what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-12-06

Jamroom 5.0.2 Cross Site Scripting
Posted Dec 6, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Jamroom version 5.0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-6804
SHA-256 | 69198ff23705681ef817fddb29ab688a6d071258cfde047842f9549a92f07f01
Enorth Webpublisher CMS SQL Injection
Posted Dec 6, 2013
Authored by xin.wang

Enorth Webpublisher CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-6985
SHA-256 | 2a4d4a78c1f9a888d7edc2e0c312ab46840931deb7521259a00b5464e322bee9
Wireless Transfer App 3.7 Command Injection
Posted Dec 6, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Wireless Transfer App version 3.7 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | 1ade7573e480c75df01672dcb5285dea035618c5fae35d80dd995362fb2fe116
Sonicwall GMS 7.x Filter Bypass
Posted Dec 6, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Dell Sonicwall GMS version 7.x suffers from filter bypass and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | ba4b237b2c6d40f4321bd55bbd8de613019ab4e747ca87417e922cf9f1d42657
NagiosQL 3.2.0 SP2 Cross Site Scripting
Posted Dec 6, 2013
Authored by William Costa

NagiosQL version 3.2.0 Service Pack 2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-6039
SHA-256 | d3403503f1d3b37a9fa1ba38f4fa616cdea171703b1898b64152c55b074e9db0
RedAxScript 1.1 SQL Injection
Posted Dec 6, 2013
Authored by KedAns-Dz

RedAxScript version 1.1 suffers from multiple remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 6b8f36199e8357cbfbdbc3b62976f84893ecd710c4ba586c66a459357a175c5e
NeoBill 0.9-alpha eCommerce Command Execution / SQL Injection / LFI
Posted Dec 6, 2013
Authored by KedAns-Dz

NeoBill version 0.9-alpha eCommerce suffers from local file inclusion, remote command execution, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
SHA-256 | a6206ac0375cd11d4b17033ae59e79dc8053b70ceca001d1b28de6d6ca4d3332
Red Hat Security Advisory 2013-1790-01
Posted Dec 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1790-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An information leak flaw was found in the way the Xen hypervisor handled error conditions when reading guest memory during certain guest-originated operations, such as port or memory mapped I/O writes. A privileged user in a fully-virtualized guest could use this flaw to leak hypervisor stack memory to a guest.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2013-4355
SHA-256 | a99cca04bfacd745abf8cc429f9c5cbb5dbebaecb29a1c66a8fd85e125eb867c
Red Hat Security Advisory 2013-1794-01
Posted Dec 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1794-01 - Ruby on Rails is a model-view-controller framework for web application development. Action Pack implements the controller and the view components. A flaw was found in the way Ruby on Rails performed JSON parameter parsing. An application using a third party library, which uses the Rack::Request interface, or custom Rack middleware could bypass the protection implemented to fix the CVE-2013-0155 vulnerability, causing the application to receive unsafe parameters and become vulnerable to CVE-2013-0155.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2013-4491, CVE-2013-6414, CVE-2013-6415, CVE-2013-6417
SHA-256 | 135a48c1e3f99b850c2d60c2cd13ef3f61d6a033ac26df2f0c0908db190de34a
Ubuntu Security Notice USN-2048-1
Posted Dec 6, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2048-1 - Scott Cantor discovered that libcurl incorrectly verified CN and SAN name fields when digital signature verification was disabled. When libcurl is being used in this uncommon way by specific applications, an attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-4545
SHA-256 | c20f5794bb126d61a57266741ccbe80c44ddbf98c011ace3654bedddefc949e5
Red Hat Security Advisory 2013-1793-01
Posted Dec 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1793-01 - This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.4, 5.5 and 5.6. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-3829, CVE-2013-4041, CVE-2013-5372, CVE-2013-5375, CVE-2013-5457, CVE-2013-5772, CVE-2013-5774, CVE-2013-5776, CVE-2013-5778, CVE-2013-5780, CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5789, CVE-2013-5797, CVE-2013-5801, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5809, CVE-2013-5812, CVE-2013-5814, CVE-2013-5817, CVE-2013-5818, CVE-2013-5819, CVE-2013-5820, CVE-2013-5823
SHA-256 | 901d7300e4cf735abb8748f82ce5a1f821de1a54f1d8f212cdd5f80a7fff856f
Red Hat Security Advisory 2013-1791-01
Posted Dec 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1791-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. It was found that the fix for CVE-2013-1620 released via RHSA-2013:1135 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2013-1739, CVE-2013-1741, CVE-2013-5605, CVE-2013-5606, CVE-2013-5607
SHA-256 | 597e41819c618a7a2036b4981f741cf922fcb4e227d620ed1ada7986295500c4
Red Hat Security Advisory 2013-1792-01
Posted Dec 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1792-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.2 will be retired as of January 7, 2014, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.2 EUS after that date. In addition, technical support through Red Hat's Global Support Services will no longer be provided after January 7, 2014. Note: This notification applies only to those customers subscribed to the Extended Update Support channel for Red Hat Enterprise Linux 6.2.

tags | advisory
systems | linux, redhat
SHA-256 | d7b2e335343665c1a475d8c30aa610ef208f0a8fffbf6a691ca5ceb61d11f780
Red Hat Security Advisory 2013-1783-01
Posted Dec 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1783-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition was found in the way asynchronous I/O and fallocate() interacted when using the ext4 file system. A local, unprivileged user could use this flaw to expose random data from an extent whose data blocks have not yet been written, and thus contain data from a deleted file. An information leak flaw was found in the way the Linux kernel's device mapper subsystem, under certain conditions, interpreted data written to snapshot block devices. An attacker could use this flaw to read data from disk blocks in free space, which are normally inaccessible.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2012-4508, CVE-2013-2851, CVE-2013-4299
SHA-256 | cff59b9f88b0673c0f659fb3e6ef8f092e408c092cba79fe92e8d1112298771e
WordPress Easy Career Openings SQL Injection
Posted Dec 6, 2013
Authored by Iranian_Dark_Coders_Team, Black.Hack3r

WordPress Easy Career Openings plugin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 91e56fc15be49b466edd276517672364545b3333953f474d6514eecc08deb3a3
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close