exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 188 RSS Feed

Files

Packet Storm New Exploits For October, 2021
Posted Nov 1, 2021
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 187 exploits added to Packet Storm in October, 2021.

tags | exploit
SHA-256 | 529d0071e24892b1e737716ede4686e4a57351d36cb67e8739ad5de37accbd10
WebCTRL OEM 6.5 Cross Site Scripting
Posted Oct 29, 2021
Authored by 3ndG4me

WebCTRL OEM version 6.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-31682
SHA-256 | b213132aebbf39e3ca67659abd1d952d0a1b8c21607a2b98818cdd628295ab9f
WordPress NextScripts: Social Networks Auto-Poster 4.3.20 XSS
Posted Oct 29, 2021
Authored by Ramuel Gall, Wordfence | Site wordfence.com

WordPress NextScripts: Social Networks Auto-Poster plugin versions 4.3.20 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-38356
SHA-256 | 3b243357482f55615e13c6f86d3c5f7e5661b3bdb1e7d084a3489717be01ceda
Movable Type 7 r.5002 XMLRPC API Remote Command Injection
Posted Oct 29, 2021
Authored by Etienne Gervais, Charl-Alexandre Le Brun | Site metasploit.com

This Metasploit module exploits an XML-RPC API OS command injection vulnerability in Movable Type 7 version r.5002.

tags | exploit
advisories | CVE-2021-20837
SHA-256 | 9c1d6d041399f21f06d09819aa8fd5bedc69705e7ec269c952276194f3e11c65
Android NFC Type Confusion
Posted Oct 29, 2021
Authored by Google Security Research, nedwill

Android NFC suffers from a type confusion vulnerability due to a race condition during a tag type change.

tags | exploit
advisories | CVE-2021-0870
SHA-256 | 08fb25b7d8382b17929eba513aa143b8803817300bc39c7324b97c461ec1858e
Mini-XML 3.2 Heap Overflow
Posted Oct 29, 2021
Authored by LIWEI

Mini-XML version 3.2 suffers from a heap overflow vulnerability.

tags | exploit, overflow
SHA-256 | b37fee5b647ea11aa9620e901d553c7936b8122204082ec9a384dff855e860d8
Umbraco 8.14.1 Server-Side Request Forgery
Posted Oct 29, 2021
Authored by NgoAnhDuc

Umbraco version 8.14.1 suffers from a server-side request forgery vulnerability.

tags | exploit
SHA-256 | b6a417c2e4696d3a232a182e939111a6bc9672483416f989f2c1b1c01909b5cc
Sophos UTM WebAdmin SID Command Injection
Posted Oct 28, 2021
Authored by wvu, Justin Kennedy | Site metasploit.com

This Metasploit module exploits an SID-based command injection in Sophos UTM's WebAdmin interface to execute shell commands as the root user.

tags | exploit, shell, root
advisories | CVE-2020-25223
SHA-256 | e60408784254ddfee031c720b657d15c09df5d27e903311833f4a7f181588725
Backdoor.Win32.Prorat.ntz MVID-2021-0382 Weak Hardcoded Password
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Prorat.ntz malware suffers from having a weak hardcoded password.

tags | exploit
systems | windows
SHA-256 | 3242b7623dddcedfdaa1321d459bb30a8fe2211541d728a66a0771f0c38c14e3
Backdoor.Win32.Prorat.ntz MVID-2021-0381 Man-In-The-Middle
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Prorat.ntz malware suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
SHA-256 | b496833c9943b356b5e36c3d403fc166db28d62f58c8ad54909b0349ddab2d12
Microsoft OMI Management Interface Authentication Bypass
Posted Oct 28, 2021
Authored by Spencer McIntyre, wvu, Nir Ohfeld, Shir Tamari | Site metasploit.com

By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 (released September 8th 2021).

tags | exploit, web, root
advisories | CVE-2021-38647
SHA-256 | fdef0aef0e912b6be1749a8d91235a8ce5f95d8c64ee36efaa66917951a81206
Virus.Win32.Ipamor.c MVID-2021-0380 Unauthenticated Reboot
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Virus.Win32.Ipamor.c malware suffers from an unauthenticated remote system reboot vulnerability.

