TimeDoctor autoupdate feature downloads and executes files over plain HTTP and doesn't perform any check with the files. An attacker with MITM capabilities (i.e., when user connects to a public wifi) could override the Timedoctor subdomain and then execute custom binaries on the machine where the application is running.
cf5cbb9e12db32d37835bd9deea463c5dc52c32a82f8ba56eb0159a2d82fdd01This Metasploit module exploits a post-auth vulnerability found in X7 Chat versions 2.0.0 up to 2.0.5.1. The vulnerable code exists on lib/message.php, which uses preg_replace() function with the /e modifier. This allows a remote authenticated attacker to execute arbitrary PHP code in the remote machine.
a2b589b509418491b055a24abe22347f72177b3719a6768da42a90f3ad84e5e0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed