Red Hat Security Advisory 2024-6501-03 - New Red Hat build of Keycloak 22.0.12 packages are available from the Customer Portal. This is a security update with Moderate impact rating. Issues addressed include a bypass vulnerability.
7c20ef0e4508b339e4f572c98b8ae892e21dbb1baef9fb0cafea8e7322d6173eRed Hat Security Advisory 2024-6500-03 - New images are available for Red Hat build of Keycloak 22.0.12 and Red Hat build of Keycloak 22.0.12 Operator, running on OpenShift Container Platform. This is a security update with Moderate impact rating. Issues addressed include a bypass vulnerability.
3d0f74993836983ce5e05180cb4aab02b685e8df8c104d6efcc4efff4200d794Red Hat Security Advisory 2024-6499-03 - A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Issues addressed include a bypass vulnerability.
6e72327137f256313005f38a55bfcc67c52f3c20354f53aab956dd4c4b484e14Red Hat Security Advisory 2024-6497-03 - A new image is available for Red Hat Single Sign-On 7.6.10, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. This is a security update with Moderate impact rating. Issues addressed include a bypass vulnerability.
48a1fc7c4b98e9e44039fc4fb594f3995d0a9a16ddcfb272b4b042e07833d5eeRed Hat Security Advisory 2024-6495-03 - New Red Hat Single Sign-On 7.6.10 packages are now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
1122d48eeaf1bf744d6d15b3db19522faf3a4a58f0502e1fd2e230a60d24cba1Red Hat Security Advisory 2024-6494-03 - New Red Hat Single Sign-On 7.6.10 packages are now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.
c3d1b0b0dc8416e12ecef51a0ef896fdf2c0ef2d3b2555d6cb6d40e9c2102806Red Hat Security Advisory 2024-6493-03 - New Red Hat Single Sign-On 7.6.10 packages are now available for Red Hat Enterprise Linux 7. Issues addressed include a bypass vulnerability.
369f7584f39bf3facbaa74446ee5a874dc7b59cb182b2d14736546262ed729dfOnline Student Grading System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6572f3f9bad83df66bb8f42e5fa49921e0511eab96c98361242df9209e7eb2d1Park Ticketing Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
1273e992f54e38d81032650942cf05f0d1f6d8b4728541c4e226b2c694587317Online Survey System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
0660b2849a4e1a0328a3532eed3666413e8e50508288962d63eca364d91fe25cOnline Shopping Portal Project version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
2aaf65cb555486e2820ada0ce32bf28469f0c31b148f9f82386b338d41703ea5Tourism Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
db170b3ac31a17248bfa19e67220ae00449f12c6e02e1fc5d27c5fcdf490b79aSupply Chain Management version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e470a8736045692eb5cfaa7bc4e77aaa4cc7c9beb8b335abd16a1b89d107b75eStudent Record System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
65197edb9fa8815555185ffcfdef263bccbd753949a90ec711337f13c2e0c060This Metasploit module exploits a password bypass vulnerability in MySQL in order to extract the usernames and encrypted password hashes from a MySQL server. These hashes are stored as loot for later cracking. Impacts MySQL versions: - 5.1.x before 5.1.63 - 5.5.x before 5.5.24 - 5.6.x before 5.6.6 And MariaDB versions: - 5.1.x before 5.1.62 - 5.2.x before 5.2.12 - 5.3.x before 5.3.6 - 5.5.x before 5.5.23.
e4032569995bd5ac99233c3cc5b3dcf8b3228b921415fd0e18c7acd6d8b4667eThis Metasploit module takes advantage of an authentication bypass vulnerability at the web interface of multiple manufacturers DVR systems, which allows to retrieve the device configuration.
92970fe8576d8a26914e34ab8819055f169c2028d4106ed9aa7fe40e0c3de86bThis Metasploit module exploits an authentication bypass vulnerability in Telerik Report Server versions 10.0.24.305 and prior which allows an unauthenticated attacker to create a new account with administrative privileges. The vulnerability leverages the initial setup page which is still accessible once the setup process has completed. If either USERNAME or PASSWORD are not specified, then a random value will be selected. The module will fail if the specified USERNAME already exists.
dd5ebb936dffa162f01557508e65908c7d346e81b5aa548e7f6a390c3e136ffeThis Metasploit module exploits an authentication bypass vulnerability in HP SiteScope which allows to retrieve the HP SiteScope configuration, including administrative credentials. It is accomplished by calling the getSiteScopeConfiguration operation available through the APISiteScopeImpl AXIS service. The HP SiteScope Configuration is retrieved as file containing Java serialization data. This Metasploit module has been tested successfully on HP SiteScope 11.20 over Windows 2003 SP2 and Linux Centos 6.3.
49a6293f49b3d88908408822f05f60de61f16258c0921f50adecb84a90811493This Metasploit module exploits an authentication bypass vulnerability in HP SiteScope to retrieve an arbitrary text file from the remote server. It is accomplished by calling the loadFileContent operation available through the APIMonitorImpl AXIS service. This Metasploit module has been successfully tested on HP SiteScope 11.20 over Windows 2003 SP2 and Linux Centos 6.3.
70fba2e746b60b36e7ed3d2efbabee053f81db339cfb2580347bd710629b238dThis Metasploit module exploits an authentication bypass vulnerability in Meteocontrol WEBLog appliances (software version < May 2016 release) to extract Administrator password for the device management portal.
d93c088abc0e3aba59a5a03a43b8b57830fee0e8f25c25fecb18e0546ee066f7This Metasploit module exploits an authentication bypass vulnerability in HP SiteScope to retrieve an arbitrary file from the remote server. It is accomplished by calling the getFileInternal operation available through the APISiteScopeImpl AXIS service. This Metasploit module has been successfully tested on HP SiteScope 11.20 over Windows 2003 SP2 and Linux Centos 6.3.
ac2a6c8b7ee1032f4592faca207812805ca78af0323e9f167ee599f82c2b95f3This Metasploit module exploits an authentication bypass vulnerability in SAP NetWeaver CTC service. The service is vulnerable to verb tampering allowing for unauthorised OS user management. Information about resolution should be available at SAP notes 1589525 and 1624450 (authentication required).
93f676088b4bc7377e1f0804692d7f6fbe7d6fe554f223e42bf5907a14bb549dThis Metasploit module identifies IPMI 2.0-compatible systems that are vulnerable to an authentication bypass vulnerability through the use of cipher zero.
26e9ad81107fc09e95e82be07f34c04f0ca67ba5b75765817108fcc2774346dfThis Metasploit module exploits an authentication bypass vulnerability in DIR 645 < v1.03. With this vulnerability you are able to extract the password for the remote management.
7fe8b8b74336f5dc7dd1fec74d9b8ce3315a1065aebd43f4c022aa9e9817bb7bThis Metasploit module exploits an authentication bypass vulnerability in different Netgear devices. It allows you to extract the password for the remote management interface.
6ec21b301158f8e8563ec1fe1e9c6b675e162a88cdc41ce6a56f70fa586ab250
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed