This archive contains all of the 217 exploits added to Packet Storm in June, 2021.
1d30ff4c0e12874de3a80ea317df99bee8d3f02ac5f3c70290da62e3dd119f24A KVM guest on AMD can launch a L2 guest without the Intercept VMRUN control bit by exploiting a TOCTOU vulnerability in nested_svm_vmrun. Executing vmrun from the L2 guest, will then trigger a second call to nested_svm_vmrun and corrupt svm->nested.hsave with data copied out of the L2 vmcb. For kernel versions that include the commit "2fcf4876: KVM: nSVM: implement on demand allocation of the nested state" (>=5.10), the guest can free the MSR permission bit in svm->nested.msrpm, while it's still in use and gain unrestricted access to host MSRs.
d7d8893258c173535d6129f18da5eea5e87415de98e53b981565c55447d30da4Apache Superset version 1.1.0 suffers from a time-based account enumeration vulnerability.
622b9b81f8fae090e9a3828896e2abc72bfaf7176f467e82f5880b1afaf02605Securepoint SSL VPN Client version 2.0.30 suffers from a local privilege escalation vulnerability.
089fd391bbbeb7b8efda804fd0ad063d9c658488180ed9ca54ab3ba8f1db9424Doctors Patients Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
173a1c278f99a012b4fd9bd0e7df68b3ca8c340b947fbdcc8f342ed5a714fd07phpAbook version 0.9i suffers from a remote SQL injection vulnerability.
05bafca0cff01769dc9b05d30199563f910ca5a579100695d11ed079fc36b270ES File Explorer version 4.1.9.7.4 arbitrary file read exploit.
49c30b8691d656d1bb19d03dc76bb300764a671ff450cedd6ccb6933b28818a2This Metasploit module exploits an arbitrary file upload in the WordPress wpDiscuz plugin versions from 7.0.0 through 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable server.
fab2eeb88db6a1f9b11eed6c490a6ca021dd6f8237a47b405d41bd041a36af45Constructor.Win32.Bifrose.asc malware suffers from buffer overflow and heap corruption vulnerabilities.
f9de4beeccabbbacc6f282a0c87fbb59cbf7fb3821fe1d204bf99e19e0bb2667WordPress YOP Polls plugin version 6.2.7 suffers from a persistent cross site scripting vulnerability.
37dfd8abad79e4b69350ef7295da874458a3b9b294f44696d84f80fef21ddd14Personnel Record Management System version 1.0 unauthenticated administrator addition exploit that also adds a stored cross site scripting payload.
c9257cef037dacedb3db4a1a6b67bd2fc2ac61defffc09745ac32d35d356bbcbNetgear WNAP320 version 2.0.3 suffers from an unauthenticated remote code execution vulnerability.
f55265a3529db3a819eee1b0f00df0a280e909fc77f24c6ee5747d5c6d90f7d4Trojan-Dropper.Win32.Scrop.dyi malware suffers from an insecure permissions vulnerability.
b441fde6d9d688819e5a6d44c127c549633b249a0905d34d885c9ae37e5210fePersonnel Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
2776b79bc1477dd0a9d6f3c66f393968ec921589928f2bb358a7296cf68a94b8This is a tool that was developed to run as alternative "/init". The program will make an Android phone show up as mass storage device during boot. The complete internal storage is available for reading including the partition table and all 42 partitions of the Android system.
26d0ccdaf2d09a37294e6090603335263cb221373194e10a191870af77f5fe23Email-Worm.Win32.Trance.a malware suffers from an insecure permissions vulnerability.
b7be52e55d136dca9ba0d96625eb0e3b7ad168eb430c19ccfa05d14f47f0ac2aAndroid version 2.0 exploit for FreeCIV versions 2.2 before 2.2.1 and 2.3 before 2.3.0 that achieves root.
84eaa0c13185db927fae6be271159ea3fe9f56dcc09261d86facb183be5d57c7Atlassian Jira Server / Data Center version 8.16.0 suffer from a cross site scripting vulnerability.
11cb5c10c7bc260840e9f99059eab8e717769aeff2d90a62ed3b887604e735c0SAPSprint version 7.60 suffers from an unquoted service path vulnerability.
8fd12071ae6adadfc0e695181b3356e8bf22de078d2eb3e9d81412ae18f764faThis Metasploit module exploits the file upload vulnerability of Lightweight self-hosted facebook-styled PHP blog and allows remote code execution.
60500517de9e732c50f65c2b42ef9aab7b59dcf4310f936b690f3460d981d122Seeddms version 5.1.10 authenticated remote command execution exploit.
1bd0d1d11507de31f14c38ecbae34e401a0ca09e54f2d268c40dcd6fc869c58bOnline Pet Shop We App version 1.0 suffers from remote SQL injection and shell upload vulnerabilities.
eb0bd2f27f2879c5379fdf6bc7702bd5bdffceefb5a53170487bbb21eb81cf54Simple Client Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
3004a065d6a8c63fdece287c1f6038dcc213d293890df2200431cdee20c52de6This Metasploit module allows an attacker with a privileged rConfig account to start a reverse shell due to an arbitrary file upload vulnerability in /lib/crud/vendors.crud.php.
9898d80071dec7ddeb79d05a6d3e6a34bfd2027a8c1422f650410e9a1cb4219cTrojan-Dropper.Win32.Krepper.a malware suffers from an unauthenticated remote command execution vulnerability.
707ac72fec5bc9fd4ba9130e172dfe27a762e79efd3ec59ffa42a962275b3eb5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed