what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files Date: 2021-03-08

VMware vCenter Server File Upload / Remote Code Execution
Posted Mar 8, 2021
Authored by mr_me, wvu, Mikhail Klyuchnikov, Viss | Site metasploit.com

This Metasploit module exploits an unauthenticated OVA file upload and path traversal in VMware vCenter Server to write a JSP payload to a web-accessible directory. Fixed versions are 6.5 Update 3n, 6.7 Update 3l, and 7.0 Update 1c. Note that later vulnerable versions of the Linux appliance aren't exploitable via the webshell technique. Furthermore, writing an SSH public key to /home/vsphere-ui/.ssh/authorized_keys works, but the user's non-existent password expires 90 days after install, rendering the technique nearly useless against production environments. You'll have the best luck targeting older versions of the Linux appliance. The Windows target should work ubiquitously.

tags | exploit, web, file upload
systems | linux, windows
advisories | CVE-2021-21972
MD5 | db7174f0c4fc0e0b2ac2dea0a4523ebf
Red Hat Security Advisory 2021-0742-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0742-01 - The screen utility allows users to have multiple logins on a single terminal.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-26937
MD5 | 872a63e6f8290a1a374b65472c94f245
Red Hat Security Advisory 2021-0744-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0744-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | b4b85275703a4c86c931e4a7d0597ee5
File Transfer Cheatsheet
Posted Mar 8, 2021
Authored by Jeenali Kothari | Site hackingarticles.in

This is a brief whitepaper that goes over file transfer mechanisms that can be used on Windows and Linux.

tags | paper
systems | linux, windows
MD5 | 1a613cf131ca43c9114b0a44d4a09e49
WordPress SuperStoreFinder / SuperInteractiveMaps 6.3 SQL Injection
Posted Mar 8, 2021
Authored by Eagle Eye, Joe Lz

WordPress SuperStoreFinder and SuperInteractiveMaps plugins version 6.3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4c3e768ff18c90d0ee44c90a4a24bf25
Red Hat Security Advisory 2021-0740-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0740-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 08753a3c634b4606c4b4f6b2da8f95c1
Hotel And Lodge Management System 1.0 Shell Upload
Posted Mar 8, 2021
Authored by Christian Vierschilling

Hotel and Lodge Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | d2d8858d968c116baf2c562e946b308d
Red Hat Security Advisory 2021-0738-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0738-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 338f3f3813e0f5c43e7a6e5b5e924917
Backdoor.Win32.Agent.bjev Insecure Permissions
Posted Mar 8, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.bjev malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
MD5 | 85ed0e19538a8e28e966b067a0d93c9c
Red Hat Security Advisory 2021-0741-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0741-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 1bed23e753213411771ae018c380af64
Joomla JCK Editor 6.4.4 SQL Injection
Posted Mar 8, 2021
Authored by Nicholas Ferreira

Joomla JCK Editor plugin version 6.4.4 remote SQL injection exploit.

tags | exploit, remote, sql injection
advisories | CVE-2018-17254
MD5 | b3c25ce2958275cc0085c042a311c57b
Joomla Matukio Events 7.0.5 Cross Site Scripting
Posted Mar 8, 2021
Authored by Vincent666 ibn Winnie

Joomla Matukio Events component version 7.0.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | a959c02e20b001c6222d36a485ad1a57
Red Hat Security Advisory 2021-0739-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0739-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
MD5 | 2bd6951176f39236faaf38759dd2915e
GLPI 9.5.3 Unsafe Reflection
Posted Mar 8, 2021
Authored by Vadym Soroka

GLPI versions 9.5.3 and below suffer from a fromtype unsafe reflection vulnerability.

tags | exploit
advisories | CVE-2021-21327
MD5 | 2bed4434a3b2cf5cfbb6729c66210eba
Backdoor.Win32.GTbot.c Insecure Permissions
Posted Mar 8, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.GTbot.c malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
MD5 | f9197ea213a468afd052ecf492b6f205
Red Hat Security Advisory 2021-0743-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0743-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-35517
MD5 | 6ce5867bfea5cd402eacedc9a4021faf
Backdoor.Win32.Antilam.14.o Code Execution
Posted Mar 8, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Antilam.14.o malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
MD5 | b7fc634dbfe1d778bc3861a80849c76b
Raptor WAF 0.62
Posted Mar 8, 2021
Authored by coolervoid

Raptor is a web application firewall written in C that uses DFA to block SQL injection, cross site scripting, and path traversals.

Changes: Patch fix to the improving documentation.
tags | tool, web, firewall, xss, sql injection
systems | unix
MD5 | a9a2b604c97f875e0db3a55664ad6382
Print Job Accounting 4.4.10 Unquoted Service Path
Posted Mar 8, 2021
Authored by Brian Rodriguez

Print Job Accounting version 4.4.10 suffers from an OkiJaSvc unquoted service path vulnerability.

tags | exploit
MD5 | 8fe8e43c4b361c150babae770647f12a
Page 1 of 1
Back1Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    1 Files
  • 18
    Apr 18th
    1 Files
  • 19
    Apr 19th
    19 Files
  • 20
    Apr 20th
    18 Files
  • 21
    Apr 21st
    30 Files
  • 22
    Apr 22nd
    18 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close