what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-02-20

Micro Focus Filr 3.4.0.217 Path Traversal / Privilege Escalation
Posted Feb 20, 2019
Authored by Leandro Cuozzo, Matias Choren | Site secureauth.com

Micro Focus Filr version 3.4.0.217 suffers from privilege escalation and path traversal vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-3474, CVE-2019-3475
SHA-256 | 0e3741960613c004524b690b1b35f4d2ebeb5d3c6b149260b3ac38f16eeb3731
Exploitation Framework For STMicroelectronics DVB Chipsets
Posted Feb 20, 2019
Authored by Adam Gowdiak | Site security-explorations.com

A multitude of security issues exist within STMicroelectronics DVB chipsets including, but not limited to credential leakage, buffer overflow, and data leaks. This is the full release of both the whitepaper and dozens of proof of concept details.

tags | exploit, overflow, proof of concept
SHA-256 | d213971899e2afa9864a8613af2fd95bc020cf4d68541d24a96d77ad4ad8264c
Teracue ENC-400 Command Injection / Missing Authentication
Posted Feb 20, 2019
Authored by Stephen Shkardoon

Teracue ENC-400 suffers from hard-coded credential, missing authentication, and command injection vulnerabilities.

tags | exploit, vulnerability, bypass
advisories | CVE-2018-20219, CVE-2018-20220
SHA-256 | 86b6179ce97f3abb7bdb587da6b1829dbc68fca0ee8bd26bbc694d7d49d2eff2
VertrigoServ 2.17 Cross Site Scripting
Posted Feb 20, 2019
Authored by Rafael Pedrero

VertrigoServ version 2.17 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-8938
SHA-256 | fc6f8c9a0cd29c70aacb74b280bb7d4e1e9db89ad27ed73df5865fab89fb5f5e
Advanced Comment System 1.0 Cross Site Scripting
Posted Feb 20, 2019
Authored by Rafael Pedrero

Advanced Comment System version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18845
SHA-256 | 00adb605e87c4cb31ea92bb93bf6b8026284eb482a25aa0ef2793355a35d008e
Kanboard 1.2.7 Code Execution / Cross Site Request Forgery
Posted Feb 20, 2019
Authored by Will Boucher | Site pulsesecurity.co.nz

Kanboard version 1.2.7 contains multiple vulnerabilities. The vulnerabilities include CSV account import cross site request forgery which allows an unauthenticated attacker to create a new administrative user. Cross site request forgery 2FA deactivation, allowing an unauthenticated attacker to disable an account's 2FA configuration. A lack of integrity checking or transport layer encryption enforced on plugins enables remote code execution by a malicious admin. Other vulnerabilities include: session privilege retention, 2FA bypass, database user_id and pre-2FA information disclosure.

tags | exploit, remote, vulnerability, code execution, info disclosure, csrf
SHA-256 | abec0c69d625c6f84d75bb7606972bbe89646828118f7338be373095d831fa2e
Nuuo Central Management Server 2.4 Authenticated Arbitrary File Upload
Posted Feb 20, 2019
Authored by Pedro Ribeiro | Site metasploit.com

The COMMITCONFIG verb is used by a CMS client to upload and modify the configuration of the CMS Server. The vulnerability is in the FileName parameter, which accepts directory traversal (..\\..\\) characters. Therefore, this function can be abused to overwrite any files in the installation drive of CMS Server. This vulnerability is exploitable in CMS versions up to and including 2.4.

tags | exploit
advisories | CVE-2018-17936
SHA-256 | 6d033ef3029641056b2c16198f8f5b9e4b8492af096081aed986b20a206dd234
HotelDruid 2.3 Cross Site Scripting
Posted Feb 20, 2019
Authored by Mehmet Emiroglu

HotelDruid version 2.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-8937
SHA-256 | b8b4d0033d177aa9bf8b3150356f740ab1f09145a7f00bc8aecfbdcff02f3a62
Apple macOS 10.13.5 Local Privilege Escalation
Posted Feb 20, 2019
Authored by Synacktiv

Apple macOS version 10.13.5 local privilege escalation exploit.

tags | exploit, local
systems | apple
advisories | CVE-2018-4193
SHA-256 | 941daba740ea0ba40899aea1ada256ba3b7160f9a918deb5f31281c172879522
Tech News 4.3.4 Cross Site Scripting
Posted Feb 20, 2019
Authored by Mr Winst0n

Tech News version 4.3.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 73c7118880a31dac8870aa5772ebdb199159ff7d4031d09ea1acf5649307108c
Ubuntu Security Notice USN-3892-1
Posted Feb 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3892-1 - Burghard Britzke discovered that GDM incorrectly handled certain configurations. An attacker could possibly use this issue to get unauthorized access to a different user.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-3825
SHA-256 | 5cbde4b75000a4c185fe9c87414fb3810aba4a7733e35005a88e58de4295fb5f
Debian Security Advisory 4396-1
Posted Feb 20, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4396-1 - Several vulnerabilities have been found in Ansible, a configuration management, deployment, and task execution system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2018-10855, CVE-2018-10875, CVE-2018-16837, CVE-2018-16876, CVE-2019-3828
SHA-256 | 2dde31e5783af9038db0eb1aa458aab47e774751c9f88602e04c74b7ca36d972
Memu Play 6.0.7 Privilege Escalation
Posted Feb 20, 2019
Authored by Alejandra Sanchez

Memu Play version 6.0.7 privilege escalation proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 309a6312f6b62536d78b6685cef365273ad8c9bead5335f0f87edbde0696e778
Social Bookmarking Software 1.2.3 Local File Inclusion
Posted Feb 20, 2019
Authored by Mr Winst0n

Social Bookmarking Software version 1.2.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 74b558b7ead2ed702a1919fec1ddd7d973fa54d6dbc8538334512a9d2515883e
FTPShell Sever 6.83 Denial Of Service
Posted Feb 20, 2019
Authored by Victor Mondragon

FTPShell Server version 6.83 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 04ea1454d21ee1698dc172af771279063e283efa170dcd17bd9cd5c8c162b6db
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close