WordPress Bonkersbeat theme version 1.0, Method theme version 1.8, and Awake theme version 3.2 suffer from an arbitrary file download vulnerability.
377a2155b0b3a216d8785b603e4c0e98fe506d4f486ab4cbaece2ea45ce60a06BENIGNCERTAIN is a remote exploit to extract Cisco VPN private keys. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. The tool references Cisco PIX versions 5.2(9) to 6.3(4), which were released in 2004.
f1cc0ef523db5ceca559ff6245e673e90a6309eaeaf13d63e575e3e9b70a5ea8This Metasploit module exploits a remote code execution in the web panel of Phoenix Exploit Kit via the geoip.php. The Phoenix Exploit Kit is a popular commercial crimeware tool that probes the browser of the visitor for the presence of outdated and insecure versions of browser plugins like Java, and Adobe Flash and Reader which then silently installs malware.
aad984f8708901b83c5d2147e19d13750c153fefe31400973769c9a1fcdedf8cJaws CMS version 1.1.1 suffers from a cross site request forgery vulnerability.
4c7cb7244f6adffe5ed1f13324e54993002a2ec03435b20c3011a615f7c706b9phpCollab CMS version 2.5 suffers from a cross site request forgery vulnerability.
8f9e3cce787d1818859b78c4a1a0f36e22a4f9771670aa92f3509e1deec787c5AVS Audio Converter version 8.2.1 suffers from a buffer overflow vulnerability.
7afcffa21ea4851d253f1a3293dc20489b947ede25b757fba0c6ccc047eef575ISPconfig version 3.0.5.4 p6 suffers from a cross site scripting vulnerability. It also leaks exception information.
9b4e17f23d24a8657ca32e66aeb0806fdf89bf27015fdfef444397eb7a0a7850ObiHai ObiPhone 1032/1062 with firmware less than 5-0-0-3497 suffers from buffer overflow, cross site scripting, cross site request forgery, command injection, denial of service, and various other vulnerabilities.
c01c956473f4e72a247182e6bcb22fe0af02e5eb1aefac7e5b88a3868d051233Newtec Satellite Modem version MDM6000 2.2.5 suffers from a cross site scripting vulnerability.
66bc91a91c3296445a0ce9b51f0b9593e0c5ff0d247b6788f617a033992cf9beSakai version 10.7 suffers from cross site scripting and local file inclusion vulnerabilities.
8cb08ef574e8508f30e00deef1ab74e79262f9ff08d0758749576594bd1523edWordPress version 4.5.3 suffers from a path traversal vulnerability in the core ajax handlers.
78a9e8298d6dbe41d508c8f450f6b57d41e9ba8bdefa0dd06867e661676810caThis exploit demonstrates an authentication bypass on multiple MESSOA IP cameras that can change the admin username and password.
68666b30d1b6dddf00299fd74cd0dc2022915959fe608e0c0d8ec6d47b0aad91Vanderbilt IP-Camera versions CCPW3025-IR and CVMW3025-IR suffer from a remote credential disclosure vulnerability.
8768c389705867bfdae855f0a77fb9311338ceaed42f658f408ad91c5f29ad63JVC IP-Camera version VN-T216VPRU suffers from a remote credential disclosure vulnerability.
c0d860339fe71a02d203cce656f6cc5c8f1279fdea6c4f598f0d62e666604633C2S types IRDOME-II-C2S, IRBOX-II-C2S, and DVR suffer from remote credential disclosure and authentication bypass vulnerabilities.
e73e89f000fcdea1c330da9b5c60fde2f83706e600950d25d0e7c67d5a83009dtcPBX suffers from a remote file disclosure vulnerability.
bb4bbff19dfe898efeea66662739f83a07b1fec11a4de51e1520dbbc6f187bf4Karenderia Multiple Restaurant System version 3.2 suffers from a cross site scripting vulnerability.
8a15d46fc106a549f3f10eacafa0bdb6250a56230d7b8d16bd9fb3582cc3784cZYCOO IP phone system suffers from a remote command execution vulnerability.
fe4566ca116a6959a9c74396d2775c6aef5c966959905b694638e5886241a34cIpNetCam A107WIRF-HNH-03 IP-Camera release 0.376.223 suffers from an authentication bypass vulnerability that allows for configuration download.
569faf01e457880f5ce0f17f33d1abec6b4ddf53121a98601078eb108549c8f7The MESSOA NIC990 IP-Camera suffers from an authentication bypass vulnerability that allows for configuration download.
6175efe337e7dab435edcf61a9bcdaac2005dc4276481888317753c46b51c2bcThe TOSHIBA IK-WP41A IP-Camera suffers from an authentication bypass vulnerability that allows for configuration download.
fd80acc5f1b082bdf356d302c9d57f936f99040d777be1a941c3a23cc9f09764ownCloud's desktop client versions up to 2.2.2 suffer from a local privilege escalation vulnerability.
b2623943c1aa93651044b4c1a58687459e6c32e5ec23cc3c6403bce318ee3b99Multiple SIEMENS IP Cameras suffers from an authentication bypass vulnerability that allow for configuration download.
9ecd39104a21b7de939796b1096f82dd87b0d0b7e80942994a8a96a80ca2053cQNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.
cb5c2ee3db6c55c22f86862e5b72bd113f7ae769e329bc847caa576516a573f1QNAP QTS versions 4.2.0 Build 20160311 and Build 20160601 suffer from a persistent cross site scripting vulnerability.
27689d9fdae27206f86fb67c52b512a57abc9dffe9f0f4d19e8aa363d3efdb19
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed