This Metasploit module exploits the logic in the CartView.php page when crafting a draft email with an attachment. By uploading an attachment for a draft email, the attachment will be placed in the /tmp_attach/ folder of the ChurchInfo web server, which is accessible over the web by any user. By uploading a PHP attachment and then browsing to the location of the uploaded PHP file on the web server, arbitrary code execution as the web daemon user (e.g. www-data) can be achieved.
d722a625744f0e9dc54c97184f41f3a6b314c7e49874af507dfdc2295535278e
This Metasploit module exploits a cross-site request forgery (CSRF) vulnerability in F5 Big-IP's iControl interface to write an arbitrary file to the filesystem. While any file can be written to any location as root, the exploitability is limited by SELinux; the vast majority of writable locations are unavailable. By default, we write to a script that executes at reboot, which means the payload will execute the next time the server boots. An alternate target - Login - will add a backdoor that executes next time a user logs in interactively. This overwrites a file, but we restore it when we get a session Note that because this is a CSRF vulnerability, it starts a web server, but an authenticated administrator must visit the site, which redirects them to the target.
0942abdee0725fc32a285ecb9a23fb1bfe3ecc058946e6d59dda0de6b91cbca4
Gentoo Linux Security Advisory 202211-3 - Multiple vulnerabilities have been found in PHP, the worst of which could result in arbitrary code execution. Versions less than 7.4.33:7.4 are affected.
9a1678e24b2e3feff0e005708de8cc73ed15cb45dc823e4705b0397f6d11473c
Debian Linux Security Advisory 5286-1 - Greg Hudson discovered integer overflow flaws in the PAC parsing in krb5, the MIT implementation of Kerberos, which may result in remote code execution (in a KDC, kadmin, or GSS or Kerberos application server process), information exposure (to a cross-realm KDC acting maliciously), or denial of service (KDC or kadmind process crash).
4054bf326761b93798ba5e87ed9c11954014650895f0887f6de6e704d4f0b728
Roxy Fileman versions 1.4.6 and below remote shell upload proof of concept exploit.
16a9c59173c82b869a340397a5e68377531e0e0f9be9781793142e4f47786e1b
Ubuntu Security Notice 5733-1 - It was discovered that FLAC was not properly performing memory management operations, which could result in a memory leak. An attacker could possibly use this issue to cause FLAC to consume resources, leading to a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. It was discovered that FLAC was not properly performing bounds checking operations when decoding data. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to expose sensitive information or to cause FLAC to crash, leading to a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
5aa1c296ac510c2d91e6b194e1a3160b6f80fdad0f84b27288784c1f63e3c634
Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism.
74e7caa0bc29548de21944cffdfcab5eda40da0abe02546c835047e2ff2799f1
This is a whitepaper along with a proof of concept eml file discussing CVE-2020-16947 where a remote code execution vulnerability exists in Microsoft Outlook 2019 version 16.0.13231.20262 when it fails to properly handle objects in memory.
e10886839475e813dff9362bc048392f047b424255b849ca304a468b0daa17a3
This is a whitepaper along with a proof of concept eml file that demonstrates an out-of-bounds read on Outlook 2019 version 16.0.12624.20424. NIST references this issue as simply an information disclosure.
d7cbdf78b8d88b5ef4f17ae322717c6adec1d335f3eddae9fc75f883c66bbc76
This is a whitepaper discussing CVE-2020-1349 where a remote code execution vulnerability exists in Microsoft Outlook 2019 version 16.0.12624.20424 when it fails to properly handle objects in memory.
0cbeab94a42718d9dc0fbddcb25e670799fb9171ff9f4aa0d640945941711759
ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 suffers from an authentication bypass vulnerability when alternate HTTP methods are leveraged.
ff48587cc9c6fc5ae634b2741b79369b52b3d70d471b96017d5813fa8064c1e5
Red Hat Security Advisory 2022-8543-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.5.0. Issues addressed include bypass and use-after-free vulnerabilities.
fa7f1d4395710d9c94ae9db60c1da4f4d705cdc92e9666c75ca9cabd979d763c
Ubuntu Security Notice 5729-2 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an out-of-bounds read vulnerability in the x86 JIT compiler. A local attacker could possibly use this to cause a denial of service or expose sensitive information.
37ac683956be1298d59db7946f6bc8b7d7e2c0e7a850719e8ead2f51fc670c14
WordPress BeTheme theme version 26.5.1.4 suffers from multiple PHP object injection vulnerabilities when processing input.
796d230d939138bf65ab0ead41b12275e53550798cf863b9b6609b758208dec5
Ubuntu Security Notice 5686-3 - USN-5686-1 fixed vulnerabilities in Git. This update provides the corresponding updates for Ubuntu 22.10. Cory Snider discovered that Git incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause an unexpected behaviour.
ee6b56d4f6035bcabf57319cafc39810937a6a150e50bbd6feb67edb93813e2e
Red Hat Security Advisory 2022-8545-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.5.0. Issues addressed include bypass and use-after-free vulnerabilities.
e1d4134edfac31d5b7aa31df749610cef5ed8a892f25e5cd99d4018092dd5911
Backdoor.Win32.Oblivion.01.a malware suffers from an insecure transit vulnerability due to sending passwords in the clear over the wire.
c9b00ae1cb0d588d2139660e2b1f0d2bffb8cafec26176d718c3f41580dbc52e
David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.
c8b54fe7071577436d5dc780fd7a8a538a0ac9493dd4e3362ddd475aa5896c8c
Gentoo Linux Security Advisory 202211-4 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in remote code execution. Versions greater than or equal to 10.22:10 are affected.
71880d0d6245b1983636aab28aca723a5ddf8d538cf706cff9fa682f7fca99ab
ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 remote stack buffer overflow exploit that causes a denial of service condition.
7a558d9353686c1fadfc2913a8a5f9de3a9bd0334db283f12ce28be10cb28926
Ubuntu Security Notice 5728-2 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
c3624c07f86cdfd2b3713a4f62018465ad2c42db0469b2ff000d4ff889d73b83
Red Hat Security Advisory 2022-8547-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.5.0. Issues addressed include bypass and use-after-free vulnerabilities.
dee63b29cdcb7251d95277e9e51f1f3431b32ddc2e2dcc6e3ea6e79d5728ceeb
ClicShopping version 3.402 suffers from a cross site scripting vulnerability.
0c0a4e5bd4110e5311f9604c26bbcb70101102d3105fe1c019502067f98d1c9e
Trojan.Win32.Platinum.gen malware suffers from a code execution vulnerability.
cdc9993c4bb438c0123a75bf753431e3118f0f97de1d721144c5ddb34cf6a07e
Ubuntu Security Notice 5727-2 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. It was discovered that the KVM implementation in the Linux kernel did not properly handle virtual CPUs without APICs in certain situations. A local attacker could possibly use this to cause a denial of service.
198528c181d3d41c1c6d41390038b021e5a8bb3d1e1b1bda41b1f5b01c58e2b7