CVE-2019-9891

The function getoptsimple as described in Advanced Bash Scripting Guide ISBN 978-1435752184 allows privilege escalation and execution of commands when used in a shell script called, for example, via sudo...

new packages: perl-Getopt-Long

An update is available for perl-Getopt-Long. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

CVE-2021-21907

Garrett Metal Detectors iC Module CMA CMA Version 5.0 has a directory traversal vulnerability in the CMA CLI getenv command. An authenticated remote user can supply a key that reads files under /ltrx_user/env/, potentially exposing sensitive data via local file inclusion. The TALOS description no...

PLANEX CS-QP50F-ING2 Remote Configuration Disclosure Vulnerability

PLANEX CS-QP50F-ING2 security surveillance smart camera remote configuration disclosure exploit. !/usr/bin/perl PLANEX CS-QP50F-ING2 Security Surveillance Smart Camera Remote Configuration Disclosure - Mass Exploiter Copyright 2021 c Todor Donev https://donev.eu/ Disclaimer: This or previous...

new module: perl:5.30

An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...

Cgiemail 1.6 - Source Code Disclosure

!/usr/bin/env perl Exploit Title: cgiemail local file inclusion Vendor Homepage: http://web.mit.edu/wwwdev/cgiemail/webmaster.html Software Link: http://web.mit.edu/wwwdev/cgiemail/cgiemail-1.6.tar.gz Version: 1.6 and older Date: 2016-09-27 cgiecho a script included with cgiemail will return any...

JCraft / JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal

Exploit for windows platform in category dos / poc Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725 Version: 0.3 Date: Aug 31st, 2016 Complete Proof of Concept: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725...

Ovidentia Widgets 1.0.61 - Remote Command Execution

Title: Ovidentia Widgets 1.0.61 Remote Command Execution Exploit Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Download:...

About. git/config file leaked use-vulnerability warning-the black bar safety net

The beginning is also from the dark clouds that have such a vulnerability, many do not understand the might see on will feel a little confused, in fact, this vulnerability and svn leakage there is so little similar, can also according to the configuration file to restore the entire project proces...

Subdreamer 2.2.1 - SQL Injection / Command Execution Exploit

No description provided by source. !/usr/bin/perl Subdreamer 2.2.1 command exec exploit @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ supported targets: without forum integration with phpBB2 integration with ipb2 integration with vbulletin2 integration...

LiteWEB Web Server 2.7 Invalid Page Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24628/info LiteWeb webserver is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to crash the affected application, denyi...

CuteNews <= 1.4.1 (categories.mdu) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl cijfer-cnxpl - CuteNews =1.4.1 Remote Command Execution Copyright c 2005 cijfer [email protected] All rights reserved. 1. example cijfer@kalma:/research$ ./cijfer-cnxpl.pl -h www.xxxx.org -d /news [email protected] /$ id;uname -a uid=48apache...

Pars4U Videosharing 1.0 - XSS / Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print VIVA ISLAME VIVA ISLAME \n; print VIVA ISLAME VIVA ISLAME \n; print \n; print Pars4u Videosharing V1 Blind SQL Injection Exploit \n; print \n; print categoriesportal.php catid \n; pri...

PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service Exploit

No description provided by source. !/usr/bin/perl Jeremy Brown [email protected]/jbrownsec.blogspot.com PacketTrap TFTPD DoS latest 2.2.5459.0 tested -- www.packettrap.com Must have Net::TFTP installed easy to install, 'cpan' then 'install Net::TFTP' ; A product of tftpfuzz.pl coming soon use...

vKios <= 2.0.0 (products.php cat) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ vKios = 2.0.0 products.php cat Remote SQL Injection Exploit Waktu : Feb 8 2008 10:00PM Software : vKios Versi : = 2.0.0 Vendor : http://www.vkios.com/...

webSPELL <= 4.01.02 (topic) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV2 print \n \'/ ; print \n -.- ; print \n -------------------oOO------OOo-------------------; print \n | webSPELL = v4.01.02 topic Remote SQL Injection |; print \n | coded by DNX |; print \n...

PHP Easy Downloader <= 1.5 (save.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl +------------------------------------------------------------------------------------------- + PHP Easy Download = 1.5 Remote Code Execution Vulnerability +-------------------------------------------------------------------------------------------...

Novell Iprint LPD Remote Code Execution Vulnerability

No description provided by source. !/usr/bin/perl Source: http://www.protekresearchlab.com/index.php?option=comcontent&view=article&id=21&Itemid=21 use Getopt::Std; use IO::Socket::INET; $SIGINT = \ my $host = '10.102.3.79'; my $port = 515; my $proto = 'tcp'; my $sockType = SOCKSTREAM; my $timeou...

Comparison Engine Power 1.0 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print VIVA ISLAME VIVA ISLAME \n; print VIVA ISLAME VIVA ISLAME \n; print \n; print Comparison Engine Power 1.0 Blind SQL Injection Exploit \n; print \n; print Author: Mr.SQL \n; print EMAI...

Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10446/info Firebird is reported prone to a remote buffer-overrun vulnerability. The issue occurs because the application fails to perform sufficient boundary checks when the database server is handling database names. A...