This archive contains all of the 116 exploits added to Packet Storm in August, 2021.
1854109f17e8bc271ea7f561e45923488b7238dbbb19a6b8fc0b4d532e611ce2
BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an authenticated remote code execution vulnerability.
49197fb2cfb022676fde90bcac4d9316f667e46b26bff72013da082a88e9e04f
BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an XML tag injection vulnerability.
0c56c88ea69c8de1bff4db2aee1d3ede8a753424e728d03ae82775f025eaea03
Backdoor.Win32.Hupigon.aejq malware suffers from a traversal vulnerability.
11b3b0952584c5f99c0df4ddd7b8b6e771a3bdab508ca14fadae5640d3a5dc3f
Backdoor.Win32.Hupigon.aejq malware suffers from a man-in-the-middle vulnerability.
6515f7b9f9c5399c19813559ecb345dab2ea9b3fe486bd17c53628d2ab6371f3
Backdoor.Win32.Hupigon.aejq malware suffers from bypass and code execution vulnerabilities.
948f5f0c7f28c2b0b82dc92a672391a300526cc69a9fd8dc43fa4dfc4f88783a
Backdoor.Win32.BO2K.11.d malware suffers from a buffer overflow vulnerability.
42598038ae754d2698dc25471a6b3ccc010ee8c61db15312c3865ce62639d9f0
Git clients that support delay-capable clean / smudge filters and symbolic links on case-insensitive file systems are vulnerable to remote code execution while cloning a repository. Usage of clean / smudge filters through Git LFS and a case-insensitive file system changes the checkout order of repository files which enables the placement of a Git hook in the .git/hooks directory. By default, this Metasploit module writes a post-checkout script so that the payload will automatically be executed upon checkout of the repository.
e98b3afb62859d7020a7dd7d9fa1db727066effb6fcaf6be5eb8fbff19874b9d
WordPress ProfilePress plugin version 3.1.3 suffers from a privilege escalation vulnerability.
ab8fea0683b52cf0be923b3d886a6068928b9e2e6f2715d669727ad6bb5c7609
Backdoor.Win32.Delf.wr malware suffers from a man-in-the-middle vulnerability.
1cde143a84dda4ccf90153fced2ccfff1418efac94ff8ba5e3745b36c9d66dc8
Backdoor.Win32.Delf.wr malware suffers from bypass and code execution vulnerabilities.
6ab9d2c3a3532f616417be3d7b6cb8d4c3f8aae3f2edf0817613b9ca0bd913f2
Umbraco CMS versions 8.9.1 and below suffer from path traversal and arbitrary file write vulnerabilities.
285a3167b58ee1d23f3b7b489f51a13fbc7670d634c6d025df3c15ebcfbdb31c
Online Leave Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e78dd8b5ffb66e7907834608fdf4bbd7e16eb43fcbe3166f269c91a8918cec7c
Backdoor.Win32.Delf.um malware suffers from bypass and code execution vulnerabilities.
aae3992e5a8db7ea4b103aa648a73b01fd2c15bbe417fafd166d41a2d20337c9
Strapi version 3.0.0-beta set password authentication bypass exploit.
e401d2d526abb18e08643bed89404964079613a0b0f8ea391d5e5598331a2cbb
Projectsend r1295 suffers from a persistent cross site scripting vulnerability.
b0ace11adad56457320c77f7e9c665ec13f7f0e28d26988fdb96e3f17ecaf3ca
Backdoor.Win32.Hupigon.abe malware suffers from an unauthenticated open proxy vulnerability.
4e44c7e894df7c92f666175489a9003e00f647e8204cacf64934c30df9615d0b
Ship Ferry Ticket Reservation System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
803a0c96cba11ecfa8b1ec9bfa813ccb70c19b42780ebdf3ff7fe5814519b7cc
Backdoor.Win32.Antilam.11 malware suffers from a remote command execution vulnerability.
973c200838c252fb148bfc55a388c02ee8e7c1c9d7173c090575a58aa811b3ce
Strapi CMS version 3.0.0-beta.17.4 authenticated remote code execution exploit.
eb8542fb58263a7355906f031b2beea938e879118461896e82c8ef5965181f72
Trojan-Proxy.Win32.Raznew.gen malware suffers from an unauthenticated open proxy vulnerability.
3a4c17fcca85a0506324de058c0530cb8e86aa0de3ea2bf9bb4f2cb2d8b25f57
Backdoor.Win32.DarkKomet.aspl malware suffers from an insecure permissions vulnerability.
923e03d718652aa6d969ac473905bb7038c0ea06617842856470211beac770aa
Bus Pass Management System version 1.0 suffers from a remote SQL injection vulnerability.
d7f97f9145b28fec2f5dc8b8070a6f14d9d73c509d68ef81bc8d81c866ce1cfd
HEUR.Trojan.Win32.Delf.gen malware suffers from an insecure permissions vulnerability.
9f6526911bace5067431fbaedcf7a56e6a86ab57bb8afe2f863974c9dba238d8
Strapi version 3.0.0-beta.17.7 authenticated remote code execution exploit.
530b0d45ba96774f13af16553dc2fa1a5181ccdae3f20c8c95c0d51b69121a3e