This archive contains all of the 217 exploits added to Packet Storm in June, 2021.
1d30ff4c0e12874de3a80ea317df99bee8d3f02ac5f3c70290da62e3dd119f24
A KVM guest on AMD can launch a L2 guest without the Intercept VMRUN control bit by exploiting a TOCTOU vulnerability in nested_svm_vmrun. Executing vmrun from the L2 guest, will then trigger a second call to nested_svm_vmrun and corrupt svm->nested.hsave with data copied out of the L2 vmcb. For kernel versions that include the commit "2fcf4876: KVM: nSVM: implement on demand allocation of the nested state" (>=5.10), the guest can free the MSR permission bit in svm->nested.msrpm, while it's still in use and gain unrestricted access to host MSRs.
d7d8893258c173535d6129f18da5eea5e87415de98e53b981565c55447d30da4
Apache Superset version 1.1.0 suffers from a time-based account enumeration vulnerability.
622b9b81f8fae090e9a3828896e2abc72bfaf7176f467e82f5880b1afaf02605
Securepoint SSL VPN Client version 2.0.30 suffers from a local privilege escalation vulnerability.
089fd391bbbeb7b8efda804fd0ad063d9c658488180ed9ca54ab3ba8f1db9424
Doctors Patients Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
173a1c278f99a012b4fd9bd0e7df68b3ca8c340b947fbdcc8f342ed5a714fd07
phpAbook version 0.9i suffers from a remote SQL injection vulnerability.
05bafca0cff01769dc9b05d30199563f910ca5a579100695d11ed079fc36b270
ES File Explorer version 4.1.9.7.4 arbitrary file read exploit.
49c30b8691d656d1bb19d03dc76bb300764a671ff450cedd6ccb6933b28818a2
This Metasploit module exploits an arbitrary file upload in the WordPress wpDiscuz plugin versions from 7.0.0 through 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable server.
fab2eeb88db6a1f9b11eed6c490a6ca021dd6f8237a47b405d41bd041a36af45
Constructor.Win32.Bifrose.asc malware suffers from buffer overflow and heap corruption vulnerabilities.
f9de4beeccabbbacc6f282a0c87fbb59cbf7fb3821fe1d204bf99e19e0bb2667
WordPress YOP Polls plugin version 6.2.7 suffers from a persistent cross site scripting vulnerability.
37dfd8abad79e4b69350ef7295da874458a3b9b294f44696d84f80fef21ddd14
Personnel Record Management System version 1.0 unauthenticated administrator addition exploit that also adds a stored cross site scripting payload.
c9257cef037dacedb3db4a1a6b67bd2fc2ac61defffc09745ac32d35d356bbcb
Netgear WNAP320 version 2.0.3 suffers from an unauthenticated remote code execution vulnerability.
f55265a3529db3a819eee1b0f00df0a280e909fc77f24c6ee5747d5c6d90f7d4
Trojan-Dropper.Win32.Scrop.dyi malware suffers from an insecure permissions vulnerability.
b441fde6d9d688819e5a6d44c127c549633b249a0905d34d885c9ae37e5210fe
Personnel Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
2776b79bc1477dd0a9d6f3c66f393968ec921589928f2bb358a7296cf68a94b8
This is a tool that was developed to run as alternative "/init". The program will make an Android phone show up as mass storage device during boot. The complete internal storage is available for reading including the partition table and all 42 partitions of the Android system.
26d0ccdaf2d09a37294e6090603335263cb221373194e10a191870af77f5fe23
Email-Worm.Win32.Trance.a malware suffers from an insecure permissions vulnerability.
b7be52e55d136dca9ba0d96625eb0e3b7ad168eb430c19ccfa05d14f47f0ac2a
Android version 2.0 exploit for FreeCIV versions 2.2 before 2.2.1 and 2.3 before 2.3.0 that achieves root.
84eaa0c13185db927fae6be271159ea3fe9f56dcc09261d86facb183be5d57c7
Atlassian Jira Server / Data Center version 8.16.0 suffer from a cross site scripting vulnerability.
11cb5c10c7bc260840e9f99059eab8e717769aeff2d90a62ed3b887604e735c0
SAPSprint version 7.60 suffers from an unquoted service path vulnerability.
8fd12071ae6adadfc0e695181b3356e8bf22de078d2eb3e9d81412ae18f764fa
This Metasploit module exploits the file upload vulnerability of Lightweight self-hosted facebook-styled PHP blog and allows remote code execution.
60500517de9e732c50f65c2b42ef9aab7b59dcf4310f936b690f3460d981d122
Seeddms version 5.1.10 authenticated remote command execution exploit.
1bd0d1d11507de31f14c38ecbae34e401a0ca09e54f2d268c40dcd6fc869c58b
Online Pet Shop We App version 1.0 suffers from remote SQL injection and shell upload vulnerabilities.
eb0bd2f27f2879c5379fdf6bc7702bd5bdffceefb5a53170487bbb21eb81cf54
Simple Client Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
3004a065d6a8c63fdece287c1f6038dcc213d293890df2200431cdee20c52de6
This Metasploit module allows an attacker with a privileged rConfig account to start a reverse shell due to an arbitrary file upload vulnerability in /lib/crud/vendors.crud.php.
9898d80071dec7ddeb79d05a6d3e6a34bfd2027a8c1422f650410e9a1cb4219c
Trojan-Dropper.Win32.Krepper.a malware suffers from an unauthenticated remote command execution vulnerability.
707ac72fec5bc9fd4ba9130e172dfe27a762e79efd3ec59ffa42a962275b3eb5