This Metasploit module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote command execution is possible via unauthenticated XML requests to the Staging Service SyncServer.asmx interface ProcessSynchronizationTaskData method stagingTaskData parameter. XML input is passed to an insecure .NET deserialize call which allows for remote command execution.
5b68d0d542ef6100308fe77d235af8615fef5ce550885eedaeb120ad41bc9f6fExtreme Networks Aerohive HiveOS versions 11.x and below remote denial of service exploit. An unauthenticated malicious user can trigger a denial of service (DoS) attack when sending specific application layer packets towards the Aerohive NetConfig UI. This proof of concept exploit renders the application unusable for 305 seconds or 5 minutes with a single HTTP request using the action.php5 script calling the CliWindow function thru the _page parameter, denying access to the web server hive user interface.
8ddfc7196e610532ee20cf9cd009d476418c5d349fbfba8a6e940d7c98a09333Red Hat Security Advisory 2020-2040-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include buffer overflow and code execution vulnerabilities.
f5d0d691bcd4e3bccb003c0144cfd40493f2cf3e92af0df28263bb2aff8a7309Ubuntu Security Notice 4330-2 - USN-4330-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash. Various other issues were also addressed.
a94b47521185bd9a249d259818fed582a247ce53361013c29f4bc1a4c82b6901Online Clothing Store version 1.0 suffers from a persistent cross site scripting vulnerability.
b48bfc8a784e9064e05f86019e3eca5cbf565fd47d42fa319ba0f75a214ca0fcOnline Clothing Store version 1.0 suffers from a remote SQL injection vulnerability.
71c130f1afc22fdeac627410ca983e966789b24223b426686c3b350eee16d945Red Hat Security Advisory 2020-2041-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include buffer overflow and code execution vulnerabilities.
5c589ca7b830ef3a7aecec9c71350ca36d1edcdb36e7f0e9b935ab81d6d68486Red Hat Security Advisory 2020-2038-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include buffer overflow and code execution vulnerabilities.
3f722a63836106511507bb2d5972bba7eca0bcb1d0cde645a9d6478f10d6e6a8webTareas version 2.0.p8 suffers from an arbitrary file deletion vulnerability.
53feab1c01610ac9766079cc3e61e4a14571a15e61dcb409c67594187299d4f8Red Hat Security Advisory 2020-2039-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include buffer overflow and code execution vulnerabilities.
d7a0425d736d549b3e44af90f1d7bab92776180a01c6a0329ce825726cb1db6cRed Hat Security Advisory 2020-2036-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
3109046f4e885562c23a6bdcc63b95c7e4fe7902a3d60d53e6b0e7d4e260a8d7YesWiki cercopitheque version 2020.04.18.1 suffers from a remote SQL injection vulnerability.
7f55d22fdee5a2d9fa9d1c21ce50be96851a1da64e897c647d1d71c018e37c9fRed Hat Security Advisory 2020-2037-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
c48f18d6f22cbef7b38bbe2ed6f164d6d2b80c63097fe7a57c2dae4a45d11fa6Pisay Online E-Learning System version 1.0 suffers from remote SQL Injection and code execution vulnerabilities.
015c32b2f3ffc4e91ba637f9293f09e7320caeb03bcd1d7fcba4cb418aa58392Red Hat Security Advisory 2020-2031-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
e9898fb1137983e6852bfc6d00d24ee47a7fd2f0046a9b41f95616ec146fd64aMPC Sharj version 3.11.1 suffers from an arbitrary file download vulnerability.
87d0866e5956beef6718557ea926dc2f43a0325d813064ce510e4f2ce0967e26Red Hat Security Advisory 2020-2032-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
e06f76d12cef7f28dc188c1dfc426fea0d87ab6ae1908545906f24c670663403Red Hat Security Advisory 2020-2033-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
307b5fa07731accf5c3d98536c7ad917d1191f484fe4850d0543733595c049a9Booked Scheduler version 2.7.7 suffers from an authenticated directory traversal vulnerability.
782ac4f090f374ab130b22a73361bfc6b5f75836095d2016f4ad9bec5be2ab85i-doit Open Source CMDB version 1.14.1 suffers from an arbitrary file deletion vulnerability.
b5f0c988cb88f1c69e40aed33a15a7a7ae2da82eda67348d9418f69ef79e4b37GitLab version 12.9.0 suffers from an arbitrary file read vulnerability.
886edf401f7e35b4647cd8d0a4cebece4fd3d286dd2d4f2f8fc58ced4c72a12d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed