exploit the possibilities
Showing 1 - 25 of 112,180 RSS Feed

Files

Pandora FMS 7.0 NG 7XX Remote Command Execution
Posted Jul 11, 2020
Authored by Fernando Catoira, Erik Wynter, Julio Sanchez | Site metasploit.com

This Metasploit module exploits a vulnerability (CVE-2020-13851) in Pandora FMS versions 7.0 NG 742, 7.0 NG 743, and 7.0 NG 744 (and perhaps older versions) in order to execute arbitrary commands. This module takes advantage of a command injection vulnerability in th e Events feature of Pandora FMS. This flaw allows users to execute arbitrary commands via the target parameter in HTTP POST requests to the Events function. After authenticating to the target, the module attempts to exploit this flaw by issuing such an HTTP POST request, with the target parameter set to contain the payload. If a shell is obtained, the module will try to obtain the local MySQL database password via a simple grep command on the plaintext /var/www/html/pandora_console/include/config.php file. Valid credentials for a Pandora FMS account are required. The account does not need to have admin privileges. This module has been successfully tested on Pandora 7.0 NG 744 running on CentOS 7 (the official virtual appliance ISO for this version).

tags | exploit, web, arbitrary, shell, local, php
systems | linux, centos
advisories | CVE-2020-13851
MD5 | f5291266eaebb8b290e3a0b7e6659455
Pandora FMS 7.0 NG 746 Script Insertion / Code Execution
Posted Jul 11, 2020
Authored by AppleBois

Pandora FMS 7.0 NG versions 746 and below remote code execution exploit that leverages cross site scripting. Requires administrator to perform an snmp scan with a cross site scripting payload.

tags | exploit, remote, code execution, xss
MD5 | 245bf731b05ac276a48b0f51f260ba04
Impress CMS 1.4.0 Cross Site Scripting
Posted Jul 11, 2020
Authored by AppleBois

Impress CMS version 1.4.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 029b019e3aee7ed3d4048cb1c2d4d9a0
Webtareas 2.1 / 2.1p Cross Site Scripting
Posted Jul 11, 2020
Authored by AppleBois

Webtareas versions 2.1 and 2.1p suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 7b3695728c5fb49d9a1558d6999d69b0
HelloWeb 2.0 Arbitrary File Download
Posted Jul 10, 2020
Authored by bRpsd

HelloWeb version 2.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
MD5 | 9e44907bb4c42a58065396ca233c0190
Barangay Management System 1.0 SQL Injection
Posted Jul 10, 2020
Authored by BKpatron

Barangay Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
MD5 | 9e2e4c2e400cf28065cec0ee5b40156a
Sifter 8
Posted Jul 10, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Additions include Espionage, KatanaFramework, PowerHub, MetaSploit, Spiderfoot, and Email2PhoneNumber. Various fixes.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 32d4677dbd11ce03da6fd2315b2f43f0
Rittal Products Bypass / Command Injection / Privilege Escalation
Posted Jul 10, 2020
Authored by Johannes Kruchem, C. Svoboda | Site sec-consult.com

Multiple Rittal Products based on the same software suffer from CLI menu bypass, insecure configuration, hard-coded backdoor account, outdated component, command injection, and privilege escalation vulnerabilities. Products include but are not limited to CMC III PU Compact, CMC III PU 7030.000 PDU (whole portfolio), LCP-CW, and IoT Interface 3124.300.

tags | exploit, vulnerability
advisories | CVE-2020-11951, CVE-2020-11952, CVE-2020-11953, CVE-2020-11955, CVE-2020-11956
MD5 | 5e04df5718d707c3b3f9da0c2c4fb014
Colin Percival's bsdiff 4.3 Memory Corruption
Posted Jul 10, 2020
Authored by Luis Merino

A memory corruption vulnerability is present in bspatch as shipped in Colin Percival's bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries. Proof of concept included.

tags | exploit, proof of concept
advisories | CVE-2020-14315
MD5 | cef9b1de3a8748695b5af13fa5aeeb11
Impress CMS 1.4.0 Code Execution / SQL Injection
Posted Jul 10, 2020
Authored by AppleBois

Impress CMS version 1.4.0 has an issue where an authenticated user can make use of the AutoTask feature to execute php code, allowing for remote SQL injection and remote code execution.

tags | exploit, remote, php, code execution, sql injection
MD5 | b5f8c806b5bde139ab34a7e35d46ad18
Microsoft OneDrive 19.232.1124.0010 DLL Hijacking
Posted Jul 10, 2020
Authored by Yorick Koster, Securify B.V.

