This archive contains all of the 140 exploits added to Packet Storm in July, 2020.
bc41a2bdfd55e0b3f722bba319f94065165fbaf06fad15311618e804c224576ciOS suffers from a Page Protection Layer (PPL) bypass due to incorrect argument verification in pmap_protect_options_internal() and pmap_remove_options_internal().
32cee1a372a12e5942e506e272fddc32f9ae961ee5184a1f29319a3e36fa6521This Metasploit module exploits a race and use-after-free vulnerability in the FreeBSD kernel IPv6 socket handling. A missing synchronization lock in the IPV6_2292PKTOPTIONS option handling in setsockopt permits racing ip6_setpktopt access to a freed ip6_pktopts struct. This exploit overwrites the ip6po_pktinfo pointer of a ip6_pktopts struct in freed memory to achieve arbitrary kernel read/write.
00b0e1e6a5651af403765318e00556b0c8953f9ef2bbda38acb929b269045b6aA remotely exploitable vulnerability exists within SharePoint that can be leveraged by a remote authenticated attacker to execute code within the context of the SharePoint application service. The privileges in this execution context are determined by the account that is specified when SharePoint is installed and configured. The vulnerability is related to a failure to validate the source of XML input data, leading to an unsafe deserialization operation that can be triggered from a page that initializes either the ContactLinksSuggestionsMicroView type or a derivative of it. In a default configuration, a Domain User account is sufficient to access SharePoint and exploit this vulnerability.
34f2633fdb04b0ab14dd5a0aedaf3e5d3b9e387d4d8619fbdd31dabb809602b6This Metasploit module exploits a buffer overflow within the CA Unified Infrastructure Management nimcontroller. The vulnerability occurs in the robot (controller) component when sending a specially crafted directory_list probe. Technically speaking the target host must also be vulnerable to CVE-2020-8010 in order to reach the directory_list probe.
e8a39681b3226039c089f38664d93db9e42e085ada3d1e0f014237aa468bd3c9Online Shopping Alphaware version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
c9c9c9485eca29f72f51a446d9758fd84d888d3463396be08d55e65155981fcaOnline Bike Rental version 1.0 suffers from a remote shell upload vulnerability.
9d65a298b050a5b43708ca479a4d023a523e9e32c643aa86a173c413bd9ae026Daily Tracker System version 1.0 suffers from a cross site scripting vulnerability.
37211990b92e06b8e30d593c2ad3ba20a97371dcc1889e35595564725e17ecfeDaily Tracker System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
a8be4ff2a62d77c301deb8c022913ab021be0ba97c5458a6e843f74c9b13d029Namirial SIGNificant SignAnyWhere versions 6.10.60.25434 and 6.10.100.25817 suffer from a persistent cross site scripting vulnerability.
f1f328b29dff74e4d952fa4373e9d20661bd0e05eaba6a1b6734c53afefab851This Metasploit module exploits a arbitrary file upload vulnerability within the Baldr stealer malware control panel. Attackers can turn this vulnerability into remote code execution by adding malicious PHP code inside the victim logs ZIP file and registering a new bot to the panel by uploading the ZIP file under the logs directory. On versions 3.0 and 3.1 victim logs are ciphered by a random 4 byte XOR key. This exploit module retrieves the IP specific XOR key from panel gate and registers a new victim to the panel with adding the selected payload inside the victim logs.
eead6190f3debc909c6e03fa4150c29da6936794b738a1702f89596b906fc97fWordPress Maintenance Mode by SeedProd plugin version 5.1.1 suffers from a persistent cross site scripting vulnerability.
ff87ceae26dd08e823ae8410b57da1b1ea9f383506b8de5ebf0a1cd8ff0346f7Cisco Adaptive Security Appliance Software version 9.7 unauthenticated arbitrary file deletion exploit.
9bff9df7bc31ade0ee6b87d153b448191f71eeb26ef4d1d4589e805582f16722Adaptive Security Appliance Software version 9.11 local file inclusion exploit.
247cefda8529660c011d201a2b76720f081ad633e4d40f0c6ed55ebcb57f6f36This Python script checks whether the target server is vulnerable to CVE-2020-3452, a vulnerability in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) products that can allow for remote file disclosure.
f3d076dbbf728c5d5918c4039d0eaa629b5d9f90b1358b60f76542b5b020352cSocket.io-file versions 2.0.31 and below suffer from an arbitrary file upload vulnerability.
711ef348c9b7a811fcc015a0073c09cabd304fdb53657ca775b0e1598313780epfSense version 2.4.4-p3 suffers from a cross site request forgery vulnerability.
fc6d23f0b394e0b5d17c407613ef674c7136745576f242d1f0be3d36a0d6a9ebVirtual Airlines Manager version 2.6.2 suffers from a persistent cross site scripting vulnerability.
9f872ad5a6c09d808452faea6191e3f7b16e14d2e4b1d00aa1a017f89ec9b3e2Ruby On Rails version 5.0.1 remote code execution exploit.
683d5a9b1afa700a03c9691bb24a66690a1d3638f1a51a479caba5d775183ddedocPrint Pro version 8.0 Add URL SEH buffer overflow exploit with egghunter.
dd4e98dd5e747ae94567317968876aab24b660fd50456fe60182d6b1a637bca2eGroupWare version 1.14 suffers from a remote command execution vulnerability.
a381aecc119f269641e3b708ad05a450e09f92376931526387ffd0babdd9647dSickbeard version 0.1 suffers from a cross site request forgery vulnerability.
fb7ff74399dd41af73da61c6057aeca55faa383d2d9ac10051deeb6851a8d976F5 Big-IP versions 13.1.3 Build 0.0.6 and below suffer from a local file inclusion vulnerability.
7b768dd9baf48ed6e7c7a355d7f0e0b923399ef39d904559aa23fe9980660222Bio Star version 2.8.2 suffers from a local file inclusion vulnerability.
fe896d6e3b635c920392b7283d867dd70da7d6cfb284bd7a40ee17e1ea5a9dcbKoken CMS version 0.22.24 suffers from a remote shell upload vulnerability.
2bc1af86e727dc1909fd277bb132f260edf7a54579fa53e50a566db82cc59cbb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed