This Metasploit module exploits a buffer overflow at the administration interface (8080 or 4117) of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. Successful exploitation results in remote code execution as user nobody.
1f32659ebb0c531de30e029fb76fabee6201b5794d59ccb2568e849b2451ba91This Metasploit module exploits a SQL injection vulnerability found in vBulletin versions 5.6.1 and below. This module uses the getIndexableContent vulnerability to reset the administrator's password and it then uses the administrators login information to achieve remote code execution on the target. This module has been tested successfully on vBulletin version 5.6.1 on the Ubuntu Linux distribution.
ab383c3c011e7017caccbf3f14a2893505f109f7315cb558a626bdfe3e283ccbPHP version 7.2 suffers from an imagecolormatch() out-of-band heap write vulnerability.
69add42dde7d8d122571186cc4217258d5760ae073e9d96197a97e8666a28e27Apache versions 2.4.17 up to 2.4.38 apache2ctl graceful logrotate local privilege escalation exploit.
3319265a25f9489c7617752a0f4a299d38530c30caf7932b9bb2b32075e9f1b7Apache versions 2.4.17 through 2.4.38 suffer from a local root privilege escalation vulnerability due to an out-of-bounds array access leading to an arbitrary function call.
9525ffd9aefbc06136c75f55edd33355815fc7df0b0f150a337892cfad9ed4bdMagento versions 2.2.0 through 2.3.0 unauthenticated remote SQL injection exploit.
fb8e5118d988e50510319ef6725fac056f280cc00faa123b19459e9412e70b6bThis Metasploit module exploits a PHP unserialize() vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also vulnerable (albeit cached). Cached nodes can be exploited only once.
f0577a61447bee5c1e01e80e2168cbe148e2d1b04abd7c1f41da56482db6d02bDrupal versions prior to 8.6.10 and 8.5.11 suffer from a REST module remote code execution vulnerability.
ae19653ae86e19e4205093659570141a9094d9c26cd09af8cb1673c93f03dc72Oracle PeopleSoft Enterprise PeopleTools versions prior to 8.55 suffer from a remote code execution vulnerability.
e7ca7f1dfaf0427d15e6728d2323dfd98cf6d0d01d7466ab23ceea3a1e534852The TYPO3 News module suffers from a remote SQL injection vulnerability.
bb71657eaa7e4ca543ead5df7415208b7f27687d4255a45a2c042482a48a7805Drupal version 7.x module services remote code execution exploit.
80a50821438fc6c1895f12fb121285719fc8d9b69c85fae539144f6a24a07158
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed