85 matches found
UBUNTU-CVE-2018-10245
A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and update parameters...
MHA - Mail Header Analyzer
Mail header analyzer is a tool written in flask for parsing email headers and converting them to a human readable format and it also can: Identify hop delays. Identify the source of the email. Identify hop country. MHA is an alternative for the following: Name | Dev | Issues ---|---|---...
SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration
!/usr/bin/python -- coding: iso-8859-15 -- Title: SMF Simple Machine Forum Filippo Roncari Truel Lab http://lab.truel.it Requirements: SMF = 2.0.10 PHP = 5.6.11 / 5.5.27 / 5.4.43 Advisories: TL-2015-PHP04 http://lab.truel.it/d/advisories/TL-2015-PHP04.txt TL-2015-PHP06...
DEBIAN-CVE-2013-4394
The SetX11Keyboard function in systemd, when PolicyKit Local Authority PKLA is used to change the group permissions on the X Keyboard Extension XKB layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors...
MySQL (Linux) - Database Privilege Escalation
MySQL Linux - Database Privilege Escalation use DBI; $|=1; =for comment MySQL privilege elevation Exploit This exploit adds a new admin user. By Kingcope Tested on Debian Lenny mysql-5.0.51a OpenSuSE 11.4 5.1.53-log How it works: This exploit makes use of several things: The attacker is in...