exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2023-06-27 to 2023-06-28

Debian Security Advisory 5439-1
Posted Jun 27, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5439-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2023-2828, CVE-2023-2911
SHA-256 | cc895f5c176833d74e7a3f8e0143a354220ebb5b634b336ac40ccc836c9f7e36
Rocket LMS 1.7 Cross Site Scripting
Posted Jun 27, 2023
Authored by CraCkEr

Rocket LMS version 1.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 97f580a88c2b993e6298fe38f539f299905ea42fdaf07c50ffd5ef2690baa6e0
WordPress LearnDash LMS 4.6.0 Insecure Direct Object Reference
Posted Jun 27, 2023
Authored by Lana Codes | Site wordfence.com

WordPress LearnDash LMS version 4.6.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
advisories | CVE-2023-3105
SHA-256 | 3a8f67c945962cd97a8543c7e9a730133e280935b834b5ed9f28ab87a13f1a38
Apache Druid JNDI Injection Remote Code Execution
Posted Jun 27, 2023
Authored by RedWay Security, Jari Jaaskela | Site metasploit.com

This Metasploit module is designed to exploit the JNDI injection vulnerability in Druid. The vulnerability specifically affects the indexer/v1/sampler interface of Druid, enabling an attacker to execute arbitrary commands on the targeted server. The vulnerability is found in Apache Kafka clients versions ranging from 2.3.0 to 3.3.2. If an attacker can manipulate the sasl.jaas.config property of any of the connector's Kafka clients to com.sun.security.auth.module.JndiLoginModule, it allows the server to establish a connection with the attacker's LDAP server and deserialize the LDAP response. This provides the attacker with the capability to execute java deserialization gadget chains on the Kafka connect server, potentially leading to unrestricted deserialization of untrusted data or even remote code execution (RCE) if there are relevant gadgets in the classpath. To facilitate the exploitation process, this module will initiate an LDAP server that the target server needs to connect to in order to carry out the attack.

tags | exploit, java, remote, arbitrary, code execution
advisories | CVE-2023-25194
SHA-256 | f66b350948de8d0c6e468d03fb8436dd9af78149309b8e72facbdb3d5300a0ea
Red Hat Security Advisory 2023-3615-01
Posted Jun 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3615-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.22. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-4235, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0361
SHA-256 | 7fb4743cf0f6421a8fc76e5aeabe5a0d1c7e99c6c059a74b0989a6981fbfe871
ONEST CRM 1.0 Cross Site Scripting
Posted Jun 27, 2023
Authored by CraCkEr

ONEST CRM version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ab2c496a64d6d91e4d8455912306fd0acc5d24986ab8374367291acb391289ac
Red Hat Security Advisory 2023-3796-01
Posted Jun 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3796-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

tags | advisory, python, bypass
systems | linux, redhat
advisories | CVE-2023-24329
SHA-256 | ae2a9a38ac081006d84e460f9a3555858e4079b07f04dd6ece466b6912444933
Office Suite Premium 10.9.1.42602 Local File Inclusion
Posted Jun 27, 2023
Authored by tmrswrr

Office Suite Premium version 10.9.1.42602 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 67c4565694ad8b004ca5be03f3ce64ed4cb8208650aa9cf0be7cb6eed7c72a31
Office Suite Premium 10.9.1.42602 Path Traversal
Posted Jun 27, 2023
Authored by tmrswrr

Office Suite Premium version 10.9.1.42602 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | ce624ab609d139dcb237af5da62ce78f9b6fa9149328d832b79d9ab05c3c9f7d
Office Suite Premium 10.9.1.42602 Cross Site Scripting
Posted Jun 27, 2023
Authored by tmrswrr

Office Suite Premium version 10.9.1.42602 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f5cac9fb2b3301b49dbd418e0ca9d1f282da262180014f312e96c87af388465b
MagicAI 1.55R Cross Site Scripting
Posted Jun 27, 2023
Authored by CraCkEr

MagicAI version 1.55R suffers from a persistent cross site scripting vulnerability via a file upload.

tags | exploit, xss, file upload
SHA-256 | f4d106d7a59e4b426baf267d2bfbc5e19be78391b0f2498637e74b343fb4f208
Proxmark3 4.16717 Custom Firmware
Posted Jun 27, 2023
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware.

