WordPress Anti-Malware Security And Brute-Force Firewall 4.18.63 Local File Inclusion

Exploit Title: Wordpress Anti-Malware Security and Bruteforce Firewall - Local File Inclusion Google Dork: N/A Date: 03 / 26 / 2019 Exploit Author: Ali S. Ahmad S4R1N Vendor Homepage: N/A Software Link: https://wordpress.org/plugins/gotmls/ Version: Version 4.18.63 Tested on: Debian GNU/Linux 9...

WordPress Loco Translate 2.2.1 Local File Inclusion

Exploit Title: Wordpress Loco Translate Version 2.2.1 Plugin LFI Google Dork: N/A Date: 03 / 26 / 2019 Exploit Author: Ali S. Ahmad S4R1N Vendor Homepage: https://localise.biz/ Software Link: https://wordpress.org/plugins/loco-translate/ Version: Version 2.2.1 Tested on: Debian GNU/Linux 9 Docker...

WordPress Plugin Loco Translate 2.2.1 - Local File Inclusion

WordPress Plugin Loco Translate 2.2.1 - Local File Inclusion Exploit Title: Wordpress Loco Translate Version 2.2.1 Plugin LFI Google Dork: N/A Date: 03 / 26 / 2019 Exploit Author: Ali S. Ahmad S4R1N Vendor Homepage: https://localise.biz/ Software Link: https://wordpress.org/plugins/loco-translate...

CentOS 7 : cockpit (CESA-2019:0482)

An update for cockpit is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Moderate: Red Hat Security Advisory: cockpit security update

An update for cockpit is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Oracle Linux 7 : cockpit (ELSA-2019-0482)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0482 advisory. 173.2-1.0.1 - turn off display of subscriptions menu item in GUI - Drop subscription-manager requirement since we do not ship it [email protected] - Remove...

Reload.sh - Reinstall, Restore And Wipe Your System Via SSH, Without Rebooting

Reinstall, restore and wipe your system from the level and in the place of the running GNU/Linux distribution without cd-rom, flash and other. Via SSH, without rebooting. How it works? Set your archive with system backup to restore: build="/mnt/system-backup.tgz" Set path to temporary system...

Smoothwall Express 3.1-SP4 - Cross-Site Scripting Vulnerability

Exploit for cgi platform in category web applications Exploit Title: Smoothwall Express 3.1-SP4-polar-x8664-update9 | Cross-Site Scripting Date: 06.02.2019 Exploit Author: Ozer Goker Vendor Homepage: http://www.smoothwall.org Software Link:...

Smoothwall Express 3.1-SP4-polar-x86_64-update9 Cross Site Scripting

Exploit Title: Smoothwall Express 3.1-SP4-polar-x8664-update9 | Cross-Site Scripting Date: 06.02.2019 Exploit Author: Ozer Goker Vendor Homepage: http://www.smoothwall.org Software Link: https://sourceforge.net/projects/smoothwall/files/SmoothWall/3.1%20SP4/Express-3.1-SP4-x8664.iso/download...

MySQL User-Defined (Linux) (x86) - 'sys_exec' Local Privilege Escalation

Exploit Title: MySQL User-Defined Linux x32 / x8664 sysexec function local privilege escalation exploit Date: 24/01/2019 Exploit Author: d7x Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on: Debian GNU/Linux 8.11 / mysql Ver 14.14 Distrib 5.5.60...

Linux/x86 exit(0) Shellcode (5 bytes)

/ Exit.asm Author: Daniele Votta Description: Exit with no nulls. Tested on: i686 GNU/Linux Shellcode Length: 5 / include include / Disassembly of section .text: 00000000 : 0: 31 c0 xor eax,eax 2: 40 inc eax 3: cd 80 int 0x80 ======================= POC Daniele Votta ======================= /...

MySQL User-Defined (Linux) (x32x86_64) - sys_exec Local Privilege Escalation

MySQL User-Defined Linux x32x8664 - sysexec Local Privilege Escalation Exploit Title: MySQL User-Defined Linux x32 / x8664 sysexec function local privilege escalation exploit Date: 24/01/2019 Exploit Author: d7x Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL...

MySQL User-Defined (Linux) x32 / x86_64 - sys_exec Function Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits Exploit Title: MySQL User-Defined Linux x32 / x8664 sysexec function local privilege escalation exploit Date: 24/01/2019 Exploit Author: d7x Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on:...

Denial Of Service (DoS)

openipmi is vulnerable to denial of service DoS attacks. The vulnerability exists as ipmievd aka the IPMI event daemon in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux RHEL 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid...

Parrot Security 4.4 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

Parrot 4.4 is now available for download. This release provides security and stability updates and is the starting point for the plan to develop an LTS edition of Parrot. Parrot 4.4 Development Goals The Parrot 4.4 development process involved the ideas of many people in the community, and the go...

CAINE 10.0 - GNU/Linux Live Distribution For Digital Forensics Project, Windows Side Forensics And Incident Response

CAINE Computer Aided INvestigative Environment is an Italian GNU/Linux live distribution created as a Digital Forensics project. Currently, the project manager is Nanni Bassetti Bari - Italy. CAINE offers a complete forensic environment that is organized to integrate existing software tools as...

lighttpd < 1.4.28 Insecure Temporary File Creation

According to its banner, the version of lighttpd running on the remote host is prior to 1.4.28. Therefore, it may be, affected by the following vulnerability : - The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a...

Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes

/ Linux/x86 - execve/bin/cat /etc/ssh/sshdconfig Shellcode 44 Bytes Author: Goutham Madhwaraj Tested on: i686 GNU/Linux Shellcode Length: 44 ShoutOut - BarrierSec gcc -fno-stack-protector -z execstack loader-bind.c -o Disassembly of section .text: 08048080 : 8048080: 31 c0 xor eax,eax 8048082: 50...

FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials

FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-14 Vendor: FLIR Systems, Inc Product web page: https://www.flir.com Affected version: Firmware: 1.32.16,...

FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure

FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Auhor: Gjoko 'LiquidWorm' Krstic Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected version: Firmware: 1.32.16, 1.17.13 O...