Facebook And Google Reviews System For Businesses version 1.1 suffers from a code execution vulnerability.
1ab8057c8f971a4cd27f8e9fab67dae8543e25b71cc0ce978aa3450c150f649aFacebook And Google Reviews System For Businesses version 1.1 suffers from a remote SQL injection vulnerability.
729cc7fbde91786f43dc795baa2edb8a462b6b6bd067c80532fe470c7b4b3186GNU inetutils versions 1.9.4 and below are vulnerable to a stack overflow vulnerability in the client-side environment variable handling which can be exploited to escape restricted shells on embedded devices. Most modern browsers no longer support telnet:// handlers, but in instances where URI handlers are enabled to the inetutils telnet client this issue maybe remotely triggerable. A stack-based overflow is present in the handling of environment variables when connecting telnet.c to remote telnet servers through oversized DISPLAY arguments. A heap-overflow is also present which can be triggered in a different code path due to supplying oversized environment variables during client connection code.
67091428f5e24ce1f6e0eb140516487b2dad8b7e0affe5d248d2734e0ec4626fAn exploitable arbitrary file creation weakness has been identified in Mikrotik RouterOS that can be leveraged by a malicious attacker to exploit all known versions of Mikrotik RouterOS. The RouterOS contains a telnet client based on GNU inetutils with modifications to remove shell subsystem. However an attacker can leverage the "set tracefile" option to write an arbitrary file into any "rw" area of the filesystem, escaping the restricted shell to gain access to a "ash" busybox shell on some versions. The file is created with root privileges regardless of the RouterOS defined group.
a939b73387c51054bd5c4c1fabbeade0aabd8445df951b5f0caf507ff0713454The 2019 edition of YSTS (You Shot The Sheriff) has announced its call for papers. It will be held in Sao Paulo, Brazil on May 27th, 2019.
9f08a6fe9f6c4e85823f972eed5a5fd179e000a9994c5b233560563f6c655312Huawei Router HG532e command execution exploit.
ad6677ad79c2dee98de9e83cba02dc6916c26fa35673bde067e9cd0b326fdb99Angry IP Scanner version 3.5.3 denial of service proof of concept exploit.
84b312b33c11933aa01cd512dd5ae2198db4495c5b9f8096e4fa357b8345a807Facebook And Google Reviews System For Business version 1.0 suffers from a cross site request forgery vulnerability.
23409162eb34a269e30c2bc97e6f4ec00055868c8aa81fe90f9576549c8e9718GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
db030f8b4c98640e91300d36d516f1f4f8fe09514a94ea9fc7411ee1a34082cbZortam MP3 Media Studio version 24.15 SEH local buffer overflow exploit.
ae978ceac2fcddeeafa2b222021ae7e189950a42f5b3acd8f9b615d32b9b6ef9Responsive FileManager version 9.13.4 suffers from bypass, cross site scripting, remote file read, remote file write, and traversal vulnerabilities.
24b44c3be9bf67b90bb1d1cdb9ec74af7708c61d94cdc80aa3cf18c8fd7d3e68Cisco RV110W suffers from password disclosure and command execution vulnerabilities.
49f352762b2cb4aac38f40cf4fba40ffd8992a4abb6d4dbe0d5b524fec9d83c4UltraISO version 9.7.1.3519 Output FileName denial of service proof of concept exploit.
666364dbe838e6657c0ec15178ef3c12e40eaed1389225bfcf4963ab405b8a33Double Your Bitcoin Script Automatic 2018 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
fe09afa366b444a04708e42ab3dbe3ff9d923d18391108a5c49d794564dfe97d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed