what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-12-02

SALTO ProAccess SPACE 5.5 Traversal / File Write / XSS / Bypass
Posted Dec 2, 2019
Authored by W. Schober | Site sec-consult.com

SALTO ProAccess SPACE versions 5.5 and below suffer from path traversal, arbitrary file write, persistent cross site scripting, privilege escalation, and clear text transmission of sensitive data vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss
advisories | CVE-2019-19457, CVE-2019-19458, CVE-2019-19459, CVE-2019-19460
SHA-256 | 5ed47986bbc0d66aaf57c91633e6ec7ae2e1882ae76361c2429b36bdf3d0fc38
Packet Storm New Exploits For November, 2019
Posted Dec 2, 2019
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 180 exploits added to Packet Storm in November, 2019.

tags | exploit
SHA-256 | 748d5fe134eca74ab21a6089ed971c4aa53159defadc9f9e96cc82609687a397
I2P 0.9.44
Posted Dec 2, 2019
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various bug fixes.
tags | tool
systems | unix
SHA-256 | 9f03a636e2dc7e25455fb75869b3a8313fd177d231e056b0556159efec4d6d9d
Ajenti 2.1.31 Command Injection
Posted Dec 2, 2019
Authored by Jeremy Brown, Onur ER | Site metasploit.com

This Metasploit module exploits a command injection in Ajenti version 2.1.31. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned.

tags | exploit, shell
SHA-256 | 19a60244a9981506c6ee38b26a274f9f9a7867cb46ae450c4e77577fc35a1e1f
SQLMAP - Automatic SQL Injection Tool 1.3.12
Posted Dec 2, 2019
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | f98b82f9ea9af1291707bd392bc977320941af79b79e34a5e49e694712024570
Red Hat Security Advisory 2019-4045-01
Posted Dec 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4045-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-14837, CVE-2019-14838, CVE-2019-14843, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
SHA-256 | b85c5a751f1f148345dcf9319176b861f5a99ccd5227ff88cb78b04087853f8c
Red Hat Security Advisory 2019-4042-01
Posted Dec 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4042-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-14837, CVE-2019-14838, CVE-2019-14843, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
SHA-256 | 44b8d041159a0e07365b20613e296b9efdd97b2e2b312cd8237b211ef1a7a17d
Red Hat Security Advisory 2019-4041-01
Posted Dec 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4041-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-14837, CVE-2019-14838, CVE-2019-14843, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
SHA-256 | 40183cb02b19c1f8330fda216c8441bd9d23116f63fa895df53be751b75c29e4
Red Hat Security Advisory 2019-4040-01
Posted Dec 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4040-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-14837, CVE-2019-14838, CVE-2019-14843, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
SHA-256 | 3bff7573638f75c90fb4eb8dd0d784623a21760f032a4fe2ebd8e7077a378f8b
Red Hat Security Advisory 2019-4037-01
Posted Dec 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4037-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.2 serves as a replacement for Red Hat Data Grid 7.3.1 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-11307, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2019-10158
SHA-256 | ce5063bf6be7167b85f5a8239239b32a7d74c613a7d9c267b9bdd64794ace7c2
Red Hat Security Advisory 2019-4024-01
Posted Dec 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4024-01 - Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14906
SHA-256 | 87c9dcbfa7b1d9428d6f6506d816bea2b3516ce7d45a3cf9cfe3aed60cad70d3
Microsoft Visual Studio 2008 Express IDE XML Injection
Posted Dec 2, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Visual Studio 2008 Express IDE suffers from an XML external entity injection vulnerability.

tags | exploit
SHA-256 | 2b347e3e3aa8c05872e5d91abda3e6e4738812564cc798a749efdc8982d35ec9
Dokuwiki 2018-04-22b Username Enumeration
Posted Dec 2, 2019
Authored by Talha Sen

Dokuwiki version 2018-04-22b suffers from a username enumeration vulnerability.

tags | exploit
SHA-256 | 5dda147aaf438ae37992e0e76ba633998f24f775dfa6f8cf98bfd12786a457df
Anviz CrossChex 4.3.12 Local Buffer Overflow
Posted Dec 2, 2019
Authored by Pedro Rodrigues, Luis Catarino

Anviz CrossChex version 4.3.12 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | a890bfbbd7791711a842da62f662a5d6496badb3f38f09cb5325d13f798f1184
NSAuditor 3.1.8.0 Key Denial Of Service
Posted Dec 2, 2019
Authored by sajjadbnd

NSAuditor version 3.1.8.0 suffers from a Key denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | a01e659cfcb1851225598fb4d6d0004bf1d0492f5357985ae9af48d6fe3910a4
NSAuditor 3.1.8.0 Name Denial Of Service
Posted Dec 2, 2019
Authored by sajjadbnd

NSAuditor version 3.1.8.0 suffers from a Name denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 59b2edd5097367ea18579ba8c3dfcf7b0bd19fdc2686baeeaab8535995faab55
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close