The Accellion Secure File Transfer SFTP Satellite ships with SSH tunneling enabled. An authorized SFTP user can connect to the SFTP satellite and leverage the SSH tunneling functionality to attack localhost bound ports that are not intended to be exposed externally. By leveraging trust assumptions in the running Rsync daemon, sensitive files including the MySQL root password are retrievable. This password can be used when connecting to the MySQL database, also running on localhost, and the password hashes of all users configured on the server can be retrieved. Accellion released a software update to version FTA_9_8_70 on the 4th of December 2013 which disables SSH tunneling and prevents this issue being exploited.
68bc250d8823491080a18930f81edf603898e7a112a41ce582d30e72238a43bbSplunk version 6.1.1 suffers from a cross site scripting vulnerability.
7a31ef4fcee869912b77477df42034cdbbb008b74b988e45e6ecd10d53c1f5ccreg.ebay.com suffered from a cross site scripting vulnerability.
2bce10c659480dadfc71d35f3d359939f8c6abe9c02b2c900470d1756ad5480cCore FTP Server version 1.2 build 535 32-bit crash proof of concept exploit.
718dbfa32e780909200eb23f74090ac03f5b7d3cf73928a385d99d0e67a07917The News module in PHP-Nuke version 8.3 suffers from a remote SQL injection vulnerability.
a3dcb3ff99610710137c524c5160bb879d6fde1d17ff511a654c9f5276aa57e5D-Link DIR-652, DIR-835, DIR-855L, DGL-500, and DHP-1565 suffer from clear text storage of passwords, cross site scripting, and sensitive information disclosure vulnerabilities.
a7668e84297d67c97f777a5d017f21ef288453a895bebdf304e432fe59637710This is a Metasploit modules that leverages an authenticated arbitrary file upload vulnerability in Dotclear versions 2.6.2 and below.
fa7134cec4517d630b5ea12c4242fbfc9bfb06e0df1b252b0e24e5fa245675a6WordPress Conversion Ninja plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
0bfb7dbc417cfd5c7380ab708fe11a4521d81a62380978265ae01c7fb6d10f8cWordPress bib2html plugin version 0.9.3 suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
a4eadb29a9ee0fe5cc72b51220221339d9488e699962c0abddc7b56cc660e24fCoSoSys Endpoint Protector 4 suffers from remote SQL injection, unauthenticated access, information disclosure, and backdoor vulnerabilities.
ee59c852aa9ec9b54cfb17cac2c30abf6fbb5c230308e6bbdca47b9cb0f61f3eDotclear versions 2.6.2 and below suffer from a remote SQL injection vulnerability.
2067441f7e53b38ccded93a55914eb552ab0546ea50c16e0ae0faf9cda833960Dotclear versions 2.6.2 and below suffer from a remote shell upload vulnerability.
31ef78e04a371a4e90bcaf14ef4a3350c0869ac317a39cdbeb7a37d65897f61eDotclear versions 2.6.2 and below suffer from an XML-RPC interface authentication bypass vulnerability.
0ba9c89e27c9ba118a254a769b3bfb910bbbcfd3ba96f87cd6f39126a26f52b7This is a brief write up that discusses NULL page mitigations on Windows 8 and includes a piece of proof of concept code.
a7d45dd13990e785f7ee6bbec647ae6693fc0348799ef70a34911098b0fb2da6Binatone DT 850W wireless router suffers from multiple cross site request forgery vulnerabilities.
8d9c3eeed475845a253f821c47a2ce2c767601f741f279d533f68fce54e765dcEasy Address Book Web Server version 1.6 suffers from a stack buffer overflow vulnerability.
eb3749421af48dd72ae5531d12a661999239e19e1c8b9971b9aeb7d94178bfa8Easy File Management Web Server version 5.3 suffers from a stack buffer overflow vulnerability.
01960135cf899303cf1fae8be238f11e79604d56f7f20d97c009897fa7e524b9Web Terra version 1.1 suffers from a remote command execution vulnerability in books.cgi. Note that this finding houses site-specific data.
2eea2813384c03daef38cb12e58fd3f3705c6955ae3cf743c539dca6cd3c4575WordPress Booking System (Booking Calendar) plugin versions prior to 1.3 suffer from a remote SQL injection vulnerability.
560cfabaaf99cea066648aa76f26ae607e277548fb3dcb5c30e5c6a8952a701fWordPress Simple Popup plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
8e827ce27070a9e0bfe5c5c3687047b5aa71caeccf9f16b658eb69634b193ce5BSS Continuity CMS version 4.2.22640.0 suffers from a remote blind SQL injection vulnerability.
43feb3cbd99eaefa88765c3c9103eabad8285af84513ee137eec680d6360a86eBSS Continuity CMS version 4.2.22640.0 suffers from a remote code execution vulnerability via an unauthenticated file upload.
f64096d831fab8b5daddf9da0cef7ef566ab842ef369e375cbf0cbd1cc51fd22BSS Continuity CMS version4.2.22640.0 suffers from a direct access bypass vulnerability.
e3ab30109477b8b881798256ebec26615cccca5ae9a61b5ba335a7b9e3e124c4DIR-605L suffers from password disclosure and authentication bypass vulnerabilities.
34ebc0a7494b884a027be858fbef805a053014d262af42c2fac420268583749fArtikel CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
29b2e71cf0e6d4b0890cf06eccdc9b57dff712a333e877aaf3ad3f221e394afe
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed