sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
d4ca1b529942c61243759727ec41f43dff19880ed63fca6b10df34f5b71579e6This archive contains all of the 166 exploits added to Packet Storm in May, 2020.
a6359e27ffd6427602b7529507292b2724470653202c67ec9232ae110d2e766dAvast suffers from an out-of-bounds copy vulnerability in Array.prototype.toString.
f4c86758a5b59c76013f851557aec88b7d5f007b50dc4f53d8f8f4cc173c71b3Red Hat Security Advisory 2020-2252-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.2.6 serves as a replacement for Red Hat support for Spring Boot 2.1.13, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a cross site scripting vulnerability.
344ff8b0e4aa63f74584ac5c08df2dc63656dfe3701664a8b67d00c69abbd338Ubuntu Security Notice 4377-1 - The ca-certificates package contained an expired CA certificate that caused connectivity issues. This update removes the "AddTrust External Root" CA. In addition, on Ubuntu 16.04 LTS and Ubuntu 18.04 LTS, this update refreshes the included certificates to those contained in the 20190110 package.
640f94414bbff7d7f4e6400a51e5991d13294701394508b92b7cf866933bd067Red Hat Security Advisory 2020-2345-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An issue was addressed where BIND does not sufficiently limit the number of fetches performed when processing referrals.
5334c77176ff6cfe17985fafa81c674e6c959c8f06c90bb3de7fabc34dc2d729Red Hat Security Advisory 2020-2344-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An issue was addressed where BIND does not sufficiently limit the number of fetches performed when processing referrals.
eba43773b3d1ded90f4c1e0901018f90fd2cb8a03f045802d942f3a345a0875eRed Hat Security Advisory 2020-2342-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow and out of bounds access vulnerabilities.
e543f9fef4963291f074e800e0194dcf8281b6d582e9a925d4bf1a1baa86e1adWe-Com OpenData CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
50a0db0e24a84db773d1cd4173faee5e2689f509de4a570588c6bf202fad4e60We-Com Municipality Portal CMS version 2.1.x suffers from cross site scripting and remote SQL injection vulnerabilities.
a064044ce2e55681ca97b669a47fa9de5d0ab2d078912b3da970309428b6ac64
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed