Debian Linux Security Advisory 5748-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5748-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffAugust 14, 2024                       https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : ffmpegCVE ID         : CVE-2024-7055 CVE-2024-7272Several vulnerabilities have been discovered in the FFmpeg multimediaframework, which could result in denial of service or potentially theexecution of arbitrary code if malformed files/streams are processed.For the stable distribution (bookworm), these problems have been fixed inversion 7:5.1.6-0+deb12u1.We recommend that you upgrade your ffmpeg packages.For the detailed security status of ffmpeg please refer toits security tracker page at:https://security-tracker.debian.org/tracker/ffmpegFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAma8jqUACgkQEMKTtsN8Tjbh/A//RtTyTph1BfyvmrPoF2knaWzlgQVvLE4mFBHBAdFQb13WHzQmFWlxZYY6vAzxeBvje+jdpFGkQQS3yoQ/3OwOX9GeWQF8WpVDzQijBg7D4DMn1NK0s84Wya2xL67VGaaBb32TXdIlbExfrQMjFYZo+CGxamVBe49CzkxfiRoBDbDTItqY3dSpfv3cTpJZYBq/hj7HPaOkdOb6xUkAOrDkDyEWdvsHiZy6tt+jpL4jtOD3UZffi9TmYgfbbzS+zhBY54kOeLa2eoLr7d3BiK9j3V0Ee5fmICnk6h4hnUwZnlGCHLQLcgN3YTJp7YfRJ6OvYgZBwIUlZmQjM6tMT5EljXMZERfRGtATQ2fJws3KHFL5ZK/Tp/vsAJxPKkHiaWxQkQw//AUdT77m7ER13758LrFVI2Bm3HqEhrWwUUHvFa5tvk380zoWz8NR7hIMjfAGJ6v024dBFAiLVrLOcwZP4K/NxtAr6lUysNQlaVSWknUO65HNBx64KWowNCEleMbiW7VHSAeoKl5cQAe/Vr6CN0rwbEH5TCJUPbzN1xb9lBftMQOR4z1igW3pPCGdW9yZDDNY/cFEtSNI0++qFsg1JIkEr+dcP4H2yxNaEmcrf+N/paP/mD0ltaMsfuHxJa94Wg4q4/RfPhqRiQbgG6LwUHu1W93m8ddv52Qmv9ElgsA==3v1M-----END PGP SIGNATURE-----

Debian Security Advisory 5748-1

Kortex version 1.0 suffers from an insecure direct object reference vulnerability.

**Kortex 1.0 Insecure Direct Object Reference**

Posted Aug 14, 2024

Authored by indoushka

Kortex version 1.0 suffers from an insecure direct object reference vulnerability.

tags | exploit

SHA-256 | b5387d8bfce8e3033d7413641e3e9b7894ff5bafea17fd748b642abf24fa1ae8

Download | Favorite | View

**Kortex 1.0 Insecure Direct Object Reference**

    ====================================================================================================================================| # Title     : Kortex v1.0 IDOR Vulnerability                                                                                     || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.mayurik.com/source-code/P5339/best-free-law-office-management-software                                 |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Direct Object Reference : suffers from an insecure direct object reference that allows users to access the administrative interface.[+] use payload : /control/data-table.php[+] https://www/ahmedshawki2110.freewebhostmost.com/control/data-table.phpGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,399)
*   Arbitrary (16,878)
*   BBS (2,859)
*   Bypass (1,863)
*   CGI (1,033)
*   Code Execution (7,813)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,396)
*   DoS (25,082)
*   Encryption (2,389)
*   Exploit (53,197)
*   File Inclusion (4,262)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (915)
*   Java (3,144)
*   JavaScript (896)
*   Kernel (7,220)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,725)
*   Python (1,641)
*   Remote (31,657)
*   Root (3,636)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,027)
*   Shell (3,275)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,277)
*   SQL Injection (16,610)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (669)
*   Vulnerability (32,987)
*   Web (9,965)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,254)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,099)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,756)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,521)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,747)
*   UNIX (9,436)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Kortex 1.0 Insecure Direct Object Reference

Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild.
Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is also in addition to 36 vulnerabilities that the tech giant resolved in its Edge browser since last month.
The Patch Tuesday

Windows Security / Vulnerability

Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild.

Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is also in addition to 36 vulnerabilities that the tech giant resolved in its Edge browser since last month.

The Patch Tuesday updates are notable for addressing six actively exploited zero-days -

*   **CVE-2024-38189** (CVSS score: 8.8) - Microsoft Project Remote Code Execution Vulnerability
*   **CVE-2024-38178** (CVSS score: 7.5) - Windows Scripting Engine Memory Corruption Vulnerability
*   **CVE-2024-38193** (CVSS score: 7.8) - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
*   **CVE-2024-38106** (CVSS score: 7.0) - Windows Kernel Elevation of Privilege Vulnerability
*   **CVE-2024-38107** (CVSS score: 7.8) - Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
*   **CVE-2024-38213** (CVSS score: 6.5) - Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2024-38213, which allows attackers to bypass SmartScreen protections, requires an attacker to send the user a malicious file and convince them to open it. Credited with discovering and reporting the flaw is Trend Micro's Peter Girnus, suggesting that it could be a bypass for CVE-2024-21412 or CVE-2023-36025, which were previously exploited by DarkGate malware operators.

The development has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add the flaws to its Known Exploited Vulnerabilities (KEV) catalog, which obligates federal agencies to apply the fixes by September 3, 2024.

Four of the below CVEs are listed as publicly known -

*   **CVE-2024-38200** (CVSS score: 7.5) - Microsoft Office Spoofing Vulnerability
*   **CVE-2024-38199** (CVSS score: 9.8) - Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
*   **CVE-2024-21302** (CVSS score: 6.7) - Windows Secure Kernel Mode Elevation of Privilege Vulnerability
*   **CVE-2024-38202** (CVSS score: 7.3) - Windows Update Stack Elevation of Privilege Vulnerability

"An attacker could leverage this vulnerability by enticing a victim to access a specially crafted file, likely via a phishing email," Scott Caveza, staff research engineer at Tenable, said about CVE-2024-38200.

"Successful exploitation of the vulnerability could result in the victim exposing New Technology Lan Manager (NTLM) hashes to a remote attacker. NTLM hashes could be abused in NTLM relay or pass-the-hash attacks to further an attacker's foothold into an organization."

The update also addresses a privilege escalation flaw in the Print Spooler component (CVE-2024-38198, CVSS score: 7.8), which allows an attacker to gain SYSTEM privileges. "Successful exploitation of this vulnerability requires an attacker to win a race condition," Microsoft said.

That said, Microsoft has yet to release updates for CVE-2024-38202 and CVE-2024-21302, which could be abused to stage downgrade attacks against the Windows update architecture and replace current versions of the operating system files with older versions.

The disclosure follows a report from Fortra about a denial-of-service (DoS) flaw in the Common Log File System (CLFS) driver (CVE-2024-6768, CVSS score: 6.8) that could cause a system crash, resulting in Blue Screen of Death (BSoD).

When reached for comment, a Microsoft spokesperson told The Hacker News that the issue "does not meet the bar for immediate servicing under our severity classification guidelines and we will consider it for a future product update."

"The technique described requires an attacker to have already gained code execution capabilities on the target machine and it does not grant elevated permissions. We encourage customers to practice good computing habits online, including exercising caution when running programs that are not recognized by the user," the spokesperson added.

**Software Patches from Other Vendors**

In addition to Microsoft, security updates have also been released by other vendors over the past few weeks to rectify several vulnerabilities, including —

*   Adobe
*   AMD
*   Apple
*   Arm
*   Bosch
*   Broadcom (including VMware)
*   Cisco
*   Citrix
*   D-Link
*   Dell
*   Drupal
*   F5
*   Fortinet
*   GitLab
*   Google Android
*   Google Chrome
*   Google Cloud
*   Google Wear OS
*   HMS Networks
*   HP
*   HP Enterprise (including Aruba Networks)
*   IBM
*   Intel
*   Ivanti
*   Jenkins
*   Juniper Networks
*   Lenovo
*   Linux distributions Amazon Linux, Debian, Oracle Linux, Red Hat, Rocky Linux, SUSE, and Ubuntu
*   MediaTek
*   Mitel
*   MongoDB
*   Mozilla Firefox, Firefox ESR, and Thunderbird
*   NVIDIA
*   Progress Software
*   Qualcomm
*   Rockwell Automation
*   Samsung
*   SAP
*   Schneider Electric
*   Siemens
*   SonicWall
*   Splunk
*   Spring Framework
*   T-Head
*   Trend Micro
*   Zoom, and
*   Zyxel

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Day Exploits

Debian Linux Security Advisory 5743-2 - Multiple cross-site scripting vulnerabilities were discovered in RoundCube webmail.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5743-2                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
August 13, 2024                       https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : roundcube  
CVE ID         : CVE-2024-42008 CVE-2024-42009 CVE-2024-42010

Multiple cross-site scripting vulnerabilities were discovered in  
RoundCube webmail.

For the oldstable distribution (bullseye), these problems have been fixed in  
version 1.4.15+dfsg.1-1+deb11u4.

For the stable distribution (bookworm), these problems have already been  
addressed in DSA-5743-1. The initial fixes introduced a regression in  
print previews, which has now been addressed in 1.6.5+dfsg-1+deb12u4.

We recommend that you upgrade your roundcube packages.

For the detailed security status of roundcube please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/roundcube

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAma7AK0ACgkQEMKTtsN8  
TjaCLhAAj9ooFCqkks/zX1SUM0VpGOKCUwkUiAotKggBJnAOhCAeLJ++YXJeFpTx  
h8Muye2jgC1BjpmA0HsdjtHDUOEWL73n2eG3obHEQG+WytJISfz7LyoFxJPBDZUA  
bKs0+MMg8wA8VJJWZ8PIoYm4DaTjgVkiaCQQxJhRfZw/LNGFYN9Y9yEL2XrncR8I  
fZoug/Iyl4+qC8zr2iYWHFs2TMZXMbYNLFRDY06J5XYFuQ0QPa7KbkN8UvXRNeK4  
DOTrkQKeauJHmWl9gfJ9U8w+TYo8mYwU38NoEm/1x0lhqMk/A9KMyROJPuZmCD+R  
QWMzULFdqLduvp+iMr0MSGeLnvzuX6AXME8K7JnMiELOmXWCVNAlTNFnmKBftUOZ  
mh8MKlNkaGyNO2G9PGIeCNURGwI8NIN0UABZN9h289mn0QM195MuLZN/OZtUBH2s  
FU9VAXg2Lw/WKaVj9gndSAv3aN68YN8efuXeTVnPTQaSdHsnBR0fT0yqZd1BWMFy  
mq6oYxZGXfRgkb6/KwB/oY3dutXxtUj0GKdC7cQIG2oMyEcFN3Q5yG8oPHZHzgwJ  
UYWwA46Jwhy1kRcYmukL+dGtwWsSM7yW6zjV8ifMxJ4zGMJjmMkPSWdKzG/otn7K  
oVu/AMHnfCRY/RmXbg1uyuCmjamDZce1fPlDTuvHW+m0AHGvYqU=  
=Y9uW  
-----END PGP SIGNATURE-----

Debian Security Advisory 5743-2

Debian Linux Security Advisory 5747-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5747-1                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
August 12, 2024                       https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : linux  
CVE ID         : CVE-2022-48666 CVE-2024-36484 CVE-2024-36901 CVE-2024-36938  
                 CVE-2024-39487 CVE-2024-40947 CVE-2024-41007 CVE-2024-41009  
                 CVE-2024-41012 CVE-2024-41015 CVE-2024-41017 CVE-2024-41020  
                 CVE-2024-41022 CVE-2024-41034 CVE-2024-41035 CVE-2024-41040  
                 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41049  
                 CVE-2024-41055 CVE-2024-41059 CVE-2024-41063 CVE-2024-41064  
                 CVE-2024-41065 CVE-2024-41068 CVE-2024-41070 CVE-2024-41072  
                 CVE-2024-41077 CVE-2024-41078 CVE-2024-41081 CVE-2024-41090  
                 CVE-2024-41091 CVE-2024-42101 CVE-2024-42102 CVE-2024-42104  
                 CVE-2024-42105 CVE-2024-42106 CVE-2024-42115 CVE-2024-42119  
                 CVE-2024-42120 CVE-2024-42121 CVE-2024-42124 CVE-2024-42127  
                 CVE-2024-42131 CVE-2024-42137 CVE-2024-42143 CVE-2024-42145  
                 CVE-2024-42148 CVE-2024-42152 CVE-2024-42153 CVE-2024-42154  
                 CVE-2024-42157 CVE-2024-42161 CVE-2024-42223 CVE-2024-42224  
                 CVE-2024-42229 CVE-2024-42232 CVE-2024-42236 CVE-2024-42244  
                 CVE-2024-42247

Several vulnerabilities have been discovered in the Linux kernel that  
may lead to a privilege escalation, denial of service or information  
leaks.

For the oldstable distribution (bullseye), these problems have been  
fixed in version 5.10.223-1.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security  
tracker page at:  
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAma6T9JfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0QQdw/+OGGxmpgZNx20CbIlzd6l7HTabFLT1VJZY/mVVmWOIGkCjOoTuvL4VOFq  
vAs6vPMk7P1x+XMJ8kqzdn9+OO+cKYb6fFC6cFNMigIvTP/5w9V8Llsyn4liI8XB  
u1TmLiLA9tvJ5rfSzWsFWOgpL+swzYJznlL7jcaFIcLemZCQuCwmrB8ZF04F5LOa  
i0PIQwu8Cic1BmCSe6TZy8as6D7hCLPBQvqY+xW5u4/07ncVQ0tOrZn8uxndVM+h  
TSI35otncMsgDNXw1TQYgLyDwIUm79MbIm+P0THXr/HGXO14ehOHxvJ8MG8iXt/Q  
+YM1NlS5tqGPXPI+0dlGdwSx/a4XuPFOUQyxlj2B3xvhUD+rbTCtzamcjY0Qw4l3  
MhtkTjUZdOj9XdLyziAQs+bD0sKzuEu+Nkq2N6kl0Op2tRhge3aI9mwJK8v5CldY  
NiQS665HLwrjW+E4YT3hDl4ugnu66wBNDQMsR5x+gyQI9kK6vsm8xR123ugfPodL  
R4FXaf+DUQ0oVfOWJBcg6S3dmoaAwxUaJOCgHfTaqvatL8YOLvejeW1Vg+xCGGNg  
yKjdKA6bVzZjyTrqCEoSGkhx6MEiojHlwi8W+kLYNPssTkXgZ3p6dG6PPMMAxdwq  
ROJ+FccgiUApJNFmfbvU6x/pwaUzpbXP09a3bIFnNRSo40BxVio=  
=HNP3  
-----END PGP SIGNATURE-----

Debian Security Advisory 5747-1

Gentoo Linux Security Advisory 202408-30 - A vulnerability has been discovered in dpkg, which allows for directory traversal. Versions greater than or equal to 1.20.9-r1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202408-30  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: dpkg: Directory Traversal  
     Date: August 12, 2024  
     Bugs: #847976  
       ID: 202408-30

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
A vulnerability has been discovered in dpkg, which allows for directory  
traversal.

Background  
=========  
Debian package management system.

Affected packages  
================  
Package        Vulnerable    Unaffected  
-------------  ------------  ------------  
app-arch/dpkg  < 1.20.9-r1   >= 1.20.9-r1

Description  
==========  
Please review the CVE indentifier referenced below for details.

Impact  
=====  
Dpkg::Source::Archive in dpkg, the Debian package management system, is  
prone to a directory traversal vulnerability. When extracting untrusted  
source packages in v2 and v3 source package formats that include a  
debian.tar, the in-place extraction can lead to directory traversal  
situations on specially crafted orig.tar and debian.tar tarballs.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All dpkg users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-arch/dpkg-1.20.9-r1"

References  
=========  
[ 1 ] CVE-2022-1664  
      https://nvd.nist.gov/vuln/detail/CVE-2022-1664

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202408-30

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202408-30

Gaati Track version 1.0-2023 suffers from an ignored default credential vulnerability.

**Goati Track 1.0-2023 Insecure Settings**

Posted Aug 12, 2024

Authored by indoushka

Gaati Track version 1.0-2023 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | a66751e0a18c1729e99f89ffd55d400c761bad76139bca2c36b5ffb404b06d8e

Download | Favorite | View

**Goati Track 1.0-2023 Insecure Settings**

    =============================================================================================================================================| # Title     : Gaati track v1.0-2023 Insecure Settings Vulnerability                                                                       || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.mayurik.com/source-code/P0998/best-courier-management-system-project-in-php                                     |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  mayuri@admin.com & pass = admin[+] https://www/127.0.0.1/165.232.176.122/index.php?page=homeGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,349)
*   Arbitrary (16,870)
*   BBS (2,859)
*   Bypass (1,861)
*   CGI (1,033)
*   Code Execution (7,810)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,390)
*   DoS (25,071)
*   Encryption (2,389)
*   Exploit (53,180)
*   File Inclusion (4,262)
*   File Upload (994)
*   Firewall (822)
*   Info Disclosure (2,890)
*   Intrusion Detection (915)
*   Java (3,144)
*   JavaScript (896)
*   Kernel (7,202)
*   Local (14,795)
*   Magazine (586)
*   Overflow (13,169)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,393)
*   Protocol (3,724)
*   Python (1,640)
*   Remote (31,655)
*   Root (3,635)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,027)
*   Shell (3,273)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,276)
*   SQL Injection (16,609)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (669)
*   Vulnerability (32,967)
*   Web (9,963)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,250)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,096)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,707)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,485)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,737)
*   UNIX (9,435)
*   UnixWare (187)
*   Windows (6,672)
*   Other

Goati Track 1.0-2023 Insecure Settings

Farmacia Gama version 1.0 suffers from an insecure direct object reference vulnerability.

**Farmacia Gama 1.0 Insecure Direct Object Reference**

Posted Aug 12, 2024

Authored by indoushka

Farmacia Gama version 1.0 suffers from an insecure direct object reference vulnerability.

tags | exploit

SHA-256 | 03b0ac64f0e5daeb38f4901ddbe680af2e5d9a8749a1b826aadf371e13ec4f05

Download | Favorite | View

**Farmacia Gama 1.0 Insecure Direct Object Reference**

    =============================================================================================================================================| # Title     : Farmacia Gama v1.0 IDOR Vulnerability                                                                                       || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://download-media.code-projects.org/2020/04/Farmacia_IN_PHP_CSS_JavaScript_AND_MYSQL__FREE_DOWNLOAD.zip                |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Direct Object Reference : allows users to access the administrative interface.[+] use payload : /main.php[+] http://127.0.0.1/farmacia-master/main.phpGreetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,349)
*   Arbitrary (16,870)
*   BBS (2,859)
*   Bypass (1,861)
*   CGI (1,033)
*   Code Execution (7,810)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,390)
*   DoS (25,071)
*   Encryption (2,389)
*   Exploit (53,180)
*   File Inclusion (4,262)
*   File Upload (994)
*   Firewall (822)
*   Info Disclosure (2,890)
*   Intrusion Detection (915)
*   Java (3,144)
*   JavaScript (896)
*   Kernel (7,202)
*   Local (14,795)
*   Magazine (586)
*   Overflow (13,169)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,393)
*   Protocol (3,724)
*   Python (1,640)
*   Remote (31,655)
*   Root (3,635)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,027)
*   Shell (3,273)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,276)
*   SQL Injection (16,609)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (669)
*   Vulnerability (32,967)
*   Web (9,963)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,250)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,096)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,707)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,485)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,737)
*   UNIX (9,435)
*   UnixWare (187)
*   Windows (6,672)
*   Other

Farmacia Gama 1.0 Insecure Direct Object Reference

Employee Management System version 1.0 suffers from an ignored default credential vulnerability.

