exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2021-03-08

VMware vCenter Server File Upload / Remote Code Execution
Posted Mar 8, 2021
Authored by mr_me, wvu, Mikhail Klyuchnikov, Viss | Site metasploit.com

This Metasploit module exploits an unauthenticated OVA file upload and path traversal in VMware vCenter Server to write a JSP payload to a web-accessible directory. Fixed versions are 6.5 Update 3n, 6.7 Update 3l, and 7.0 Update 1c. Note that later vulnerable versions of the Linux appliance aren't exploitable via the webshell technique. Furthermore, writing an SSH public key to /home/vsphere-ui/.ssh/authorized_keys works, but the user's non-existent password expires 90 days after install, rendering the technique nearly useless against production environments. You'll have the best luck targeting older versions of the Linux appliance. The Windows target should work ubiquitously.

tags | exploit, web, file upload
systems | linux, windows
advisories | CVE-2021-21972
SHA-256 | ee1f708da8c9cdb296637b11bf11d0e1c52209633c21780eca035b11e77bfd1d
Red Hat Security Advisory 2021-0742-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0742-01 - The screen utility allows users to have multiple logins on a single terminal.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-26937
SHA-256 | 437f2bfdda5c0fc56efb4eecd8ca284298a0aca836e0ef7326a6f4f5210fe0a8
Red Hat Security Advisory 2021-0744-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0744-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 2e6cd2f2aa48f2dab5ac7f22f46c330f76fa89d51147b3e2905c8500fabfaef1
File Transfer Cheatsheet
Posted Mar 8, 2021
Authored by Jeenali Kothari | Site hackingarticles.in

This is a brief whitepaper that goes over file transfer mechanisms that can be used on Windows and Linux.

tags | paper
systems | linux, windows
SHA-256 | bb53fbaa2dc352533456cf7d06a33392552c749b608b8e33b3b03227d97e1520
WordPress SuperStoreFinder / SuperInteractiveMaps 6.3 SQL Injection
Posted Mar 8, 2021
Authored by Eagle Eye, Joe Lz

WordPress SuperStoreFinder and SuperInteractiveMaps plugins version 6.3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 73a1694918d5a2f9d941387ce01f030c65fcad3ffe2a24915402f7cf37671609
Red Hat Security Advisory 2021-0740-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0740-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 048635c872b32a23b29278a2afb2aadf3eccf738adcd36fe2c005413174b1e4e
Hotel And Lodge Management System 1.0 Shell Upload
Posted Mar 8, 2021
Authored by Christian Vierschilling

Hotel and Lodge Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | d20002ffe974011cd852f0ec1bd6fc63fedd654ce04049e4db567922e6f15541
Red Hat Security Advisory 2021-0738-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0738-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 12274a6479dc143dd28b61d9ba2a1d5323611557367b8d4e291d8bae7d84acb8
Backdoor.Win32.Agent.bjev MVID-2021-0123 Insecure Permissions
Posted Mar 8, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.bjev malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 1593e70fc0a7f662f718ed8228bf8eea3ff24a55de73c3f6ac058ce858858800
Red Hat Security Advisory 2021-0741-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0741-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 8c3c63e0f5786d781a127450ef7748fd420fcac81e63e994e2f274c6f02e6d74
Joomla JCK Editor 6.4.4 SQL Injection
Posted Mar 8, 2021
Authored by Nicholas Ferreira

Joomla JCK Editor plugin version 6.4.4 remote SQL injection exploit.

tags | exploit, remote, sql injection
advisories | CVE-2018-17254
SHA-256 | b3f789cada9ae4a87a7651fb6539d99e2150cde8d64c477092a5ff94e4f17466
Joomla Matukio Events 7.0.5 Cross Site Scripting
Posted Mar 8, 2021
Authored by Vincent666 ibn Winnie

Joomla Matukio Events component version 7.0.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9584c12148fc8617de3641746b4f0230d3311b6572cc96e3b21fd7b640b96953
Red Hat Security Advisory 2021-0739-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0739-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 12c26fe6e6fa4a03dc81642e079ff2e8e419dc0fd193507548d23ffb17214843
GLPI 9.5.3 Unsafe Reflection
Posted Mar 8, 2021
Authored by Vadym Soroka

GLPI versions 9.5.3 and below suffer from a fromtype unsafe reflection vulnerability.

tags | exploit
advisories | CVE-2021-21327
SHA-256 | 65d1ee0442efe75600cc5389749bb4e1e3ddf7de93e8f5468cef5c1ff8fe3f50
Backdoor.Win32.GTbot.c MVID-2021-0122 Insecure Permissions
Posted Mar 8, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.GTbot.c malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | c2e392c163ebcd9f435c3e09cca9331026106f4740cac625a4044fbdc756e045
Red Hat Security Advisory 2021-0743-01
Posted Mar 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0743-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-35517
SHA-256 | c0895bd122810f3e0483f5fa2672b0b4281d953314d74fe5dcece8867c53a06b
Backdoor.Win32.Antilam.14.o MVID-2021-0121 Code Execution
Posted Mar 8, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Antilam.14.o malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
SHA-256 | d92bb20e133e9b419f1d5c28b5801d4da7c9f702ffb6c8ef3ed56c0a5ae2e911
Raptor WAF 0.62
Posted Mar 8, 2021
Authored by coolervoid

Raptor is a web application firewall written in C that uses DFA to block SQL injection, cross site scripting, and path traversals.

Changes: Patch fix to the improving documentation.
tags | tool, web, firewall, xss, sql injection
systems | unix
SHA-256 | 34a59934180dc4ec202e6e77747f7e92b07457fb6a80ea09fb608137ac914095
Print Job Accounting 4.4.10 Unquoted Service Path
Posted Mar 8, 2021
Authored by Brian Rodriguez

Print Job Accounting version 4.4.10 suffers from an OkiJaSvc unquoted service path vulnerability.

tags | exploit
SHA-256 | 8ca737a7ce54df21a7e7e7054e07d0c5f530940557afb6207b19a4355cd674eb
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close