ManageEngine Desktop Central, Password Manager Pro, and IT360 suffer from remote blind SQL injection vulnerabilities. Metasploit module included.
3de6153a54568339e66c97e4d4aaed785dc31350ed472c9d9041a12fbd2c4ec2This Metasploit module exploits a PHP code execution vulnerability in HybridAuth versions 2.0.9 to 2.2.2. The install file 'install.php' is not removed after installation allowing unauthenticated users to write PHP code to the application configuration file 'config.php'. Note: This exploit will overwrite the application configuration file rendering the application unusable.
d1dd2c445125a3aa376f980484e9db24bee803b7e9f5542cfd557664181fc723BlazeDVD Pro version 7.0 SEH buffer overflow exploit written in python.
28f2e7fae50adf7f22550261f04d46dcf3240ae06a9b830d634a727ddd95e19eBulletproof FTP Client 2010 SEH buffer overflow exploit written in python.
7a8c67f6731b5fc356c9ed27d17abe620d1f8a25301d9d30352e7e5587ee33c3This Metasploit module takes advantage of the addition of authorized ssh keys in the gitlab-shell functionality of Gitlab. Versions of gitlab-shell prior to 1.7.4 used the ssh key provided directly in a system call resulting in a command injection vulnerability. As this relies on adding an ssh key to an account valid credentials are required to exploit this vulnerability.
65fe10c27fade5931f989520557835098ed4bf35e440ecf8cc61973c2269ee5bThis Metasploit module gains remote code execution on Firefox 15-22 by abusing two separate Javascript-related vulnerabilities to ultimately inject malicious Javascript code into a context running with chrome:// privileges.
723732f5e9f85d7844a5395a8a59e9af072256440c604cfc1138fd3468e2d08dSenkas Kolibri WebServer version 2.0 is vulnerable to remote code execution via an overly long POST request. Sending the exploit will result in a SEH overwrite, which can then be use to redirect execution to a POP POP RET within the application's binary itself, which once executed, will allow the attacker to execute his/her payload located in the HOST field.
e7aca045137e803e2f420610b3f8fd1f46b74e952efdfc1f4fc8d70e6048f942Tenda A5s router suffers from an authentication bypass vulnerability due to improperly trusting cookies.
75354821f95fabdfb5c0ba4d05cdf943735ebbb7e157fc3995bef4b079711abdWebasuyst Shop Script version 5.2.2.30933 suffers from a persistent cross site scripting vulnerability.
fe9935c566e0d27e7573204885e4236ce42e9b3c2b9520e0a668607686df210cRiverBed Stingray Traffic Manager virtual appliance version 9.6 suffers from a cross site scripting vulnerability.
253f0ee81ca7854a5f8db376166f8f7beddb893439dd7d79dde6d83271063bc2LY Website CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
4756b632d0ab3f467a35a95e2d3eaf6b58218fd25ab3f10aae2f252eaf91d43aThis Metasploit module exploits a vulnerability in the 3D Acceleration support for VirtualBox. The vulnerability exists in the remote rendering of OpenGL-based 3D graphics. By sending a sequence of specially crafted of rendering messages, a virtual machine can exploit an out of bounds array access to corrupt memory and escape to the host. This Metasploit module has been tested successfully on Windows 7 SP1 (64 bits) as Host running Virtual Box 4.3.6.
86c260fb68e437881ab16b483c4e49b6bc21fe1b4a46b94f446e6d346cda9ddaVMTurbo Operations Manager 4.6 and prior are vulnerable to unauthenticated OS Command injection in the web interface. Use reverse payloads for the most reliable results. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic payload. Port binding payloads are disregarded due to the restrictive firewall settings. This Metasploit module has been tested successfully on VMTurbo Operations Manager versions 4.5 and 4.6.
0649ca7e973fb4b39c646f1c27813549f1cb5f0d02c263f2d2f7d20f3e123eb4Jamroom version 5.2.6 suffers from a reflective cross site scripting vulnerability.
b6b6afd76f8ae1be1ddfdd8d95e7132cc33c4ecb87d6c5ea141db16a82f97cbfCross site request forgery exploit for Disqus for WordPress versions up to 2.7.5 that adds a stored cross site scripting attack.
b2d8ead094b8e10bb30ef3224c49e7dc5a87455af918e2e1e66ebceff7be1203The Ribose Online Social Collaboration Platform suffers from a cross site request forgery vulnerability.
42ca4b8211a8e1d60d6cf5c5986b30586ab09989c08ef146df496e2f91aa83adSAS Visual Analytics version 6.4M1 suffers from an arbitrary file upload vulnerability.
507991f865b35b634138431740240750f98bf8b5e1638af3aef5f3997c9c16d4BlackBerry Z10 suffers from a storage and access file-exchange authentication bypass vulnerability.
6ad030936de3e1297588702bfb5cc320dc713c579986b035aa88719f4f3bf757A vulnerability within the VBoxGuest driver allows an attacker to inject memory they control into an arbitrary location they define. This can be used by an attacker to overwrite HalDispatchTable+0x4 and execute arbitrary code by subsequently calling NtQueryIntervalProfile on Windows XP SP3 systems. This has been tested with VBoxGuest Additions up to 4.3.10r93012.
ed08fc54fb11f75fb8240f00e12ad3f0eb15c9ef81cff67a88e74e2b8793b557CS-Cart version 4.2.0 suffers from a session hijacking vulnerability due to weakly minted session identifiers.
75b089cb05c7acd3308c73cf9aed379821ea108918fd45c8a1f4b82e65e09695GEL CMS version 4.0 suffers from a remote SQL injection vulnerability that allows for login bypass.
adce38f0b73c10b3b1fe34d367682cfe754530c4e55c16152797c3df8149dc48WordPress CK-And-SyntaxHighLighter plugin suffers from a remote file upload vulnerability. Note that this finding houses site-specific data.
a56aed0703be5e8db85ed29cbd4c7ce15f30b85c42d4cc83cb27dde53df32e8cIBM Sametime Meet Server version 8.5 suffers from a reflective cross site scripting vulnerability.
e4d190702ff79740508c84c53897a8ccfa7a8e5c69de6ea78f5f8bdead6ace27IBM Sametime Meet Server version 8.5 suffers from a password disclosure vulnerability.
fbac5fd69fa0121c9ad2a573faa45822043f96f12caf4e6c772fdbfb73e4f92aIBM Sametime Meet Server version 8.8 suffers from a remote arbitrary file upload vulnerability.
a1948e9b3992363b375614da149aca81e22e4b77935273eb6ed883981ca609b7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed