Showing 1 - 3 of 3

Files from Simon Scannell

Email address	contact at scannell-infosec.net
First Active	2018-03-31
Last Active	2022-08-05

Zimbra UnRAR Path Traversal: Posted Aug 5, 2022; Authored by Ron Bowes, Simon Scannell | Site metasploit.com; This Metasploit module creates a RAR file that can be emailed to a Zimbra server to exploit CVE-2022-30333. If successful, it plants a JSP-based backdoor in the public web directory, then executes that backdoor. The core vulnerability is a path-traversal issue in unRAR that can extract an arbitrary file to an arbitrary location on a Linux system. This issue is exploitable on Zimbra Collaboration versions 9.0.0 Patch 24 and below and 8.8.15 Patch 31 and below provided that UnRAR versions 6.11 or below are installed.; tags | exploit, web, arbitrary; systems | linux; advisories | CVE-2022-30333; SHA-256 | ca0f5b8e2038241415fba603b901534752f2529d4c8d1c1134f97e76d1935fef; Download | Favorite | View

osCommerce Installer Unauthenticated Code Execution: Posted May 3, 2018; Authored by Daniel Teixeira, Simon Scannell | Site metasploit.com; If the /install/ directory was not removed, it is possible for an unauthenticated attacker to run the "install_4.php" script, which will create the configuration file for the installation. This allows the attacker to inject PHP code into the configuration file and execute it.; tags | exploit, php; SHA-256 | 806d396b8f8393708196c84967f4c3db14adf4f64c443cf3f37029101e6385f9; Download | Favorite | View

osCommerce 2.3.4.1 Remote Code Execution: Posted Mar 31, 2018; Authored by Simon Scannell; osCommerce version 2.3.4.1 suffers from a code execution vulnerability.; tags | exploit, code execution; SHA-256 | 3a9c8b3b77bdf3e503378fb0902da7dfcb3e2c29c42deb289a62f986ab00800f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days