This Metasploit module exploits a php unserialize() vulnerability in Invision IP.Board versions 3.3.4 and below which could be abused to allow unauthenticated users to execute arbitrary code under the context of the webserver user. The dangerous unserialize() exists in the '/admin/sources/base/core.php' script, which is called with user controlled data from the cookie. The exploit abuses the __destruct() method from the dbMain class to write arbitrary PHP code to a file on the Invision IP.Board web directory. The exploit has been tested successfully on Invision IP.Board 3.3.4.
7e91adb9a9ee325db99241f1b63825bee21c97d9b41b272172e2f7674cc58e74This is a metasploit exploit for Jira Scriptrunner version 2.0.7. This Jira plugin does not use the built in Jira protections (websudo or CSRF tokens) to protect the page from CSRF. This page is supposed to be used by admins to automate tasks, it will accept java code and by default in a windows environment Jira will be run as system.
f7e10861901a1d9665e685842d12a026c5ffc0c56dbc38b827eb7b239eef52e1It has been identified that OpenVAS Manager is vulnerable to command injection due to insufficient validation of user supplied data when processing OMP requests. It has been identified that this vulnerability may allow arbitrary code to be executed with the privileges of the OpenVAS Manager on vulnerable systems.
29cfb654d65c6206e5eb00b77e4c9af21b10e0084e0c061d804308cd9283a39fRSA Data Protection Manager is susceptible to vulnerabilities that could potentially be exploited by malicious users to compromise affected systems. These include a cross site scripting vulnerability and improper restriction of authentication attempts for OS lever user accounts.
3cb801677b567bb3d98b09a0716b18ba0be64f9acfcb404b730a7960ec1a21ddVarious Huawei products use DES without any salt to encrypt passwords. Included vulnerable are the Huawei Quidway series and Huawei CX600.
586945a98792e4b79e4cdf79efe5861cf28ea94190070c0a2759e3c7de8f3a24The WordPress UK Cookie third party plugin suffers from a cross site scripting vulnerability.
ac711c6e6c7ff2e01916df2bf23311f242efc228bcf33098b6a7937f76371bdcZoner Photo Studio version 15 b3 suffers from buffer overflow vulnerabilities.
2d2230f52cc78f81ca3bad5c99f86007608092614b3c55703b7685cafde3e071Eventy CMS version 1.8 Plus suffers from cross site scripting and remote SQL injection vulnerabilities.
a18069220cbe2fe4e9042b337f874f8ed51318a81673978302fcab0dff038764WordPress WP E-Commerce third party plugin version 3.8.9 suffers from cross site scripting and multiple remote SQL injection vulnerabilities.
0d217823abae38bc48512f5c07fbec5a29e015e3bfddc654f8069b7e4310d5e4Red Hat Security Advisory 2012-1459-01 - nspluginwrapper is a utility which allows 32-bit plug-ins to run in a 64-bit browser environment. It includes the plug-in viewer and a tool for managing plug-in installations and updates. It was not possible for plug-ins wrapped by nspluginwrapper to discover whether the browser was running in Private Browsing mode. This flaw could lead to plug-ins wrapped by nspluginwrapper using normal mode while they were expected to run in Private Browsing mode.
c749175bf3ddcfe2a107887e44db5e0dd9a11dd904419bc49b06d3c766f8c308Red Hat Security Advisory 2012-1445-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the RHSA-2010:0178 update did not correctly fix the CVE-2009-4307 issue, a divide-by-zero flaw in the ext4 file system code. A local, unprivileged user with the ability to mount an ext4 file system could use this flaw to cause a denial of service. This update also fixes several bugs.
3c254f1449cdb66cbbceca5dbbc00aca97fc1eb8da9edf6e8a13d83f29570d7fGMA aka Good Mobile Access, part of the Good For Enterprise application, failed to validate server authenticity in versions prior to 2.0.2.
437e815284a5837eb0e26f1d859c302fe999bb741e9a78b22782fe918ba09bc1This bulletin summary lists two re-released Microsoft security bulletins for November, 2012.
ce4eceb68a40c33e6911b6971229b68eab8cdfe696e974ee663eb1cdc8e8fc19IrfanView version 4.33 suffers from a RLE image decompression buffer overflow vulnerability. Proof of concept included.
c7280f0bbcb5f8e1f959afbe12d0a3869c8de4db879212848a1273b635432924This bulletin summary lists 6 released Microsoft security bulletins for November, 2012.
d9291695e893a4a162b64b68337cff2c3c7a2887cb68d8d4416621fcc4e09466Dotclear, InstantCMS, AionWeb, and Dolphin all include a version of swfupload.swf that suffers from a cross site scripting vulnerability.
a2a158397ae79c78e46a0c4935d002352662c55b69f1181ce13b4acd1f39d885IrfanView version 4.33 suffers from a TIF image decompression buffer overflow vulnerability. Proof of concept included.
72b8882cb0faee2b7373d6e6e4b71c5ed206922b7475df22542144a2d004de0dSecunia Security Advisory - A vulnerability has been reported in gatling, which can be exploited by malicious people to disclose certain sensitive information.
b8aedb8887ce2c45cda089fc597a4fd98bc57221cf0409db7d05aa9a2384678bSecunia Security Advisory - A vulnerability has been reported in the Carousel Slideshow plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
d1e732e0527192f76f521f3e99257edb21a5196c4241cfd6f1870fcd4e8bcf2dSecunia Security Advisory - A vulnerability has been reported in UnrealIRCd, which can be exploited by malicious people to cause a DoS (Denial of Service).
890548698f89cbe72cdefa71176d1d1a73c637617d456ffbb076720c52d027f3Secunia Security Advisory - Ubuntu has issued an update for libproxy. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
ee30a92a6efcc00980a8322ef1970dfedcc1a221865e45fa83fe82edbf8cf976Secunia Security Advisory - A vulnerability has been discovered in the Wysija Newsletters plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
a00947c71bac49b805ceb490fd61528ddb873c88cd484f81b026b03d2af84a25Secunia Security Advisory - Citrix has acknowledged some vulnerabilities in XenServer, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).
6859462d6cf522c514e3f3d3f2a590a9830f73ebc7d6b0a0437f0528e3344443Secunia Security Advisory - Vulnerability Lab has reported multiple vulnerabilities in Eventy, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
d265de6defe402b2ef052fee47b05f917c79c18a347326465b13736aa9aa68acSecunia Security Advisory - Ubuntu has issued an update for libav. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to compromise an application using the library.
af296bbb3bed1831a89ca287261aa40a2196ab4a0a6acbed96db223f82214afc
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed