by Stefan Kanthak

Rufus versions 3.0 and 3.1 suffers from dll hijacking vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 902541262838af7644c131737527c42bf33c37e8fdf9cfe5b3446450ac936b8c
Sidify Music Converter 1.2.9 DLL Hijacking
Posted Aug 6, 2018
Authored by ZwX

Sidify Music Converter version 1.2.9 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 89f9aaf2ad37dfa64b29919b38de0afdbcc06b47d895cd46fa4b383ab74367a8
Subrion CMS 4.2.1 Cross Site Scripting
Posted Aug 6, 2018
Authored by Zeel Chavda

Subrion CMS version 4.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-14840
SHA-256 | 2cdd1c5f3a0b1d7a90e6057be4d2227ff304ebed6dcbf007eb8e5b1d7cd98b5b
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close