Changes: A new standalone modes, iclass sniffing works better now, legic cash segments do not crash, more options to extract files from dump data, support MIFARE Classic value blocks and overall improvements to text output using colors.
tags | tool
systems | unix
SHA-256 | 675a785e859d600b55de67ecd17a85ff26741d8e1b74c51ed0fa585850b44f3f
Red Hat Security Advisory 2023-3781-01
Posted Jun 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3781-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

tags | advisory, python, bypass
systems | linux, redhat
advisories | CVE-2023-24329
SHA-256 | 53af3f081b202ddfaddc1e2024ab3c9393d87de9fb3fe8bf5c00a8a5f537ad35
Microsoft 365 MSO 2305 Build 16.0.16501.20074 Remote Code Execution
Posted Jun 27, 2023
Authored by nu11secur1ty

Microsoft 365 MSO version 2305 build 16.0.16501.20074 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-28285
SHA-256 | 3b2deb6294f7b71a818f81eca0bdc3765f7fecf2245a2ab5827f991c129e303f
MyBB Favicon 1.0 Cross Site Scripting
Posted Jun 27, 2023
Authored by 0xB9

MyBB Favicon plugin version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 48e6211cff65bfb83fc11243b98216054981ee3a62b7f4384b54d20ecdc324e2
Job Board 1.0 Shell Upload
Posted Jun 27, 2023
Authored by CraCkEr

Job Board version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | f7203303285c27e34b43e1ca88c500efecfa3ba96a7c0c4199535084be1cc9bc
Red Hat Security Advisory 2023-3625-01
Posted Jun 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3625-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.62. Issues addressed include bypass, cross site request forgery, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss, csrf
systems | linux, redhat
advisories | CVE-2022-41966, CVE-2023-20860, CVE-2023-32977, CVE-2023-32979, CVE-2023-32980, CVE-2023-32981
SHA-256 | 6c9533d59305426940cb421a1f39f2dd82290bdf18ec5daf3ed8d9b261dad6a0
PrestaShop Winbiz Payment Improper Limitation
Posted Jun 27, 2023
Authored by Amirhossein Bahramizadeh

PrestaShop Winbiz Payment module suffers from an improper limitation of a Pathname to a restricted directory.

tags | exploit
advisories | CVE-2023-30198
SHA-256 | fd9d9b41b3b106776bf4bded355ea6effd89622c59564f7bfb574cd7059f7f60
Microsoft Windows 11 22h2 Kernel Privilege Escalation
Posted Jun 27, 2023
Authored by Amirhossein Bahramizadeh

Microsoft Microsoft Windows 11 version 22h2 suffers from a kernel privilege escalation vulnerability.

tags | exploit, kernel
systems | windows
advisories | CVE-2023-28293
SHA-256 | be4c5e79f9cf0b40f7b8ba9b4538a14f5731f19051d96808d39f4233d0d4064d
Azure Apache Ambari 2302250400 Spoofing
Posted Jun 27, 2023
Authored by Amirhossein Bahramizadeh

Azure Apache Ambari version 2302250400 suffers from a spoofing vulnerability.

tags | exploit, spoof
advisories | CVE-2023-23408
SHA-256 | a59f6776d4aacfdd02dcb83d8333b2b5e421a9df5ff2079e452c760ede563817
Xenforo 2.2.13 Cross Site Scripting
Posted Jun 27, 2023
Authored by Furkan Karaarslan

Xenforo version 2.2.13 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f5d2f804109cb0eeef8387c640405b6f7f8dc548ab7656e5c0750cbeed8641d3
MCL-Net 4.3.5.8788 Information Disclosure
Posted Jun 27, 2023
Authored by Victor A. Morales

MCL-Net version 4.3.5.8788 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 0d9966ba2e021b0a315a3258cc773efd603dcddd8af2b24188e84d5a992fd665
Chrome Internal JavaScript Object Access Via Origin Trials
Posted Jun 27, 2023
Authored by Google Security Research, Glazvunov

Chrome suffers from an internal javascript object access vulnerability. suffers from a code execution vulnerability.

tags | exploit, javascript, code execution
advisories | CVE-2023-2724
SHA-256 | ffd1bc4c7c03a984e8cd76542fd8b6610321410abd4663e7c81762fe8f30c5ae
Active eCommerce CMS 6.5.0 Cross Site Scripting
Posted Jun 27, 2023
Authored by CraCkEr

Active eCommerce CMS version 6.5.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 066a6369e498fa088914ac661b208cfdd01fc42dc04688bd48a485b5fda514c6
Microsoft SharePoint Enterprise Server 2016 Spoofing
Posted Jun 27, 2023
Authored by Amirhossein Bahramizadeh

Microsoft SharePoint Enterprise Server 2016 suffers from a spoofing vulnerability.

tags | exploit, spoof
advisories | CVE-2023-28288
SHA-256 | dc69c8a196ae434905235f744cfdcbe0d497ed7ab1caa764b015de4a98a1e4d1
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close