what you don't know can hurt you
Showing 1 - 11 of 11 RSS Feed

Files Date: 2021-12-20

WordPress Popular Posts 5.3.2 Remote Code Execution
Posted Dec 20, 2021
Authored by h00die, Simone Cristofaro, Jerome Bruandet | Site metasploit.com

This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address (192/172/127/10). The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit leverages an authenticated improper input validation in WordPress plugin Popular Posts versions 5.3.2 and below. The exploit chain is rather complicated. Authentication is required and gd for PHP is required on the server. Then the Popular Post plugin is reconfigured to allow for an arbitrary URL for the post image in the widget. A post is made, then requests are sent to the post to make it more popular than the previous #1 by 5. Once the post hits the top 5, and after a 60 second server cache refresh (the exploit waits 90 seconds), the homepage widget is loaded which triggers the plugin to download the payload from the server. The payload has a GIF header, and a double extension (.gif.php) allowing for arbitrary PHP code to be executed.

tags | exploit, web, arbitrary, php
advisories | CVE-2021-42362
MD5 | 58b71d78f3e92f8308944edbaef03644
Wapiti Web Application Vulnerability Scanner 3.0.9
Posted Dec 20, 2021
Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: CLI has a new passive module option that allows you to use less aggressive modules only. WP_ENUM has improved detection of WordPress. New SSL module to check TLS/SSL configuration, powered by SSLyze. New Log4Shell attack module to detect the infamous vulnerability.
tags | tool, web, scanner, vulnerability
systems | unix
MD5 | 7e7d37ce9c57bf0bf4f9b842adc2b8fe
Red Hat Security Advisory 2021-5206-02
Posted Dec 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5206-02 - Log4j is a tool to help the programmer output log statements to a variety of output targets. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-4104
MD5 | 06838f7e012ea6108070317fcdef4c64
Ubuntu Security Notice USN-5203-1
Posted Dec 20, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5203-1 - Hideki Okamoto and Guy Lederfein discovered that Apache Log4j 2 did not protect against infinite recursion in lookup evaluation. A remote attacker could possibly use this issue to cause Apache Log4j 2 to crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-45105
MD5 | 2898b01210b72d5cd2a42eab1b27e1b0
VMware Security Advisory 2021-0030
Posted Dec 20, 2021
Authored by VMware | Site vmware.com

VMware Security Advisory 2021-0030 - VMware Workspace ONE Access, Identity Manager and vRealize Automation updates address multiple vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-22056, CVE-2021-22057
MD5 | 19452eb92706c0b1e92dc431e26410cd
VMware Security Advisory 2021-0028.4
Posted Dec 20, 2021
Authored by VMware | Site vmware.com

VMware Security Advisory 2021-0028.4 - VMware has released a response to the Apache Log4j remote code execution vulnerability. They have updated this advisory.

tags | advisory, remote, code execution
advisories | CVE-2021-44228
MD5 | fbb8ed1b5aad29fb76bc684859909231
Bazaar Web PHP Social Listings Shell Upload
Posted Dec 20, 2021
Authored by Sohel Yousef

Bazaar Web PHP Social Listings suffers from a remote shell upload vulnerability.

tags | exploit, remote, web, shell, php
MD5 | 332c8c67d69bd164ce7cf1a517267229
Insecure sprintf Of C
Posted Dec 20, 2021
Authored by x90c

This is a brief write up discussing insecure functions susceptible to classic buffer overflows.

tags | paper, overflow
MD5 | 61159bd64914dd583675a43a16944950
Video Sharing Website 1.0 SQL Injection
Posted Dec 20, 2021
Authored by nu11secur1ty

Video Sharing Website version 1.0 appears to suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 65e77333e6364fe5c870b357cfd4ecfd
Signup PHP Portal 2.1 Shell Upload
Posted Dec 20, 2021
Authored by Sohel Yousef

Signup PHP Portal version 2.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, php
MD5 | e464561cff8e90dcfa451a5ce5f9f8d5
Alfa Team Shell Tesla 4.1 Remote Code Execution
Posted Dec 20, 2021
Authored by Aryan Chehreghani

Alfa Team Shell Tesla version 4.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, shell, code execution
MD5 | 4e1d936cbae22ea2647ee9d7e6127458
Page 1 of 1
Back1Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    21 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close