what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-10-30

PHP Server Monitor 3.1.1 Privilege Escalation
Posted Oct 30, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

PHP Server Monitor version 3.1.1 suffers from a privilege escalation vulnerability.

tags | exploit, php
SHA-256 | aafa69a15ff0e3770a96c5012d8cb850bdb3fda9ba48a991cb0678d1cb2b0ff6
PHP Server Monitor 3.1.1 Cross Site Request Forgery
Posted Oct 30, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

PHP Server Monitor version 3.1.1 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf
SHA-256 | c6dd900ebf2986cd3b5ad60ba13c81ef576d594f7507b637176981a3472236fa
eBay Magento XXE Injection
Posted Oct 30, 2015
Authored by Dawid Golunski

eBay Magento CE versions 1.9.2.1 and below and eBay Magento EE versions 1.14.2.1 and below suffer from an XXE injection vulnerability.

tags | exploit, xxe
SHA-256 | 08393363d6670e33368d62daac52944168d2958ae3fd00c5baedaa4999a731b3
Pligg CMS 2.0.2 SQL Injection
Posted Oct 30, 2015
Authored by Tim Coen | Site curesec.com

Pligg CMS version 2.0.2 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | e653dc6b60d0a6774fd0c82028476bc1f4420abad29191536668539de8b9ec0b
Pligg CMS 2.0.2 Directory Traversal
Posted Oct 30, 2015
Authored by Tim Coen | Site curesec.com

Pligg CMS version 2.0.2 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 6694394bbeb73a900ce2025bfc0707fad012282c2839712e6d1e324abee90990
Pligg CMS 2.0.2 CSRF / Code Execution
Posted Oct 30, 2015
Authored by Tim Coen | Site curesec.com

Pligg CMS version 2.0.2 suffers from code execution and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, code execution, csrf
SHA-256 | 478975660e6f6564e0125792eaca49d4f8fc7ddb63e0f2f82e756f316270b0ce
Slackware Security Advisory - curl Updates
Posted Oct 30, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-3143, CVE-2015-3144, CVE-2015-3145, CVE-2015-3148, CVE-2015-3236, CVE-2015-3237
SHA-256 | 6f8f1ea7ca7722d48810e15411398875a23f2427d517d29aaf9be8d59d9f7ffb
Slackware Security Advisory - ntp Updates
Posted Oct 30, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-9750, CVE-2015-5196, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7704, CVE-2015-7705, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871
SHA-256 | 9e1563e5450015846758e7398735030c758bd3179e6f25263eca88eb9ad6257b
Debian Security Advisory 3384-1
Posted Oct 30, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3384-1 - Two vulnerabilities have been discovered in VirtualBox, an x86 virtualisation solution.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2015-4813, CVE-2015-4896
SHA-256 | 2ba577efa7645c3fbb63c3ae8f39544eb64cf665f1a19b8df7a9e00878b1fe27
Debian Security Advisory 3383-1
Posted Oct 30, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3383-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2015-2213, CVE-2015-5622, CVE-2015-5714, CVE-2015-5715, CVE-2015-5731, CVE-2015-5732, CVE-2015-5734, CVE-2015-7989
SHA-256 | 5c112093bf6218a0c2e15cc40a7bd9714b502a4ca135cafa9a4c8cf9452b519e
Python 3.5 scan_eol() Buffer Over-Read
Posted Oct 30, 2015
Authored by John Leitch

Python 3.5 suffers from a vulnerability caused by the behavior of the scan_eol() function. When called, the function gets a line from the buffer of a BytesIO object by searching for a newline character starting at the position in the buffer. However, if the position is set to a value that is larger than the buffer, this logic will result in a call to memchr that reads off the end of the buffer.

tags | exploit, python
SHA-256 | 11ad4ff03a7d48ad669798a540d150f6b9a96705027ddfb79905aac9959c3fc9
Debian Security Advisory 3332-2
Posted Oct 30, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3332-2 - The patch applied for CVE-2015-5622 in DSA-3332-1 contained a faulty hunk. This update corrects that problem.

tags | advisory
systems | linux, debian
SHA-256 | 7ed79434482d9a30adcebdf34b45d74b939f9e8bd496ef33161939bdc9c7bb03
Slackware Security Advisory - jasper Updates
Posted Oct 30, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New jasper packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2008-3520, CVE-2008-3522, CVE-2011-4516, CVE-2011-4517, CVE-2014-8137, CVE-2014-8138, CVE-2014-8157, CVE-2014-8158, CVE-2014-9029
SHA-256 | 3c4a3a5cf1e480feed4b9092b1aa939f9e0eaf1cd0b6da12b95876f269e7e405
PHP yaml_parse_url Double Free
Posted Oct 30, 2015
Authored by John Leitch

The yaml_* parsing functions suffers from an exploitable double free caused by the error path for the php_var_unserialize() call on line 797 of pecl/file_formats/yaml.git/parse.c.

tags | advisory
SHA-256 | 222691a6762e7a56ff629bdd866e2f3741c307b8856b25b0efcef4850bb9383f
PHP yaml_parse_url Unsafe Deserialization
Posted Oct 30, 2015
Authored by John Leitch

The PHP unserialize() function is considered unsafe due to its behavior regarding class instantiation; in cases where serialized data is attacker controlled, it can be tampered with, allowing for the instantiation of arbitrary PHP classes and thus code execution via destructor.

tags | advisory, arbitrary, php, code execution
SHA-256 | 25ba50f88dac6d73405bd6b613b421c3efdf062bb33df0303b3857f5a2f462f0
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close