tags | exploit, remote, virus
systems | windows
SHA-256 | 84db975e201fa02c407f637fb81a3da8c99949352d8dcd96e7019bd77a849227
Backdoor.Win32.Antilam.14.o MVID-2021-0379 Remote Command Execution
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Antilam.14.o malware suffers from an unauthenticated remote command execution vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | e3ec579760331c3311245a4085bc3f661d2fcb2136789fb325b557865cc8541e
HEUR.Backdoor.Win32.Generic MVID-2021-0378 Unauthenticated Open Proxy
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

HEUR.Backdoor.Win32.Generic malware suffers from an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
SHA-256 | 63970f0c1a53eb495ab4fe23cb39480889a373c2b844d7684e1533cf0dc070e3
Backdoor.Win32.Mazben.es MVID-2021-0377 Unauthenticated Open Proxy
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Mazben.es malware suffers from an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
SHA-256 | 173e6bf535ccd9b1964aaa19cd997d19c2e872f9160e2af34af09f1a13421313
Hostel Management System 2.1 Cross Site Request Forgery / Cross Site Scripting
Posted Oct 28, 2021
Authored by Anubhav Singh

Hostel Management System version 2.1 suffers from cross site request forgery and cross site scripting vulnerabilities. Original discovery of cross site scripting in this version is attributed to Kokn3t in October of 2020.

tags | exploit, vulnerability, xss, csrf
SHA-256 | c25a1cf3e43fddf34b3dba5ae1ca94327edad0924a642a4cba70ea26c887ae6b
Backdoor.Win32.Hupigon.afjk MVID-2021-0376 Authentication Bypass / Code Execution
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.afjk malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
SHA-256 | e88083e56cc22443cfc05356ba29a0167905e994f2e84a847ee2ae8ae05f67e4
Backdoor.Win32.Hupigon.afjk MVID-2021-0375 Man-In-The-Middle
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.afjk malware suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
SHA-256 | 6b2f003a1b543353ead8da56a0fc62fb2a653d2e3664170784d65781cd8aa71d
Backdoor.Win32.Hupigon.afjk MVID-2021-0374 Directory Traversal
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.afjk malware suffers from a directory traversal vulnerability.

tags | exploit
systems | windows
SHA-256 | 05d61f0a82f4efaed311b1b2abb9498038be8c7827ab8ec304b31ae59c970d88
Backdoor.Win32.Hupigon.acio MVID-2021-0373 Unauthenticated Open Proxy
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.acio malware suffers from an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
SHA-256 | eb96ad8d71f6c7c5b23f5e004070435ee69ec0fed3803691669fa6154b7986f0
WordPress Supsystic Contact Form 1.7.18 Cross Site Scripting
Posted Oct 28, 2021
Authored by Murat Demirci

WordPress Supsystic Contact Form plugin version 1.7.18 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3323df57b8923efdf98df1404c93ea1e5214d151574ad10b00cb85081bd9cc42
Backdoor.Win32.Hupigon.acio MVID-2021-0372 Unquoted Service Path
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.acio malware suffers from an unquoted service path vulnerability.

tags | exploit
systems | windows
SHA-256 | 29b17d8a1dde1549c3b2a9f5bbbd0cadd035ff28ff9aa377cebbe1166a6cdfc7
Backdoor.Win32.Delf.arjo MVID-2021-0371 Unquoted Service Path
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Delf.arjo malware suffers from an unquoted service path vulnerability.

tags | exploit
systems | windows
SHA-256 | ce98423c38a20733de2db341c34d197e2a31b68690e9ba1d3c0c0ccd6f0832c4
Trojan.Win32.Akl.bc MVID-2021-0370 Insecure Permissions
Posted Oct 28, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Akl.bc malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 5fd3a44feb944d9dcb38f70663514713fe5a5f8eeedf65975dacde025a8d7353
Ultimate POS 4.4 Cross Site Scripting
Posted Oct 26, 2021
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Ultimate POS version 4.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | caa1edeed640ae5247dc146dd676283c8f8a10a41349ea5caba714d220ae28d9
Page 1 of 8
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close