what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-05-18

Microsoft Security Bulletin CVE Revision Increment For May, 2018
Posted May 18, 2018
Site microsoft.com

This Microsoft bulletin summary holds CVE revision updates for CVE-2018-0886.

tags | advisory
advisories | CVE-2018-0886
SHA-256 | e51ebd197ea6a292972cc283deb6e290bab81dfbce17b6d2d413f7c14e85a8b2
Healwire Online Pharmacy 3.0 Cross Site Request Forgery / Cross Site Scripting
Posted May 18, 2018
Authored by Borna Nematzadeh

Healwire Online Pharmacy version 3.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | d75f3d0a19ce67c0ef4401d10592229ac751786b152c2e7cabc741a21e511fcf
HPE iMC 7.3 Remote Code Execution
Posted May 18, 2018
Authored by mr_me, trendytofu | Site metasploit.com

This Metasploit module exploits an expression language injection vulnerability, along with an authentication bypass vulnerability in Hewlett Packard Enterprise Intelligent Management Center before version 7.3 E0504P04 to achieve remote code execution. The HP iMC server suffers from multiple vulnerabilities allows unauthenticated attacker to execute arbitrary Expression Language via the beanName parameter, allowing execution of arbitrary operating system commands as SYSTEM. This service listens on TCP port 8080 and 8443 by default. This Metasploit module has been tested successfully on iMC PLAT v7.3(E0504P02) on Windows 2k12r2 x64 (EN).

tags | exploit, remote, arbitrary, tcp, vulnerability, code execution, bypass
systems | windows
advisories | CVE-2017-12500, CVE-2017-8982
SHA-256 | b166549e96ca5f700cae312fff860951240a2ec47a3b5fe73610d4185f4d4fe2
SAP B2B / B2C CRM Local File Inclusion
Posted May 18, 2018
Authored by Richard Alviarez

SAP B2B / B2C CRM versions 2.x up to 4.x suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | ae7ab9be834c282d69881f8e350f361caaaf89295f22264b998875dfa369022a
DynoRoot DHCP Command Injection
Posted May 18, 2018
Authored by Kevin Kirsche

DynoRoot DHCP suffers from a client command injection vulnerability.

tags | exploit
advisories | CVE-2018-1111
SHA-256 | 5ca224367e09bcb54946694a4e955350bd0b8206e2c1cdc3387b1ce19848a17d
Infinity Market Classified Ads Script 1.6.2 Cross Site Request Forgery
Posted May 18, 2018
Authored by Borna Nematzadeh

Infinity Market Classified Ads Script version 1.6.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | ab26e912992453bc9325a8cecb3a72fd0d60253c3b36863f4a593e0dec2d237e
Prime95 29.4b8 Stack Buffer Overflow
Posted May 18, 2018
Authored by crash_manucoot

Prime95 version 29.4b8 SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 6f24980aab953056ab8e8361cfbf81fc456ecccd33ff8c00cd84a4bf9c17cc97
Cisco SA520W Security Appliance Path Traversal
Posted May 18, 2018
Authored by Nassim Asrir

Cisco SA520W Security Appliance suffers from a path traversal vulnerability.

tags | exploit, file inclusion
systems | cisco
SHA-256 | afb1a6c7670d56bdc88e35d408381f90b8a962147c6db0ddc5bfc2888ed9088e
Siemens SIMATIC Panels Cross Site Request Forgery / Cross Site Scripting
Posted May 18, 2018
Authored by t4rkd3vilz

Multiple Siemens SIMATIC panels suffer from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | da0552546acfe55d2b43aca2a3821b58dfac3d6a8a188c97da184d13ae5d5031
Linux 4-Byte Information Leak
Posted May 18, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from a 4-byte information leak via an uninitialized struct field in the compat adjtimex syscall.

tags | exploit
systems | linux
SHA-256 | 50d39995adad3a015a3b94c0d7b5e9f1f194e700f189b736aefca07019347f73
Microsoft Edge Chakra JIT Bounce Check Elimination Bug
Posted May 18, 2018
Authored by Google Security Research, lokihardt

Chakra uses the InvariantBlockBackwardIterator class to backpropagate the information about the hoisted bound checks. But the class follows the linked list instead of the control flow. This may lead to incorrectly remove the bound checks.

tags | exploit
advisories | CVE-2018-0980
SHA-256 | fb86d007c56bfd6ada33e174da508e6d677ad9d0597953bd1d8e6d7694634532
MagniComp SysInfo Information Exposure
Posted May 18, 2018
Authored by Harry Sintonen

MagniComp SysInfo contains an information exposure vulnerability through debug functionality.

tags | advisory
advisories | CVE-2018-7268
SHA-256 | 879a6ff414ac55de6ca9ce6b7ca2e8ee7838c3d369cadf9baf7679892f4ab20e
Debian Security Advisory 4203-1
Posted May 18, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4203-1 - Hans Jerry Illikainen discovered a type conversion vulnerability in the MP4 demuxer of the VLC media player, which could result in the execution of arbitrary code if a malformed media file is played.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2017-17670
SHA-256 | 1551e89b8993803da7f58d5c3f2ab720f8b71d5d221d8e6b3af8d252bf6dbd8a
SAP NetWeaver Web Dynpro Information Disclosure
Posted May 18, 2018
Authored by Richard Alviarez

SAP NetWeaver Web Dynpro versions 6.4 up to 7.5 suffer from an information disclosure vulnerability.

tags | exploit, web, info disclosure
SHA-256 | 3eb279b49f6fddd1bba5f098d3df639d8a0af8406c0289711d827d2153bf6a3c
Monstra CMS Cross Site Scripting
Posted May 18, 2018
Authored by Berk Dusunur

Monstra CMS versions prior to 3.0.4 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3410f862ca031b157092e8f4e9143df9bb21b1ec6656c71a5595567cf7fac5bc
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close