This Metasploit module exploits an anonymous remote code execution vulnerability on different D-Link devices. The vulnerability is an stack based buffer overflow in the my_cgi.cgi component, when handling specially crafted POST HTTP requests addresses to the /common/info.cgi handler. This Metasploit module has been successfully tested on D-Link DSP-W215 in an emulated environment.
43736a283718e26edea62c6eac8d7fee90f2153854e5ba828b05e5d93aada113This Metasploit module exploits an anonymous remote code execution vulnerability on different D-Link devices. The vulnerability is due to an stack based buffer overflow while handling malicious HTTP POST requests addressed to the HNAP handler. This Metasploit module has been successfully tested on D-Link DIR-505 in an emulated environment.
d5c1234114f0d3f1eea91c96527721cb48a9b2b6cddece427779fb9fdccd3e20Different D-Link Routers are vulnerable to OS command injection via UPnP Multicast requests. This Metasploit module has been tested on DIR-300 and DIR-645 devices. Zacharia Cutlip has initially reported the DIR-815 vulnerable. Probably there are other devices also affected.
fa69b72b39331733dc17d58a1b790184d23e6c23fa2a9e676f656d47d0fcd96fFoeCMS version 1.6.6 suffers from a remote SQL injection vulnerability.
7ee629cd6d58c6489b5b1ddf00e563510af28766ba079ea1ab9001ca41154f64Yahoo! Mail suffered from a cross site scripting vulnerability via the file attachment upload functionality.
8945f1f89b8ce25eda6550fcc02dc3e0f251dd0d613214792dc3867ab3a2b462Yahoo! Messenger version 11.5.0.228 suffered from a cross site scripting vulnerability.
7e8e628207f2117ebd6547af3d631e69042df4f345a5051befbc9558c8f5786dWordPress Download Manager plugin version 2.6.8 suffers from a remote shell upload vulnerability.
9a523713be98ae6895b4babac67e3d128a5811593a45e46b4784da404b6813a7Dell Sonicwall Scrutinizer version 11.01 is vulnerable to an authenticated SQL injection that allows an attacker to write arbitrary files to the file system. This vulnerability can be used to write a PHP script to the file system to gain remote command execution. Metasploit module included. Dell contacted Packet Storm on 07/14/2014 to let us know that release 11.5.2 has been made available to address this issue.
e6844166557a62dfe434032eb24092085e6956f068dc06377704ee9ecd4283d7InvGate Service Desk version 4.2.36 suffers from multiple remote SQL injection vulnerabilities.
294e286dd4ab6ecdb1b5049d5d2988629872d53ef390926a21c84a0185be41d0WordPress Compfight plugin version 1.4 suffers from a cross site scripting vulnerability.
beafaa2e67f7765896dc28554a9e6d292343e13ae7656ce221cc8240511f2703WeBid version 1.1.1 suffers from cross site scripting and LDAP injection vulnerabilities.
8d105c182ef624aebd5f05c368cb97564d70f4933625cfef2c42cd9f068f3d2eC99 shells suffers from an authentication bypass vulnerability due to a simple backdoor.
554dae55ff26f69f50b253292782ae555b3c7c278d639da9e686c98d4a5ea194EUnet CMS suffers from a remote SQL injection vulnerability that allows for login bypass. Note that this finding houses site-specific data.
186aea02fc4baf240db6509ce6ab04fd1d7238a29e09b0e6d836923977c85196Infoblox versions 6.4.x.x through 6.8.4.x use a default login of root with password root on their MySQL instances.
d383d4ade0b04e7431af9bbe3388dbc6546b8c5a03477f78aff28280ae6b7640Infoblox versions 6.4.x.x through 6.8.4.x suffer from a remote OS command injection vulnerability.
5afdff9adb497f007948d12021a5b835ae2f1ec8ba755ff8e3c774f2cc1f626cOctavoCMS suffers from a cross site scripting vulnerability.
40555240910c0e6eb98ffb5572b318904d8558ae1acf088cd26a84512b9a1f17WordPress BSK PDF Manager version 1.3.2 suffers from an authenticated remote SQL injection vulnerability.
c761eef9227d0e716aecd1bd67acf55c50ba1a4c0eebf2dfc1daf0b54a977e97Dolibarr CMS version 3.5.3 suffers from cross site scripting and remote SQL injection vulnerabilities.
40fff482ae1852b3eb422ccca24b3d40df55a5ff8764cde2d5de7e97d4ac32f5PerfectView CRM suffers from a persistent cross site scripting vulnerability.
d168873c098fdb2847808789ef1b5103ddcefa2201d257ea109eb9e220f8ca6exClassified version 1.2 suffers from login bypass, cross site scripting, and remote SQL injection vulnerabilities.
7815507ab3380ded49f2a0d6ea254e7077cd4fe438b0190d59f47c8a1e26af29This Metasploit module exploits an stack based buffer overflow on Yokogawa CS3000. The vulnerability exists in the service BKFSim_vhfd.exe when using malicious user-controlled data to create logs using functions like vsprintf and memcpy in a insecure way. This Metasploit module has been tested successfully on Yokogawa Centum CS3000 R3.08.50 over Windows XP SP3.
db93fbf33e9788d81fe33dcce19468109935bbe2f51ee46720d0e3980569bb49Photo Org WonderApplications version 8.3 suffers from a local file inclusion vulnerability.
3f47df8c41dd897769a58d64e4c0cf55a5ef8585a8d2114d2582e8dbebb518feLime Survey version 2.05+ Build 140618 suffers from cross site scripting and remote SQL injection vulnerabilities.
28da032c6555df3973c4da790e8ab241d1408608242238f8c81cc27c1b57bd84The Yahoo! Flickr API suffered from a cross site scripting vulnerability.
0a82633363f77300f20ae19f62cd3f4f98f06a8fc9e22d76720d61fa71d3f3f1Netgear WNR1000v3 suffers from a password recovery credential disclosure vulnerability.
fd3330fd142b3b449f6632005ba44c89faaee27e562f16b553e16bed506c7e7b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed