exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2024-02-02 to 2024-02-03

Fortra GoAnywhere MFT Unauthenticated Remote Code Execution
Posted Feb 2, 2024
Authored by James Horseman, Zach Hanley, sfewer-r7 | Site metasploit.com

This Metasploit module exploits a vulnerability in Fortra GoAnywhere MFT that allows an unauthenticated attacker to create a new administrator account. This can be leveraged to upload a JSP payload and achieve RCE. GoAnywhere MFT versions 6.x from 6.0.1, and 7.x before 7.4.1 are vulnerable.

tags | exploit
advisories | CVE-2024-0204
SHA-256 | 035ed04146400771edc30f7f2428017890a815d0e2f43a4345934b3f301ed59e
Gentoo Linux Security Advisory 202402-01
Posted Feb 2, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-1 - Multiple vulnerabilities in glibc could result in Local Privilege Escalation. Versions greater than or equal to 2.38-r10 are affected.

tags | advisory, local, vulnerability
systems | linux, gentoo
advisories | CVE-2023-5156, CVE-2023-6246, CVE-2023-6779, CVE-2023-6780
SHA-256 | dc5103364dcaf34b9733e914efeb23949628b3316a7502944e9a2800aca0bbdb
Debian Security Advisory 5613-1
Posted Feb 2, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5613-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in side channel attacks, leaking sensitive data to log files, denial of service or bypass of sandbox restrictions.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952
SHA-256 | f609441d6fb4c40057305e6428732ca7ac0e44c809f5eb956a054b02d0ed1ef4
Ubuntu Security Notice USN-6621-1
Posted Feb 2, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6621-1 - It was discovered that ImageMagick incorrectly handled certain values when processing BMP files. An attacker could exploit this to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-5341
SHA-256 | d38033701261e34456f9c4b4ae618fc4e2d85060257a1b6c7c655a752562ae15
Debian Security Advisory 5612-1
Posted Feb 2, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5612-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-1059, CVE-2024-1060, CVE-2024-1077
SHA-256 | 5e76bed3819f315e7a0c764d370439b3892001d90b2731baafa780fd5607d130
Juniper SRX Firewall / EX Switch Remote Code Execution
Posted Feb 2, 2024
Authored by whiteOwl | Site whiteowl-pub.github.io

This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo() function on the login page of the target device, allowing to inspect the PHP configuration. This script also has the option to save the phpinfo() output to a file for further analysis.

tags | exploit, php, proof of concept
advisories | CVE-2023-36845
SHA-256 | 56c0a0ad9dba5be91bcf88dbed7e2234e764bf5d6166e8250dfe5f1920543e02
PCMan FTP Server 2.0 Buffer Overflow
Posted Feb 2, 2024
Authored by Waqas Ahmed Faroouqi

PCMan FTP Server version 2.0 pwn remote buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | 612b3315639952f6579988ab804091c2e90337cd6f2b149aaefbbdb20a2fe647
Proxmox VE 7.4-1 TOTP Brute Force
Posted Feb 2, 2024
Authored by Gabe Rust, Cory Cline

Proxmox VE versions 5.4 through 7.4-1 suffer from a TOTP brute forcing vulnerability.

tags | exploit, cracker
advisories | CVE-2023-43320
SHA-256 | f6755f8049ac69e2c063c87bf2673dccb28891987f8680a53ee28fbd10c2725f
TP-LINK TL-WR740N HTML Injection
Posted Feb 2, 2024
Authored by Shujaat Amin

TP-LINK TL-WR740N suffers from an html injection vulnerability.

tags | exploit
SHA-256 | c2d5b2f78c31443c2f29cda3d1383f4415c4b2164a247d2589a51184dce6dfa1
GoAhead Web Server 2.5 HTML Injection
Posted Feb 2, 2024
Authored by Syed Affan Ahmed

GoAhead Web Server version 2.5 suffers from an html injection vulnerability.

tags | exploit, web
SHA-256 | 24379e92a45cc4550d65aa00b2c98eadf098d5bae864bf1e06214b44e2d34384
ComSndFTP Server 1.3.7 Beta Denial Of Service
Posted Feb 2, 2024
Authored by Fernando Mengali

ComSndFTP Server version 1.3.7 Beta remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 34646dc1a109dda2502eeca999e4fa7c3c681afd7aaaed11431e026ca5a4ef70
Red Hat Security Advisory 2024-0647-03
Posted Feb 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0647-03 - An update for rpm is now available for Red Hat Enterprise Linux 8.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-35937
SHA-256 | ffa4df92c034f91bf4ce66eb09e3a8bdf965b0eb65934d6f737ba2139bdc39a7
Red Hat Security Advisory 2024-0484-03
Posted Feb 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0484-03 - Red Hat OpenShift Container Platform release 4.13.31 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-39325
SHA-256 | ed0abdf5084bca41a7e826e8b9844a8e96dedf41534bff01ec99c36841743575
Ricoh Printer Directory / File Exposure
Posted Feb 2, 2024
Authored by Thomas Heverin

Ricoh printers suffer from directory and file exposure vulnerabilities.

tags | exploit, vulnerability, info disclosure
SHA-256 | 31acfb08de8679ef2afbf02b48cab1579ec579e4f6c07c0aa39c1643b2c3308d
Typora 1.7.4 Command Injection
Posted Feb 2, 2024
Authored by Ahmet Umit Bayram

Typora version 1.7.4 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | d9a8303041fe933057079d7b5819ba2a1d470244be63a85e854c72582cdc68c4
Bank Locker Management System SQL Injection
Posted Feb 2, 2024
Authored by SoSPiro

Bank Locker Management System suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 46a04657e32ff403a333ece7b5aa8f9a4a9f589a69f49b77ec5ba36c7e157381
Grocy 4.0.2 Cross Site Request Forgery
Posted Feb 2, 2024
Authored by Chance Proctor

Grocy versions 4.0.2 and below suffer from a cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2023-42270
SHA-256 | 8a9d5dbb9c863db010ccc5c72b8a8ce2a60d29424a64648b8ed644b847a9f54f
WebCatalog 48.4 Arbitrary Protocol Execution / Code Execution
Posted Feb 2, 2024
Authored by ItsSixtyN3in

WebCatalog versions prior to 48.8 call the Electron shell.openExternal function without verifying that the URL is for an http or https resource. This vulnerability allows an attacker to potentially execute code through arbitrary protocols on the victims machine by having users sync pages with malicious URLs. The victim has to interact with the link, which can then enable an attacker to bypass security measures for malicious file delivery.

tags | exploit, web, arbitrary, shell, protocol
advisories | CVE-2023-42222
SHA-256 | 697050685574d8cbeaf2f42aaa7b87535a8f6cf1ec1ce436dac7c65634057623
7 Sticky Notes 1.9 Command Injection
Posted Feb 2, 2024
Authored by Ahmet Umit Bayram

7 Sticky Notes version 1.9 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | 0c02db19a734643da060c0229774925d3b573c1cd14af3e353f41e6564eeba31
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close