**Employee Management System 1.0 Insecure Settings**

Posted Aug 12, 2024

Authored by indoushka

Employee Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 4c729820d6c74d0d245f5de6b7ade8e4cebaa60f462a3e7bd0e326402db59bf4

Download | Favorite | View

**Employee Management System 1.0 Insecure Settings**

    =============================================================================================================================================| # Title     : Employee Management System v1.0 Insecure Settings Vulnerability                                                             || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/php/16999/employee-management-system.html                                                    |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,349)
*   Arbitrary (16,870)
*   BBS (2,859)
*   Bypass (1,861)
*   CGI (1,033)
*   Code Execution (7,810)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,390)
*   DoS (25,071)
*   Encryption (2,389)
*   Exploit (53,180)
*   File Inclusion (4,262)
*   File Upload (994)
*   Firewall (822)
*   Info Disclosure (2,890)
*   Intrusion Detection (915)
*   Java (3,144)
*   JavaScript (896)
*   Kernel (7,202)
*   Local (14,795)
*   Magazine (586)
*   Overflow (13,169)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,393)
*   Protocol (3,724)
*   Python (1,640)
*   Remote (31,655)
*   Root (3,635)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,027)
*   Shell (3,273)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,276)
*   SQL Injection (16,609)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (669)
*   Vulnerability (32,967)
*   Web (9,963)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,250)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,096)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,707)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,485)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,737)
*   UNIX (9,435)
*   UnixWare (187)
*   Windows (6,672)
*   Other

Employee Management System 1.0 Insecure Settings

Debian Linux Security Advisory 5746-1 - Noah Misch discovered a race condition in the pg_dump tool included in PostgreSQL, which may result in privilege escalation.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5746-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffAugust 09, 2024                       https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : postgresql-13CVE ID         : CVE-2024-7348Noah Misch discovered a race condition in the pg_dump tool included inPostgreSQL, which may result in privilege escalation.For the oldstable distribution (bullseye), this problem has been fixedin version 13.16-0+deb11u1.We recommend that you upgrade your postgresql-13 packages.For the detailed security status of postgresql-13 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/postgresql-13Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAma11EEACgkQEMKTtsN8TjZxwg//bEVYrijo3AoQCcZMdHcgEPvJPYNUvCAsoX9NBiLzSPs0A8zW6OVmo3uCX+vY/YziF6z7CFU0BkFMDUGnbDnmAuMT2ZY7K2kqyUas3EwEsf3WScPDtRbo5V5ScXWUz+uuuAzibJWSZUr/MqjCojb5KwWoVKF5cw6e9glQNMgi0txLi+7xWK0Hkhye39Dm/RE9Brd6tyvSx5mm/sAuPv3H6ZktnIrWOrdZlglsiPURjUsY7ThYBrjbc/lLR3zNEYxHEvFf3MaXbud98wPou8tLl5qMSIZDYuc+IvYVCgCVUeiDUuPng5i23f4da0BoDRvzKk/7+20g3Z7pZm3kJJk+TYifELXEM2SFkLv/2rD4YVuqhMOkmsqYQXgLgvJ+XxkSzgnNBB7cML1F4+hq9zGtHyJgNiiaOfFFoL583WbHl7oRLAg+y0SCnXlCewft4KrIBhEe1zOJIuGQ/WL611/5dGy5tqkvivIoVbvcYZxmoVE5kllZEFjSsmfADfbn+HtA0lOHDwfyuBnvWOqzDgTd2BCdGIaF2+/FtUpqJDmjH6TnujtqDh6MmsbOaF/qw9XuI3jzORNjrLdFoJwya9N79vTYTgCFJEWl3oGygVkTG2RRhsqY6kNgQ6pykcfcw+m0uZFoT6SRNBllFhyrRTdvcm6GB5yXwVJKwERgRVlJWCM=wYjH-----END PGP SIGNATURE-----

Tag

#debian