This Metasploit module exploits a vulnerability found in GroundWork 6.7.0. This software is used for network, application and cloud monitoring. The vulnerability exists in the monarch_scan.cgi, where user controlled input is used in the perl qx function, which allows any remote authenticated attacker, whatever his privileges are, to inject system commands and gain arbitrary code execution. The module has been tested successfully on GroundWork 6.7.0-br287-gw1571 as distributed within the Ubuntu 10.04 based VM appliance.
4f033af844cdd623331a0bd422e02eb8ac32fdbef2908dd0e003506fe068e0b1Cisco Linksys WRT310N version 2.0.00 suffers from a remote denial of service vulnerability.
96c706f91c3a5f744fbbc0b57a7b74560a10053170e63931f5e7a21c6402b759Hornbill Supportworks ITSM version 1.0.0 suffers from a remote SQL injection vulnerability.
2eeb3aa7245d5145d3ec988798da4951d75aef73c27a476bcea507ba736fbb89D-Link DIR-615 and DIR-300 suffer from cross site request forgery, OS command injection, lack of cryptographic storage, header injection, and cross site scripting vulnerabilities.
d92d1912f11dbbae5692e74866d76e755ce2c196d6f9a7fa689ae37251fd787eSMF version 2.0.4 suffers from a remote PHP code injection vulnerability.
fb1fdb9f88f7a10a68b514edae1cd6ba816517347156676b1a236c8ed23c784bThis Metasploit module abuses Java Reflection to generate a Type Confusion, due to a weak access control when setting final fields on static classes, and run code outside of the Java Sandbox. The vulnerability affects Java version 7u17 and earlier. This exploit doesn't bypass click-to-play, so the user must accept the java warning in order to run the malicious applet.
bb2929226a8a08e2945d6536acc0a7c67d0777ced5120b0ffa098ac076125760Janissaries Joomla Civicrm component exploitation tool that uploads a shell.
a0d2608dc143c3c9606df7b7c625c70c510de3c71f8eee4f0a1e2f23601c835avBilling for FreeSWITCH suffers from multiple remote SQL injection vulnerabilities.
994b7109cb3e6f3b6c77edff6f1e8d54a0117e5090c812694dab17f3c64c0b94Voipnow versions prior to 2.4 suffer from a local file inclusion vulnerability.
5f8b1e30f3b26f1cabfeb8f86d5e39caef2af77ca0acaaf3655a8471c3848751jPlayer versions prior to 2.2.23 suffers from cross site scripting and content spoofing vulnerabilities.
f94ef8fdaa3dc74661bbc1b8766b3b3b4a20d05453c794dd0c73d914c5ee1c5eWordPress Colormix theme suffers from cross site scripting, path disclosure, and content spoofing vulnerabilities.
1a6d8b2caf5b79f12115a437ecd623f9858b32df35626257b4cff71c1392af40Some Netgear Routers are vulnerable to an authenticated OS command injection on their web interface. Default credentials for the web interface are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. A ping command against a controlled system could be used for testing purposes. This Metasploit module overwrites parts of the PPOE configuration, while the module tries to restore it after exploitation configuration backup is recommended.
91dc01de9600bf71b1bfb0fa39d3c499055961c38a5e9d02115d91d6d11e4a4dMinaliC Webserver version 2.0.0 buffer overflow exploit that binds a shell to port 4444. Works on Windows Server 2003 SP3 only.
0f734001f936a5b891c34b75bd2c451e9c1b32b8939d772c3c1bc8137fb7edafTienda Online CMS suffers from a cross site scripting vulnerability. The vendor has been notified of this issue. Note that this advisory has site-specific information.
93c112b74801b7c8122b5ecd4a34425111ec9659a7a46158160325e36fe93bcdFoxit Reader versions 5.4.3.x through 5.4.5.0124 suffer from a PDF XREF parsing denial of service vulnerability.
19bacc90bb3d86146efc71f544560d5d5e3e59ead41717335c428f05caf1d821KIK Messenger stores its password in cleartext in a plist file.
0579b4c687a6995f97f2d6c82bbc27bbe71cdfdc50cd2900d2923969eb5e3642Crafty Syntax Live Help versions 2.x and 3.x suffer from path disclosure and remote file inclusion vulnerabilities.
9b378157ba94b5a10193ab6a2ec5d79ce9881775be424528a0b05b1ceec52d09TP-LINK TL-WR741N / TL-WR741ND suffers from multiple remote denial of service device freezing conditions.
632658f3b24d25123b080a924d247c4f29a9d2dbca90b5a0d69e54046c595d73nginx version 0.6.x suffers from an arbitrary code execution vulnerability due to a nullbyte injection issue.
80b271bc4dd413adecf25945a99a831e3725d128f9974c5542da05bc9ff3daf3This Metasploit module allows execution of operating system commands through the SAP ConfigServlet without any authentication.
bd22164e93c481f2adee97758ca447db0d47658f7a4544609432a32799d8b8d3Cisco ASA versions 8.4(2), 8.4(5), and 9.1(1) suffer from a group name enumeration vulnerability in their IKE implementation.
7a3a1b289b63638a076af1a5703754d8bf858f40ec5baec07c9f385998b4caadFork CMS suffers from a local file inclusion vulnerability.
dc9c3676bed4b6dd47b65dcd79362c247ada9470a4af9cb6c2e29524e8645942Fork CMS suffers from a cross site request forgery vulnerability.
b1f5869ab5f633d45b74847ab258441ea7cf30e564f771344d4b1c00f8ba8c27Fork CMS suffers from a stored cross site scripting vulnerability.
8c5fae34f52db9b2663429d8f941353d9efee87ca897544f51278843d7e9d2b8SWFUpload suffers from cross site scripting, cross site request forgery, and object injection vulnerabilities.
88f9aac6098d0e3258845fe60905a4307536ba1d86078b4b59c2122b60d3ea28
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed