what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2021-03-08

VMware vCenter Server File Upload / Remote Code Execution
Posted Mar 8, 2021
Authored by mr_me, wvu, Mikhail Klyuchnikov, Viss | Site metasploit.com

This Metasploit module exploits an unauthenticated OVA file upload and path traversal in VMware vCenter Server to write a JSP payload to a web-accessible directory. Fixed versions are 6.5 Update 3n, 6.7 Update 3l, and 7.0 Update 1c. Note that later vulnerable versions of the Linux appliance aren't exploitable via the webshell technique. Furthermore, writing an SSH public key to /home/vsphere-ui/.ssh/authorized_keys works, but the user's non-existent password expires 90 days after install, rendering the technique nearly useless against production environments. You'll have the best luck targeting older versions of the Linux appliance. The Windows target should work ubiquitously.

tags | exploit, web, file upload
systems | linux, windows
advisories | CVE-2021-21972
SHA-256 | ee1f708da8c9cdb296637b11bf11d0e1c52209633c21780eca035b11e77bfd1d
Red Hat Security Advisory 2021-0742-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0742-01 - The screen utility allows users to have multiple logins on a single terminal.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-26937
SHA-256 | 437f2bfdda5c0fc56efb4eecd8ca284298a0aca836e0ef7326a6f4f5210fe0a8
Red Hat Security Advisory 2021-0744-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0744-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 2e6cd2f2aa48f2dab5ac7f22f46c330f76fa89d51147b3e2905c8500fabfaef1
File Transfer Cheatsheet
Posted Mar 8, 2021
Authored by Jeenali Kothari | Site hackingarticles.in

This is a brief whitepaper that goes over file transfer mechanisms that can be used on Windows and Linux.

tags | paper
systems | linux, windows
SHA-256 | bb53fbaa2dc352533456cf7d06a33392552c749b608b8e33b3b03227d97e1520
WordPress SuperStoreFinder / SuperInteractiveMaps 6.3 SQL Injection
Posted Mar 8, 2021
Authored by Eagle Eye, Joe Lz

WordPress SuperStoreFinder and SuperInteractiveMaps plugins version 6.3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 73a1694918d5a2f9d941387ce01f030c65fcad3ffe2a24915402f7cf37671609
Red Hat Security Advisory 2021-0740-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0740-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 048635c872b32a23b29278a2afb2aadf3eccf738adcd36fe2c005413174b1e4e
Hotel And Lodge Management System 1.0 Shell Upload
Posted Mar 8, 2021
Authored by Christian Vierschilling

Hotel and Lodge Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | d20002ffe974011cd852f0ec1bd6fc63fedd654ce04049e4db567922e6f15541
Red Hat Security Advisory 2021-0738-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0738-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 12274a6479dc143dd28b61d9ba2a1d5323611557367b8d4e291d8bae7d84acb8
Backdoor.Win32.Agent.bjev MVID-2021-0123 Insecure Permissions
Posted Mar 8, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.bjev malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 1593e70fc0a7f662f718ed8228bf8eea3ff24a55de73c3f6ac058ce858858800
Red Hat Security Advisory 2021-0741-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0741-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 8c3c63e0f5786d781a127450ef7748fd420fcac81e63e994e2f274c6f02e6d74
Joomla JCK Editor 6.4.4 SQL Injection
Posted Mar 8, 2021
Authored by Nicholas Ferreira

Joomla JCK Editor plugin version 6.4.4 remote SQL injection exploit.

tags | exploit, remote, sql injection
advisories | CVE-2018-17254
SHA-256 | b3f789cada9ae4a87a7651fb6539d99e2150cde8d64c477092a5ff94e4f17466
Joomla Matukio Events 7.0.5 Cross Site Scripting
Posted Mar 8, 2021
Authored by Vincent666 ibn Winnie

Joomla Matukio Events component version 7.0.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9584c12148fc8617de3641746b4f0230d3311b6572cc96e3b21fd7b640b96953
Red Hat Security Advisory 2021-0739-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0739-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 12c26fe6e6fa4a03dc81642e079ff2e8e419dc0fd193507548d23ffb17214843
GLPI 9.5.3 Unsafe Reflection
Posted Mar 8, 2021
Authored by Vadym Soroka

GLPI versions 9.5.3 and below suffer from a fromtype unsafe reflection vulnerability.

tags | exploit
advisories | CVE-2021-21327
SHA-256 | 65d1ee0442efe75600cc5389749bb4e1e3ddf7de93e8f5468cef5c1ff8fe3f50
Backdoor.Win32.GTbot.c MVID-2021-0122 Insecure Permissions
Posted Mar 8, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.GTbot.c malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | c2e392c163ebcd9f435c3e09cca9331026106f4740cac625a4044fbdc756e045
Red Hat Security Advisory 2021-0743-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0743-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-35517
SHA-256 | c0895bd122810f3e0483f5fa2672b0b4281d953314d74fe5dcece8867c53a06b
Backdoor.Win32.Antilam.14.o MVID-2021-0121 Code Execution
Posted Mar 8, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Antilam.14.o malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
SHA-256 | d92bb20e133e9b419f1d5c28b5801d4da7c9f702ffb6c8ef3ed56c0a5ae2e911
Raptor WAF 0.62
Posted Mar 8, 2021
Authored by coolervoid

Raptor is a web application firewall written in C that uses DFA to block SQL injection, cross site scripting, and path traversals.

Changes: Patch fix to the improving documentation.
tags | tool, web, firewall, xss, sql injection
systems | unix
SHA-256 | 34a59934180dc4ec202e6e77747f7e92b07457fb6a80ea09fb608137ac914095
Print Job Accounting 4.4.10 Unquoted Service Path
Posted Mar 8, 2021
Authored by Brian Rodriguez

Print Job Accounting version 4.4.10 suffers from an OkiJaSvc unquoted service path vulnerability.

tags | exploit
SHA-256 | 8ca737a7ce54df21a7e7e7054e07d0c5f530940557afb6207b19a4355cd674eb
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close