what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 69 RSS Feed

Files

Packet Storm New Exploits For July, 2022
Posted Aug 1, 2022
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 68 exploits added to Packet Storm in July, 2022.

tags | exploit
SHA-256 | c40f5c1b549322f0f9faaf591fa292bd86ce6c07fd6393924b132354a134af3e
Transposh WordPress Translation 1.0.8.1 Remote Code Execution
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.8.1 and below have a "save_transposh" action available at "/wp-admin/admin.php?page=tp_advanced" that does not properly validate the "Log file name" allowing an attacker with the "Administrator" role to specify a .php file as the log destination. Since the log file is stored directly within the "/wp-admin" directory, executing arbitrary PHP code is possible by simply sending a crafted request that gets logged.

tags | exploit, arbitrary, php
advisories | CVE-2022-25812
SHA-256 | 8347827a18239dee9d623ea317bc7751b1e867031f7d4bbe6349594f42f4006f
Transposh WordPress Translation 1.0.8.1 SQL Injection
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.8.1 and below have a "tp_editor" page at "/wp-admin/admin.php?page=tp_editor" that is vulnerable to two authenticated, blind SQL injections when user-supplied input to the HTTP GET parameters "order" and "orderby" is processed by the web application.

tags | exploit, web, php, sql injection
advisories | CVE-2022-25811
SHA-256 | 6ffce07022d6d645854345ed70ea8823b6aaf618f4db874a0b2b20afa74331a3
Transposh WordPress Translation 1.0.8.1 Improper Authorization
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.8.1 and below do not properly enforce authorization on functionalities available on the plugin's "Utilities" page leading to unauthorized access for all user roles, including "Subscriber".

tags | exploit
advisories | CVE-2022-25810
SHA-256 | af33faff2eac2d7e60b23a09b13a21e743b2acab343abb9a1ba1e8f3913a386d
Geonetwork 4.2.0 XML Injection
Posted Jul 29, 2022
Authored by Amel Bouziane-Leblond

Geonetwork versions 3.1.x through 4.2.0 suffer from an XML external entity injection vulnerability.

tags | exploit
SHA-256 | b6960c0b16c14d8c15e9fb95af349b9c0df4129ca1c1ec5012226c0cf1bf3a8b
Transposh WordPress Translation 1.0.8.1 Information Disclosure
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.8.1 and below have an ajax action called "tp_history" which is intended to return data about who has translated a text given by the "token" parameter. However, the plugin also returns the user's login name as part of the "user_login" attribute. Successful exploits can allow an unauthenticated attacker to leak the WordPress username of translators. If an anonymous user submitted the translation, then the user's IP address is returned.

tags | exploit, info disclosure
advisories | CVE-2022-2462
SHA-256 | 9edfbd7e51dbf96c4ec365750f8acbdc5e0bcb40dfa07245a905258f418c9681
Crime Reporting System 1.0 Cross Site Scripting
Posted Jul 29, 2022
Authored by Eslam Reda

Crime Reporting System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 134f7cc89e016dd40ec6f94be6c14e9a72f24e41d92ceac88aa2cd6916a78c10
Transposh WordPress Translation 1.0.8.1 Cross Site Request Forgery
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.8.1 and below suffer from cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2021-24912
SHA-256 | 00f492b81f8c36b3158ff92303a3ed9b8713a137b201a866100dd6430cd9a03c
rpc.py 0.6.0 Remote Code Execution
Posted Jul 29, 2022
Authored by Elias Hohl

rpc.py version 0.6.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2022-35411
SHA-256 | 33abea8f61fd6b17f12060c9cb706fdb9f1133ee39f527443f669393e2991229
Transposh WordPress Translation 1.0.7 Incorrect Authorization
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.7 and below suffer from an incorrect authorization vulnerability. When installed, Transposh comes with a set of pre-configured options, one of these is the "Who can translate" setting under the "Settings" tab, which by default allows "Anonymous" users to add translations via the plugin's "tp_translation" ajax action. Successful exploits can allow an unauthenticated attacker to add translations to the WordPress site and thereby influence what is actually shown on the site.

tags | exploit
advisories | CVE-2022-2461
SHA-256 | c25e589bc0f339822e669aa5ee336af340896bf3579587f6ad8e5c6ae0691179
Dingtian-DT-R002 3.1.276A Authentication Bypass
Posted Jul 29, 2022
Authored by Victor Hanna

Dingtian-DT-R002 version 3.1.276A suffers from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2022-29593
SHA-256 | c4aafb04ab940ad8ed639d090f1cb3dab189b7a09aab3cd311715b6cd8f14560
Transposh WordPress Translation 1.0.7 Cross Site Scripting
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.7 and below have an ajax action "tp_translation" which is available to authenticated or unauthenticated users (see CVE-2022-2461) that allows them to submit new translations. Translations submitted this way are shown on the Transposh administrative interface on the pages "tp_main" and "tp_editor". However, since the plugin does not properly validate and sanitize the submitted translation, arbitrary Javascript code can be permanently injected and executed directly within the backend across all users visiting the page with the roles of at least "Subscriber" and up to "Administrator".

tags | exploit, arbitrary, javascript, xss
advisories | CVE-2021-24911
SHA-256 | 484332c9e36ec88f8a190cc80119a1f22da60e0f49e9a327a7f7268bba597fb7
Transposh WordPress Translation 1.0.7 Cross Site Scripting
Posted Jul 29, 2022
Authored by Julien Ahrens | Site rcesecurity.com

Transposh WordPress Translation versions 1.0.7 and below have an ajax action "tp_tp" that is vulnerable to an unauthenticated/authenticated reflected cross site scripting vulnerability when user-supplied input to the HTTP GET parameter "q" is processed by the web application. Since the application does not properly validate and sanitize this parameter, it is possible to place arbitrary script code onto the same page.

tags | exploit, web, arbitrary, xss
advisories | CVE-2021-24910
SHA-256 | 126f6f0908b2d0af3788074669b78c52b992a1d268ad9fca40e951bf16e63e90
WordPress WP-UserOnline 2.87.6 Cross Site Scripting
Posted Jul 29, 2022
Authored by Steffin Stanly

WordPress WP-UserOnline plugin versions 2.87.6 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f6801eabd968457a104d901ce64897fb4b492fbd508a10ad3532e3d5615da08a
Loan Management System 1.0 Cross Site Scripting
Posted Jul 28, 2022
Authored by saitamang

Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0e8f410ee7c0e0ebb79866fa6e7831932c94c07784f5823be2d5b028778e2249
Loan Management System 1.0 SQL Injection
Posted Jul 28, 2022
Authored by saitamang

Loan Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | d75b3ab8871f404b65b13fe82c8b4fbaec1f02123dfe8233f01f7fef75a37fe1
Roxy-WI Remote Command Execution
Posted Jul 26, 2022
Authored by Nuri Cilengir | Site metasploit.com

This Metasploit module exploits an unauthenticated command injection vulnerability in Roxy-WI versions prior to 6.1.1.0. Successful exploitation results in remote code execution under the context of the web server user. Roxy-WI is an interface for managing HAProxy, Nginx and Keepalived servers.

tags | exploit, remote, web, code execution
advisories | CVE-2022-31137
SHA-256 | 96d069f907bcd7cf304913bbed0abdeaec0d86467550d0c7535f3ee8826057d3
Hospital Information System 1.0 SQL Injection
Posted Jul 26, 2022
Authored by saitamang

Hospital Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | fe66c661132cc964be237a78b59c37dd33812105a69f943e40034432ba9e37b1
Garage Management System 1.0 Shell Upload
Posted Jul 26, 2022
Authored by saitamang

Garage Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | ab0ebb6c87eb34a7a0f252098e28dd19c540d7bd1bf348be3b734685516a5a76
Expert X Jobs Portal And Resume Builder 1.0 SQL Injection
Posted Jul 26, 2022
Authored by CraCkEr

Expert X Jobs Portal and Resume Builder version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 376564ceda2e198de8dceb8ed5116a678ef9962cb5cead849c271870ad95168e
PCProtect Endpoint 5.17.470 Tampering / Privilege Escalation
Posted Jul 26, 2022
Authored by Yehia Elghaly

PCProtect Endpoint version 5.17.470 fails to provide sufficient anti-tampering protection that can be leveraged to achieve SYSTEM privileges.

tags | exploit
SHA-256 | 2d06bd74496b08a5700c2c8e026dcb7ac169ea6a7167829bfbda24a822742cfd
Patlite 1.46 Buffer Overflow
Posted Jul 25, 2022
Authored by Samy Younsi

Patlite versions 1.45 and below suffer from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2022-35911
SHA-256 | 5c29e3afa128083754b4bac9a8b929fac03751344f5c65c15f43df42fefcb136
Marty Marketplace Multi Vendor Ecommerce Script 1.2 SQL Injection
Posted Jul 25, 2022
Authored by CraCkEr

Marty Marketplace Multi Vendor Ecommerce Script version 1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | de54243b67a1b9382ad0793900de4b162ce93e29eb5cc6a5a7eb97495e63a2b6
Backdoor.Win32.Eclipse.h MVID-2022-0625 Hardcoded Credential
Posted Jul 22, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Eclipse.h malware suffers from a hardcoded credential vulnerability.

tags | exploit
systems | windows
SHA-256 | cb80773c5ec99bb1c8f84021a4d97f89b467aa36feac244444c08a628a4e0d51
Chrome Scope Break
Posted Jul 21, 2022
Authored by Google Security Research, Mark Brand

Chrome has an issue where raw_ptr broke implicit scoped_refptr for receivers in base::Bind.

tags | exploit
advisories | CVE-2022-2156
SHA-256 | 608734695dfbbf56d37a25c6b0e92ec571e720ac20c50496dd9608c3ee36b587
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close