what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2016-05-27

Apache PDFBox 1.8.11 / 2.0.0 / XML Injection
Posted May 27, 2016
Authored by Mesut Timur, Arthur Khashaev, Seulgi Kim

Apache PDFBox versions 1.8.0 through 1.8.11 and 2.0.0 suffer from an XML external entity injection vulnerability.

tags | advisory, xxe
advisories | CVE-2016-2175
SHA-256 | f160d0f59531b7124fd63893410f4382449ef5be4212ce0538851d88587946e3
Faraday 1.0.20
Posted May 27, 2016
Authored by Francisco Amato

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Removed description from Hosts list in WEB UI. Fixed sort in Hosts list in WEB UI. Fixed ports sorting in Host view in WEB UI. Added search link for OS in Hosts list in WEB UI. Removed description from Services list in WEB UI. Added version to Services list in WEB UI. Modified false values in Hosts list in WEB UI. Added search links in Services list in WEB UI. Added scrollbar in Gtk Terminal. Various other updates and improvements.
tags | tool, rootkit
systems | unix
SHA-256 | 3f546d4bc5830e0c3e87f2da9304a10a3b6063f9b82860cf7bfb76bcf02be145
Citrix Netscaler 11.0 Build 64.35 Cross Site Scripting
Posted May 27, 2016
Authored by Dr. Daniel Schliebner

The login page of the Citrix Netscaler Gateway web front-end is vulnerable to a DOM-based cross site scripting (XSS) vulnerability due to improper sanitization of the content of the "NSC_TMAC" cookie.

tags | exploit, web, xss
advisories | CVE-2016-4945
SHA-256 | a907282e85cbd46ffd00df290cafdd51155648f582be3aa5b66d82cc3e3fbe7b
Apache Qpid Java Broker 6.0.2 Denial Of Service
Posted May 27, 2016
Authored by Alex Szczuczko

Apache Qpid Java Broker versions 6.0.0, 6.0.1, and 6.0.2 suffer from a denial of service vulnerability.

tags | advisory, java, denial of service
advisories | CVE-2016-3094
SHA-256 | 3d81afb1173f32654873524b4636e3c6b1d5deed18d076fcaffba968ee1a79fa
Apache Qpid Java Broker 6.0.2 Authentication Bypass
Posted May 27, 2016

Apache Qpid Java Broker versions 6.0.2 and below suffer from an authentication bypass vulnerability.

tags | advisory, java, bypass
advisories | CVE-2016-4432
SHA-256 | 594b68879b7de55bcdb5b81acc03145d655ca916b880773922cff137be76c5a5
Slackware Security Advisory - php Updates
Posted May 27, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2013-7456, CVE-2016-5093, CVE-2016-5094, CVE-2016-5096
SHA-256 | ce9b11d04e18e69566df0de64e339ecc901c77ba929b4ac2d1fac7bc8920bf46
Slackware Security Advisory - libxslt Updates
Posted May 27, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libxslt packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-7995
SHA-256 | 640e3e73be3ffe2c386f4c383d1ce10f3e47136935943c275815b90f8fcae037
Slackware Security Advisory - libxml2 Updates
Posted May 27, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libxml2 packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-4447, CVE-2016-4448, CVE-2016-4449
SHA-256 | 897ec1b06118a1abb82b30b33d29eec72b0476ee15fe9ac75c98b6bc949cd736
PHP Real Estate Script 4.9.0 SQL Injection
Posted May 27, 2016
Authored by Meisam Monsef

PHP Real Estate Script version 4.9.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | a3d0e8975de183eab61fd4e51fae11a0ffdb9ee0737e12c2b4f7dffaac28a836
Joomla Simple Calendar 0.7.6b SQL Injection
Posted May 27, 2016
Authored by indoushka

Joomla Simple Calendar component version 0.7.6b suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 909535d927b0a5f9ec70c23acbde120032291e1894baa58b23ed8900b178752e
Debian Security Advisory 3587-1
Posted May 27, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3587-1 - Several vulnerabilities were discovered in libgd2, a library for programmatic graphics creation and manipulation. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using the libgd2 library.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2013-7456, CVE-2015-8874, CVE-2015-8877
SHA-256 | f2f6c7f99cc86a7323da7dcfecc1fc94a9783d8e35c09aac160019baa2b5e88f
EMC Isilon OneFS SMB Man-In-The-Middle
Posted May 27, 2016
Site emc.com

EMC Isilon OneFS and EMC IsilonSD Edge include an implementation of the SMB protocol. This implementation is vulnerable to a man-in-the-middle attack that could compromise the affected systems. EMC IsilonSD Edge OneFS versions 8.0.x and EMC Isilon OneFS versions 8.0.x, 7.2.1.x, 7.2.0.x, 7.1.1.x, and 7.1.0.x are affected.

tags | advisory, protocol
advisories | CVE-2016-0907
SHA-256 | c0278601cfff1854895a73db496eef4ed12459478f59de882cd68c1c9b252e49
WordPress Ninja Forms Unauthenticated File Upload
Posted May 27, 2016
Authored by Rob Carr, James Golovich | Site metasploit.com

Versions 2.9.36 to 2.9.42 of the Ninja Forms plugin contain an unauthenticated file upload vulnerability, allowing guests to upload arbitrary PHP code that can be executed in the context of the web server.

tags | exploit, web, arbitrary, php, file upload
advisories | CVE-2016-1209
SHA-256 | cc15398ab11d0e8cb5fd8ef9052046e7b29bea4c4d0c3133e418bc99ac79897b
Apache Tika 1.12 XXE Injection
Posted May 27, 2016
Authored by Mesut Timur, Arthur Khashaev, Seulgi Kim

Apache Tika versions 0.10 through 1.12 suffer from an XXE injection vulnerability.

tags | advisory, xxe
advisories | CVE-2016-4434
SHA-256 | f33971406fb04b391007116a0482ffc39feb7e43a3c815760b26a24fb10693d3
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close