Chamilo LMS 1.11.8 Shell Upload Exploit

Exploit for php platform in category web applications PHP Test FILE UPLOAD'; $tgtdir = "uploads/"; $tgtfile = $tgtdir.basename$FILES'fileToUpload''name'; echo "TARGET FILE= ".$tgtfile; //$filename = $FILES'fileToUpload''name'; echo "FILE NAME FROM VARIABLE:- ".$FILES"fileToUpload""name...

Chamillo LMS 1.11.8 - Arbitrary File Upload

Exploit Title: Chamillo LMS 1.11.8 - Arbitrary File Upload Google Dork: "powered by chamilo" Date: 2018-10-05 Exploit Author: Sohel Yousef jellyfish security team Software Link: https://chamilo.org/en/download/ Version: Chamilo 1.11.8 or lower to 1.8 Category: webapps 1. Description Any registere...

CVE-2019-3689

The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If...

CVE-2019-10665

LibreNMS (through 1.50.x) contains input handling weaknesses in its graphing scripts (includes/html/graphs/common.inc.php and includes/html/graphs/graphs.inc.php or html/graph.php) that allow injecting RRDtool syntax via newline characters. This occurs because several user-supplied fields are not...

FreeBSD : mozilla -- multiple vulnerabilities (05463e0a-abd3-4fa4-bd5f-cd5ed132d4c6)

Mozilla Foundation reports : CVE-2019-11751: Malicious code execution through command line parameters CVE-2019-11746: Use-after-free while manipulating video CVE-2019-11744: XSS by breaking out of title and textarea elements using innerHTML CVE-2019-11742: Same-origin policy violation with SVG...

Security fix for the ALT Linux 10 package firefox-esr version 68.1.0-alt1

Sept. 4, 2019 Andrey Cherepanov 68.1.0-alt1 - New ESR version 68.1.0. - Fixed: + CVE-2019-11751 Malicious code execution through command line parameters + CVE-2019-11746 Use-after-free while manipulating video + CVE-2019-11744 XSS by breaking out of title and textarea elements using innerHTML +...

CVE-2019-11396

An issue was discovered in Avira Free Security Suite 10. The permissive access rights on the SoftwareUpdater folder files / folders and configuration are incompatible with the privileged file manipulation performed by the product. Files can be created that can be used by an unprivileged user to...

CVE-2019-11246

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is...

CVE-2019-15027

The MediaTek Embedded Multimedia Card eMMC subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clearemmcnomediaentry in platform/mt6577/external/meta/emmc/metaclremmc.c...

CVE-2019-1952

CVE-2019-1952 concerns a path traversal vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS). The issue arises from improper input validation of CLI command arguments, allowing an authenticated, local attacker with valid administrator credentials to use directory trave...

Cisco Enterprise NFV Infrastructure Software Cross-Site Scripting Vulnerability

Cisco Enterprise NFV Infrastructure Software is a lightweight virtualization platform that integrates complete VM lifecycle management, monitoring, device programmability, and service chaining in one installable package. A cross-site scripting vulnerability exists in the Web portal framework of...

CVE-2019-10185

It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break o...

Hackers Can Manipulate Media Files You Receive Via WhatsApp and Telegram

If you think that the media files you receive on your end-to-end encrypted secure messaging apps can not be tampered with, you need to think again. Security researchers at Symantec yesterday demonstrated multiple interesting attack scenarios against WhatsApp and Telegram Android apps, which could...

CVE-2019-10930

A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules All versions , DIGSI 5 engineering software All versions V7.90, SIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87,...

CVE-2019-10930

A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules All versions , DIGSI 5 engineering software All versions V7.90, SIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87,...

XML External Entity (XXE)

apache syncope is vulnerable to XML external entity attacks XXE. An attacker is able to read and write arbitrary files and execute arbitrary code using malicious DTDs in the workflow definition entitlements...

The vulnerability of the FTP server of the IDAL user interface design tool, PB610 Panel Builder 600 (SAP500900R0101), allows a perpetrator to gain unauthorized access to protected information and compromise its integrity.

The vulnerability of the FTP server of the IDAL user interface design tool, PB610 Panel Builder 600 SAP500900R0101, exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to...

Microsoft Windows Multiple Vulnerabilities (KB4503292)

This host is missing a critical security update according to Microsoft KB4503292 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

CVE-2019-11328

An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system e.g. ssh could exploit this vulnerability due to insecure permissions allowing a user to edit files within /run/singularity/instances/sing//. The manipulation of those files ca...

EulerOS Virtualization 3.0.1.0 : ruby (EulerOS-SA-2019-1428)

According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to...