what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2021-05-17

Microsoft Windows TokenMagic Privilege Escalation
Posted May 17, 2021
Authored by James Forshaw, bwatters-r7, jheysel-r7, Ruben Boonen | Site metasploit.com

This Metasploit module leverages a UAC bypass (TokenMagic) in order to spawn a process/conduct a DLL hijacking attack to gain SYSTEM-level privileges. Windows 7 through Windows 10 1803 are affected.

tags | exploit
systems | windows
SHA-256 | 3d550555fdb7911177d802cb18251bb90d83981e45b93f363dcca79c2f431810
Dell DBUtil_2_3.sys IOCTL Memory Read / Write
Posted May 17, 2021
Authored by Spencer McIntyre, SentinelLabs, Kasif Dekel | Site metasploit.com

The DBUtil_2_3.sys driver distributed by Dell exposes an unprotected IOCTL interface that can be abused by an attacker to read and write kernel-mode memory.

tags | exploit, kernel
advisories | CVE-2021-21551
SHA-256 | 60c28ef1ac35891f12da2b7098fca05a34362d8c69f7050055509277585d70ab
Wapiti Web Application Vulnerability Scanner 3.0.5
Posted May 17, 2021
Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Boolean based blind SQL injection support added. Added CSV as output format for Report. Multiple changes to cookie support. Fixed a session issue. New modules relating to WordPress and Drupal.
tags | tool, web, scanner, vulnerability
systems | unix
SHA-256 | ee7d76549f3f237ce19d78280de108c705b1b1ecf62710a3a514ccacd508a5e8
Ubuntu Security Notice USN-4956-1
Posted May 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4956-1 - It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-21419
SHA-256 | cb5fb373169c8ba0b611b9138b1e83c585bf8948ce087b4e6cf1f5d4b0dddb29
IPFire 2.25 Remote Code Execution
Posted May 17, 2021
Authored by Mucahit Saratar

IPFire version 2.25 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 93e5a0e715df1370e5ef4b121ef5e88d3d1b2edd883f84f7d0c7a2acf956835d
Backdoor.Win32.Antilam.14.d MVID-2021-0214 Code Execution
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Antilam.14.d malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
SHA-256 | ed20b71c46922a7fe5b216bfa7ac95e8524f7861a42ff525a99c9cdc84d52739
Advanced Guestbook 2.4.4 Cross Site Scripting
Posted May 17, 2021
Authored by Abdulkadir AYDOGAN

Advanced Guestbook version 2.4.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | abcecfa3706e739e9dfa06925965c56bdd64b612b78ad0b986317b7a65f452de
Ubuntu Security Notice USN-4955-1
Posted May 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4955-1 - Matthias Gerstner discovered that Please contained multiple security issues. A local attacker could use these issues to cause Please to crash, resulting in a denial of service, or possibly escalate privileges.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2021-31153
SHA-256 | c4dfad9391ee0a0f2fe3f6460d83e8a37b6f4368b05a464dce6bf256a0465d2e
Backdoor.Win32.Agent.oda MVID-2021-0213 Buffer Overflow
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.oda malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | 2c4a87ebd37e38d6ce8d228456cbbd252884f58cf41201a434b65b93f4c14650
Backdoor.Win32.Danton.43 MVID-2021-0212 Man-In-The-Middle
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Danton.43 malware suffers from a man-in-the-middle vulnerability.

tags | exploit
systems | windows
SHA-256 | 8ac600863e3f0fed2d5e51c9c026d779161eb1ea2cde43d0dd3dfe1cfda32919
Dental Clinic Appointment Reservation System 1.0 Cross Site Request Forgery
Posted May 17, 2021
Authored by Reza Afsahi

Dental Clinic Appointment Reservation System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 18b92b16f9fc2a2009ab2e07d54b79f587f2259d0799f322589b2f15ee7bc7cd
Dental Clinic Appointment Reservation System 1.0 Cross Site Scripting
Posted May 17, 2021
Authored by Reza Afsahi

Dental Clinic Appointment Reservation System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 42e6fa4b9631e3e8ab217a87ad9975e8879ef0b318f20311c97176acbd85687e
Backdoor.Win32.Danton.43 MVID-2021-0211 Code Execution / Hardcoded Credentials
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Danton.43 malware suffers from code execution and hardcoded credential vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
SHA-256 | a6a99a600dfd0c6c9a069739459b3bc70c977421ec10cf8475e82741b8eeb3eb
Backdoor.Win32.Agent.lyw MVID-2021-0210 Buffer Overflow
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.lyw malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | 6a30bd465d1512513932889a1a804ab0201d681769b354c4c260b7dca71be471
Subrion CMS 4.2.1 Shell Upload
Posted May 17, 2021
Authored by Fellipe Oliveira

Subrion CMS version 4.2.1 file upload bypass exploit that uploads a shell.

tags | exploit, shell, file upload
advisories | CVE-2018-19422
SHA-256 | a8dc69971c84f2d358d2043b54d854b585028b195fc8de3cc1b57d75eb01c988
Printable Staff ID Card Creator System 1.0 Shell Upload / SQL Injection
Posted May 17, 2021
Authored by bwnz

Printable Staff ID Card Creator System version 1.0 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | 0288a0ade6b292dcfaf2ed1475d9e81f48704f79276c587e97795e05a3fd85cf
Billing Management System 2.0 SQL Injection
Posted May 17, 2021
Authored by Mohammad Koochaki

Billing Management System version 2.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Pintu Solanki in February of 2021.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 25b099897c38e0ddaff2308cfd1337fd34b11049beb099e604bd657696024b66
Ubuntu Security Notice USN-4628-3
Posted May 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4628-3 - USN-4628-1 provided updated Intel Processor Microcode for various processor types. This update provides the corresponding updates for some additional processor types. Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-8695, CVE-2020-8696, CVE-2020-8698
SHA-256 | 9c7da2b2470de60b7a8d8d7efe50799848d6dbcea7454d96ae03812a657b6ddf
Backdoor.Win32.Agent.cy MVID-2021-0209 Denial Of Service / Null Pointer
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.cy malware suffers from denial of service and null pointer vulnerabilities.

tags | exploit, denial of service, vulnerability
systems | windows
SHA-256 | 8fa96d7ab7fa1faf3502cf442762cce78eb78154a1656244f619704bab4dc1c1
Backdoor.Win32.Agent.cy MVID-2021-0208 Insecure Transit
Posted May 17, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.cy malware suffers from insecure transit issues.

tags | exploit
systems | windows
SHA-256 | 9b3875f23908e791ce3aa8338237d21541fa943bbd4bc7feebe8807b4135e93e
Microsoft Internet Explorer 8 SetMouseCapture Use-After-Free
Posted May 17, 2021
Authored by SlidingWindow

Microsoft Internet Explorer version 8 SetMouseCapture use-after-free exploit.

tags | exploit
advisories | CVE-2013-3893
SHA-256 | dc036f7561a91f3ec1de1adb5c4d23b74d6d6af8f98e8f05554baa77eae7a593
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close