This Metasploit module exploits an anonymous remote code execution vulnerability on different D-Link devices. The vulnerability is an stack based buffer overflow in the my_cgi.cgi component, when handling specially crafted POST HTTP requests addresses to the /common/info.cgi handler. This Metasploit module has been successfully tested on D-Link DSP-W215 in an emulated environment.
43736a283718e26edea62c6eac8d7fee90f2153854e5ba828b05e5d93aada113
This Metasploit module exploits an anonymous remote code execution vulnerability on different D-Link devices. The vulnerability is due to an stack based buffer overflow while handling malicious HTTP POST requests addressed to the HNAP handler. This Metasploit module has been successfully tested on D-Link DIR-505 in an emulated environment.
d5c1234114f0d3f1eea91c96527721cb48a9b2b6cddece427779fb9fdccd3e20
Different D-Link Routers are vulnerable to OS command injection via UPnP Multicast requests. This Metasploit module has been tested on DIR-300 and DIR-645 devices. Zacharia Cutlip has initially reported the DIR-815 vulnerable. Probably there are other devices also affected.
fa69b72b39331733dc17d58a1b790184d23e6c23fa2a9e676f656d47d0fcd96f
FoeCMS version 1.6.6 suffers from a remote SQL injection vulnerability.
7ee629cd6d58c6489b5b1ddf00e563510af28766ba079ea1ab9001ca41154f64
Yahoo! Mail suffered from a cross site scripting vulnerability via the file attachment upload functionality.
8945f1f89b8ce25eda6550fcc02dc3e0f251dd0d613214792dc3867ab3a2b462
Yahoo! Messenger version 11.5.0.228 suffered from a cross site scripting vulnerability.
7e8e628207f2117ebd6547af3d631e69042df4f345a5051befbc9558c8f5786d
WordPress Download Manager plugin version 2.6.8 suffers from a remote shell upload vulnerability.
9a523713be98ae6895b4babac67e3d128a5811593a45e46b4784da404b6813a7
Dell Sonicwall Scrutinizer version 11.01 is vulnerable to an authenticated SQL injection that allows an attacker to write arbitrary files to the file system. This vulnerability can be used to write a PHP script to the file system to gain remote command execution. Metasploit module included. Dell contacted Packet Storm on 07/14/2014 to let us know that release 11.5.2 has been made available to address this issue.
e6844166557a62dfe434032eb24092085e6956f068dc06377704ee9ecd4283d7
InvGate Service Desk version 4.2.36 suffers from multiple remote SQL injection vulnerabilities.
294e286dd4ab6ecdb1b5049d5d2988629872d53ef390926a21c84a0185be41d0
WordPress Compfight plugin version 1.4 suffers from a cross site scripting vulnerability.
beafaa2e67f7765896dc28554a9e6d292343e13ae7656ce221cc8240511f2703
WeBid version 1.1.1 suffers from cross site scripting and LDAP injection vulnerabilities.
8d105c182ef624aebd5f05c368cb97564d70f4933625cfef2c42cd9f068f3d2e
C99 shells suffers from an authentication bypass vulnerability due to a simple backdoor.
554dae55ff26f69f50b253292782ae555b3c7c278d639da9e686c98d4a5ea194
EUnet CMS suffers from a remote SQL injection vulnerability that allows for login bypass. Note that this finding houses site-specific data.
186aea02fc4baf240db6509ce6ab04fd1d7238a29e09b0e6d836923977c85196
Infoblox versions 6.4.x.x through 6.8.4.x use a default login of root with password root on their MySQL instances.
d383d4ade0b04e7431af9bbe3388dbc6546b8c5a03477f78aff28280ae6b7640
Infoblox versions 6.4.x.x through 6.8.4.x suffer from a remote OS command injection vulnerability.
5afdff9adb497f007948d12021a5b835ae2f1ec8ba755ff8e3c774f2cc1f626c
OctavoCMS suffers from a cross site scripting vulnerability.
40555240910c0e6eb98ffb5572b318904d8558ae1acf088cd26a84512b9a1f17
WordPress BSK PDF Manager version 1.3.2 suffers from an authenticated remote SQL injection vulnerability.
c761eef9227d0e716aecd1bd67acf55c50ba1a4c0eebf2dfc1daf0b54a977e97
Dolibarr CMS version 3.5.3 suffers from cross site scripting and remote SQL injection vulnerabilities.
40fff482ae1852b3eb422ccca24b3d40df55a5ff8764cde2d5de7e97d4ac32f5
PerfectView CRM suffers from a persistent cross site scripting vulnerability.
d168873c098fdb2847808789ef1b5103ddcefa2201d257ea109eb9e220f8ca6e
xClassified version 1.2 suffers from login bypass, cross site scripting, and remote SQL injection vulnerabilities.
7815507ab3380ded49f2a0d6ea254e7077cd4fe438b0190d59f47c8a1e26af29
This Metasploit module exploits an stack based buffer overflow on Yokogawa CS3000. The vulnerability exists in the service BKFSim_vhfd.exe when using malicious user-controlled data to create logs using functions like vsprintf and memcpy in a insecure way. This Metasploit module has been tested successfully on Yokogawa Centum CS3000 R3.08.50 over Windows XP SP3.
db93fbf33e9788d81fe33dcce19468109935bbe2f51ee46720d0e3980569bb49
Photo Org WonderApplications version 8.3 suffers from a local file inclusion vulnerability.
3f47df8c41dd897769a58d64e4c0cf55a5ef8585a8d2114d2582e8dbebb518fe
Lime Survey version 2.05+ Build 140618 suffers from cross site scripting and remote SQL injection vulnerabilities.
28da032c6555df3973c4da790e8ab241d1408608242238f8c81cc27c1b57bd84
The Yahoo! Flickr API suffered from a cross site scripting vulnerability.
0a82633363f77300f20ae19f62cd3f4f98f06a8fc9e22d76720d61fa71d3f3f1
Netgear WNR1000v3 suffers from a password recovery credential disclosure vulnerability.
fd3330fd142b3b449f6632005ba44c89faaee27e562f16b553e16bed506c7e7b