A file hijacking vulnerability was found in the Microsoft OneDrive client. This vulnerability allows a local attacker to plant a DLL file on the local machine. This DLL will then be loaded whenever (another) user launches OneDrive, running with the privileges of the victim. This issue was successfully verified on Microsoft OneDrive version 19.232.1124.0010.

tags | exploit, local
MD5 | 834603f1a95f27a160459efee2807af1
TOR Virtual Network Tunneling Tool 0.4.3.6
Posted Jul 9, 2020
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.4.3.6 backports several bugfixes from later releases, including some affecting usability. This release also fixes TROVE-2020-001, a medium-severity denial of service vulnerability affecting all versions of Tor when compiled with the NSS encryption library. (This is not the default configuration.) Using this vulnerability, an attacker could cause an affected Tor instance to crash remotely. This issue is also tracked as CVE-2020-15572. Anybody running a version of Tor built with the NSS library should upgrade to 0.3.5.11, 0.4.2.8, 0.4.3.6, or 0.4.4.2-alpha or later.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2020-15572
MD5 | 78a733e2f528354c1706b143119579f6
WordPress Power's WHOIS Domain Check 0.9.31 Cross Site Scripting
Posted Jul 9, 2020
Authored by mqt

WordPress Power's WHOIS Domain Check plugin version 0.9.31 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 531ffdeebaae913d9bed73e0ac6d32fc
Ubuntu Security Notice USN-4376-2
Posted Jul 9, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4376-2 - USN-4376-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Cesar Pereida Garc

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-1547, CVE-2019-1559, CVE-2019-1563
MD5 | 5ffe6bab9ab65abc32cc3f1b5a2aa54b
Webtareas 2.1 / 2.1p File Upload / Information Disclosure
Posted Jul 9, 2020
Authored by AppleBois

Webtareas versions 2.1 and 2.1p suffer from unauthenticated file uploads that allow for remote code execution and expose directory listings.

tags | exploit, remote, code execution, info disclosure, file upload
MD5 | 411b5ebef9a23a0632621a466851bcb3
GNU Privacy Guard 2.2.21
Posted Jul 9, 2020
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Improved symmetric decryption speed by about 25%. Added support for decryption of AEAD encrypted data packets. Added option --no-include-key-block. Various other additions.
tags | tool, encryption
MD5 | 97fa4809da1e8f24fcb0ed7205b2f484
Savsoft Quiz 5 Cross Site Scripting
Posted Jul 9, 2020
Authored by th3d1gger

Savsoft Quiz version 5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 95176c76c0355bece50fe077b3d503d1
SuperMicro IPMI 03.40 Cross Site Request Forgery
Posted Jul 9, 2020
Authored by Metin Yunus Kandemir

SuperMicro IPMI version 03.40 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-15046
MD5 | c6d8021c22d652f56e1d92d8966b6e9a
BSA Radar 1.6.7234.24750 Cross Site Request Forgery
Posted Jul 9, 2020
Authored by William Summerhill

BSA Radar version 1.6.7234.24750 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-14944
MD5 | c2f73c8d5e89acb76d50f492fed7463c
PHP 7.4 FFI disable_functions Bypass
Posted Jul 9, 2020
Authored by Hunter Gregal

PHP version 7.4 FFI disable_functions bypass proof of concept exploit.

tags | exploit, php, proof of concept, bypass
MD5 | 837034ab8198c13f97935215b65ad576
Ubuntu Security Notice USN-4419-1
Posted Jul 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4419-1 - It was discovered that a race condition existed in the Precision Time Protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code. Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-10690, CVE-2020-10711, CVE-2020-12770, CVE-2020-13143, CVE-2020-8992
MD5 | 1a43296b82c72fbb0f52cc4e8828d2f4
Ubuntu Security Notice USN-4421-1
Posted Jul 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4421-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that Thunderbird would continue an unencrypted connection when configured to use STARTTLS for IMAP if the server responded with PREAUTH. A remote attacker could potentially exploit this to perform a person-in-the-middle attack in order to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, imap
systems | linux, ubuntu
advisories | CVE-2020-12398, CVE-2020-12399, CVE-2020-12406, CVE-2020-12410, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | 326f5ebac4547f863a712734770a0ae2
ClearPass Policy Manager Unauthenticated Remote Command Execution
Posted Jul 8, 2020
Authored by spicyitalian

Proof of concept exploit for ClearPass Policy Manager which suffers from an unauthenticated remote command execution vulnerability.

tags | exploit, remote, proof of concept
advisories | CVE-2020-7115
MD5 | 70294e43b84d0d72ae5fcfc777c6605f
Red Hat Security Advisory 2020-2870-01
Posted Jul 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2870-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-11253
MD5 | 2c5c3e857f06dbb08b024b25d3729fb2
F5 BIG-IP TMUI Directory Traversal / File Upload / Code Execution
Posted Jul 7, 2020
Authored by wvu, Mikhail Klyuchnikov | Site metasploit.com

This Metasploit module exploits a directory traversal in F5's BIG-IP Traffic Management User Interface (TMUI) to upload a shell script and execute it as the root user.

tags | exploit, shell, root
advisories | CVE-2020-5902
MD5 | bc9ef269b0fbd9bf35cb0c0f8d89b446
Page 1 of 4,488
Back12345Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    4 Files
  • 9
    Jul 9th
    9 Files
  • 10
    Jul 10th
    7 Files
  • 11
    Jul 11th
    4 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close