exploit the possibilities
Showing 1 - 11 of 11 RSS Feed

Files Date: 2021-12-20 to 2021-12-21

WordPress Popular Posts 5.3.2 Remote Code Execution
Posted Dec 20, 2021
Authored by h00die, Simone Cristofaro, Jerome Bruandet | Site metasploit.com

This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address (192/172/127/10). The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit leverages an authenticated improper input validation in WordPress plugin Popular Posts versions 5.3.2 and below. The exploit chain is rather complicated. Authentication is required and gd for PHP is required on the server. Then the Popular Post plugin is reconfigured to allow for an arbitrary URL for the post image in the widget. A post is made, then requests are sent to the post to make it more popular than the previous #1 by 5. Once the post hits the top 5, and after a 60 second server cache refresh (the exploit waits 90 seconds), the homepage widget is loaded which triggers the plugin to download the payload from the server. The payload has a GIF header, and a double extension (.gif.php) allowing for arbitrary PHP code to be executed.

tags | exploit, web, arbitrary, php
advisories | CVE-2021-42362
SHA-256 | 90db5fa8de8fdf34a913230d5320fbeba171c2aac53e75371d7b3d5919bde065
Wapiti Web Application Vulnerability Scanner 3.0.9
Posted Dec 20, 2021
Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: CLI has a new passive module option that allows you to use less aggressive modules only. WP_ENUM has improved detection of WordPress. New SSL module to check TLS/SSL configuration, powered by SSLyze. New Log4Shell attack module to detect the infamous vulnerability.
tags | tool, web, scanner, vulnerability
systems | unix
SHA-256 | bd64674b9152057bf1534ca7d7aab8cad4fccb1027813e0d0281f48823a82475
Red Hat Security Advisory 2021-5206-02
Posted Dec 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5206-02 - Log4j is a tool to help the programmer output log statements to a variety of output targets. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-4104
SHA-256 | 9d0b55c3698901f73309bbaf111059dc96c503f7e8b4b5f10dfdc03732f2263c
Ubuntu Security Notice USN-5203-1
Posted Dec 20, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5203-1 - Hideki Okamoto and Guy Lederfein discovered that Apache Log4j 2 did not protect against infinite recursion in lookup evaluation. A remote attacker could possibly use this issue to cause Apache Log4j 2 to crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-45105
SHA-256 | 2509fd996d8268bfd9a66c77ed06d9c68d807866fb92dc62b89d8410889526ab
VMware Security Advisory 2021-0030
Posted Dec 20, 2021
Authored by VMware | Site vmware.com

VMware Security Advisory 2021-0030 - VMware Workspace ONE Access, Identity Manager and vRealize Automation updates address multiple vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-22056, CVE-2021-22057
SHA-256 | bd5d7dc27d7142729d7b0b3eef7723aa7a5d955f9dbaf105237d210af165583e
VMware Security Advisory 2021-0028.4
Posted Dec 20, 2021
Authored by VMware | Site vmware.com

VMware Security Advisory 2021-0028.4 - VMware has released a response to the Apache Log4j remote code execution vulnerability. They have updated this advisory.

tags | advisory, remote, code execution
advisories | CVE-2021-44228
SHA-256 | 957e29f898225bb7fd6b5e005b5fc7f5f33240b94a7b9f29556d699b70f105a7
Bazaar Web PHP Social Listings Shell Upload
Posted Dec 20, 2021
Authored by Sohel Yousef

Bazaar Web PHP Social Listings suffers from a remote shell upload vulnerability.

tags | exploit, remote, web, shell, php
SHA-256 | f1629de60b9c1c66f85917fe4e27cf490f6caab55d5182d2047cf1df6cde10ab
Insecure sprintf Of C
Posted Dec 20, 2021
Authored by x90c

This is a brief write up discussing insecure functions susceptible to classic buffer overflows.

tags | paper, overflow
SHA-256 | 6c56ef6f21fb5c517c4f05fbff6461b2f130d800355ad39593d8b2f06bee3943
Video Sharing Website 1.0 SQL Injection
Posted Dec 20, 2021
Authored by nu11secur1ty

Video Sharing Website version 1.0 appears to suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2784313c95a531246f7199e48b5fedc0ea6d5e52978a87d8aae64cb4c78d0d35
Signup PHP Portal 2.1 Shell Upload
Posted Dec 20, 2021
Authored by Sohel Yousef

Signup PHP Portal version 2.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, php
SHA-256 | 0ffc78db1554cc2312874b940b014bebbe2e06854b885e74b9060727a2e56e98
Alfa Team Shell Tesla 4.1 Remote Code Execution
Posted Dec 20, 2021
Authored by Aryan Chehreghani

Alfa Team Shell Tesla version 4.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, shell, code execution
SHA-256 | 363374659febefa3f6d3f2659c5f5631aa41a3d73f84debd925e4dccbd81a349
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close