Home | Latest News | Popular News | Our Network | About | Contact
Latest Exploits | www.SecurityPhresh.com
Latest Exploits
Showing 'Latest Exploits' from 11 to 20
Drupal RESTful Web Services Unserialize() Remote Code Execution
6th Mar 2019 [16 days ago] from PacketStormSecurity
This Metasploit module exploits a PHP unserialize() vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT,...
Linux Virtual Address 0 Mappable Via Privilege Write()
6th Mar 2019 [16 days ago] from PacketStormSecurity
It was discovered that virtual address 0 is mappable via privileged write() to /proc/*/mem on Linux.
Android Getpidcon() ACL Bypass
6th Mar 2019 [16 days ago] from PacketStormSecurity
getpidcon() usage in hardware binder servicemanager on Android permits ACL bypass.
Android Binder Use-After-Free
6th Mar 2019 [16 days ago] from PacketStormSecurity
Android suffer from a binder use-after-free via a racy initialization of ->allow_user_free.
Splunk Enterprise 7.2.4 Remote Code Execution
4th Mar 2019 [18 days ago] from PacketStormSecurity
Splunk Enterprise version 7.2.4 custom application remote code execution exploit using a persistent backdoor with a custom binary payload.
Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 Remote Code Execution
4th Mar 2019 [18 days ago] from PacketStormSecurity
Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 remote code execution proof of concept exploit.
Booked Scheduler 2.7.5 Remote Command Execution
4th Mar 2019 [18 days ago] from PacketStormSecurity
This Metasploit module exploits a file upload vulnerability Booked 2.7.5. In the "Look and Feel" section of the management panel, you can modify the Logo-Favico-CSS files. Upload sections has file extension control except favicon part....
ElFinder 2.1.47 Command Injection
4th Mar 2019 [18 days ago] from PacketStormSecurity
elFinder versions 2.1.47 and below suffer from a command injection vulnerability in the PHP connector.
Fiberhome AN5506-04-F RP2669 Cross Site Scripting
4th Mar 2019 [18 days ago] from PacketStormSecurity
Fiberhome AN5506-04-F RP2669 suffers from a persistent cross site scripting vulnerability.
MarcomCentral FusionPro VDP Creator Directory Traversal
4th Mar 2019 [18 days ago] from PacketStormSecurity
MarcomCentral FusionPro VDP Creator versions prior to 10.0 suffer from a directory traversal vulnerability.
« Newer 1 2 3 4 5 6 7 8 9 10 Older »