Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
6e30423d029452c6f0ec2be1241b76f9efe630b10e66439c25475891997decfaCart Engine suffers from an authenticated arbitrary code execution. The vulnerability is caused due to the improper verification of uploaded files in several modules thru several POST parameters. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file that will be stored in '/public/image' directory. Version 3.0.0 is affected.
96827d831045ae34ca4e250341d2bb5d34d2c393b7e1b2c30722378dcbb33018Cart Engine suffers from an authenticated file inclusion vulnerability (LFI) when input passed thru the 'run' parameter to task.php is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks. Version 3.0.0 is affected.
e6438c80cea51cd67f5b475b75797244bde2786c6699715eb2d377adccfcc5ebCart Engine version 3.0.0 suffers from a database backup disclosure vulnerability.
c7cf38ab11e6169d1cc1ba8f453fe47dd8768354389975edf2b1d86f00798b8aKemana contains a flaw that is due to the 'kemana_admin_passwd' cookie storing user password SHA1 hashes. This may allow a remote MitM attacker to more easily gain access to password information. Version 1.5.6 is affected.
a05a7aa326979bff6b52716919249f5f27c6dfe85a75b89136e3a0640f8527f4Kemana Directory suffers from an authenticated arbitrary code execution. The vulnerability is caused due to the improper verification of uploaded files in several modules thru several POST parameters. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file that will be stored in '/public/image' directory. Version 1.5.6 is affected.
0a9db43d181684d4b67300a7a8625d1771c50ac3101d708a1e0875bb7283adffKemana Directory version 1.5.6 suffers from a local file inclusion vulnerability.
8280cb54fa2414d97ddda5ca6dc643d446370afef4e1233e02d3910a6f6a12ceKemana Directory version 1.5.6 suffers from a database backup disclosure vulnerability.
b881b2ca8151d4b9ced7f6b0bad082ecdb8a0d92afb40a6cb9b480ebe7e085d5The CAPTCHA function for Kemana Directory is prone to a security bypass vulnerability that occurs in the CAPTCHA authentication routine. The function 'qvc_init()' in '/includes/function.php' sets a cookie with a SHA1-based hash value in the Response Header which can be replaced by a random SHA1 computed hash value using Cookie Poisoning attack. Successful exploit will allow attackers to bypass the CAPTCHA-based authentication challenge and perform brute-force attacks. Version 1.5.6 is vulnerable.
0bbff6971475a515bf53c4adad31d393da5d381a7dab0bd0af11b3b1eca540c9Haihaisoft HUPlayer version 1.0.48 buffer overflow exploit.
312f190b56156e4a5cc161186004f6f6ab66d996805794fdfcf9a134f23fdba0Haihaisoft Universal Player version 1.5.8 buffer overflow exploit.
1eb1a1c521bb6b91b7db8e8b5979e0d6f55e3c47414fda473f5fffc0a00327afThe Xalan-Java library is a popular XSLT processor from the Apache Software Foundation. The library implements the Java API for XML Processing (JAXP) which supports a secure processing feature for interpretive and XSLCT processors. The intent of this feature is to limit XSLT/XML processing behaviours to "make the XSLT processor behave in a secure fashion". It has been discovered that the secure processing features suffers from several limitations that undermine its purpose. Versions 2.7.0 and above are affected.
2661a94be4bbc4822c2a0c9ff839ec7aafe7ef60fc89113bfb792b62e32262d9OpenCart versions 1.5.6.1 and below suffer from a remote SQL injection vulnerability.
703149d4078abdc95ff0f473bd181a93a4f3386cdce4320a2ca8744e981ee3f6This Metasploit module exploits a missing authorization vulnerability in the "update_roles" action of "users" controller of Katello and Red Hat Satellite (Katello 1.5.0-14 and earlier) by changing the specified account to an administrator account.
e0371216c7f1d8860897ca9e5f3d083fc1371c2aca741321b8cb6ff295f73dbfHP Security Bulletin HPSBMU02967 2 - A potential security vulnerability has been identified with HP Unified Functional Testing Running on Windows. This vulnerability could be remotely exploited to allow execution of arbitrary code. Revision 2 of this advisory.
2f6821a2bbe5c89e9584369176f1507af47b959c73828363027e25e99bb9a72awebman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPLOAD X-TMP-FILE HTTP header.
d20d6eda27bee2e48fd7dddd353b5841c8f19f449a5657951a591227c486e56eInterWorx Web Control Panel version 5.0.13 build 574 suffers from a remote SQL injection vulnerability.
afe204bd4b2997915e002624fe94d4bf76d844faa9571607108500b7840dbc16EDITStuff version 6 suffers from a remote command execution vulnerability.
06f370fb97a0e7da39a9a0cbebd48d7b55eb97d5f9bebf21fd64712e2f49061eRed Hat Security Advisory 2014-0330-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote attacker could use this flaw to perform password guessing attacks on Samba user accounts. Note: this flaw only affected Samba when deployed as a Primary Domain Controller. A flaw was found in the way the pam_winbind module handled configurations that specified a non-existent group as required. An authenticated user could possibly use this flaw to gain access to a service using pam_winbind in its PAM configuration when group restriction was intended for access to the service.
4ccb4fc6b11f92b846e743e89d1a56c9ca11c685ff04515006ad01325ecf4870Red Hat Security Advisory 2014-0328-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the get_rx_bufs() function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc() function. A privileged guest user could use this flaw to crash the host. A flaw was found in the way the Linux kernel processed an authenticated COOKIE_ECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on the system.
89d9790834be4c375db2c9b80b34a6a4d366543a7220b333921532be2e3a6db5Ubuntu Security Notice 2155-1 - Jann Horn discovered that OpenSSH incorrectly handled wildcards in AcceptEnv lines. A remote attacker could use this issue to possibly bypass certain intended environment variable restrictions.
bdab8f1f7c649a8126f6b3e5005887d52b74e90bdcf86a7ec2876e9b2f3169bbiThoughtsHD version 4.19 suffers from cross site scripting, denial of service, and null byte injection file upload vulnerabilities.
b199b6f0f1f8a2eca6898cd60ae8f911d2ac84d212c86fb60f88639298107746WinRAR version 4.20 suffers from a file extension spoofing vulnerability.
82cbbc5f4144a0fc90c9e134c84a23a3de5dbc828d91d37dafd7aa754218b05cWhen authenticated as an administrator on LifeSize UVC 1.2.6, an attacker can abuse the ping diagnostic functionality to achieve remote command execution as the www-data user (or equivalent).
efca4edbd5362527ab761c155c785c794bfe447ad8520c997f75d88b0393b019This Metasploit module exploits a vulnerability found in FreePBX version 2.9, 2.10, and 2.11. It's possible to inject arbitrary PHP functions and commands in the "/admin/config.php" parameters "function" and "args".
1c02024d4a3f7042c08772f0fe212d3e817f272a686805a55db99a37717d3b29
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed