what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files

SuiteCRM 7.11.15 Remote Code Execution
Posted Nov 9, 2020
Authored by M. Cory Billington

SuiteCRM version 7.11.15 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-28328
SHA-256 | 01765bb0c089aa14728aa27a9a2f9df90fd877e20b6db152f7b1c4f203fe3d3f

Related Files

SuiteCRM Authenticated SQL Injection
Posted Aug 31, 2024
Authored by Exodus Intelligence, Redouane Niboucha, jheysel-r7 | Site metasploit.com

This Metasploit module exploits an authenticated SQL injection in SuiteCRM in versions before 7.12.6. The vulnerability allows an authenticated attacker to send specially crafted requests to the export entry point of the application in order to retrieve all the usernames and their associated password from the database.

tags | exploit, sql injection
SHA-256 | 668d40628faf73dd32554ae84c36e46a6ae67a8a8d4b003f7fec6bd01f8d03a0
SuiteCRM 7.11.18 Remote Code Execution
Posted Nov 17, 2021
Authored by M. Cory Billington | Site metasploit.com

This Metasploit module exploits an input validation error on the log file extension parameter of SuiteCRM version 7.11.18. It does not properly validate upper/lower case characters. Once this occurs, the application log file will be treated as a php file. The log file can then be populated with php code by changing the username of a valid user, as this info is logged. The php code in the file can then be executed by sending an HTTP request to the log file. A similar issue was reported by the same researcher where a blank file extension could be supplied and the extension could be provided in the file name. This exploit will work on those versions as well, and those references are included.

tags | exploit, web, php
advisories | CVE-2020-28328, CVE-2021-42840
SHA-256 | 7f2ef0fa96275977d80eca31460f8f2876baa953ce756a42a73f7d1524b141fb
SuiteCRM Log File Remote Code Execution
Posted Jun 4, 2021
Authored by M. Cory Billington | Site metasploit.com

This Metasploit module exploits an input validation error on the log file extension parameter. It does not properly validate upper/lower case characters. Once this occurs, the application log file will be treated as a php file. The log file can then be populated with php code by changing the username of a valid user, as this info is logged. The php code in the file can then be executed by sending an HTTP request to the log file. A similar issue was reported by the same researcher where a blank file extension could be supplied and the extension could be provided in the file name. This exploit will work on those versions as well, and those references are included.

tags | exploit, web, php
advisories | CVE-2020-28328
SHA-256 | ec5ef5c3f76e27557be6a802468fa8e1b2e50b2a6a2993479fd1a906363a8c90
SuiteCRM 7.11.10 SQL Injection
Posted Feb 13, 2020
Authored by EgiX | Site karmainsecurity.com

SuiteCRM versions 7.11.10 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2020-8804
SHA-256 | 6d0664ee294d9c0e355362341a51a1fb0526746a2bbe5d841ef37520620739c4
SuiteCRM 7.11.11 Broken Access Control / Local File Inclusion
Posted Feb 13, 2020
Authored by EgiX | Site karmainsecurity.com

SuiteCRM versions 7.11.11 and below suffer from an add_to_prospect_list broken access control that allows for local file inclusion attacks.

tags | exploit, local, file inclusion
advisories | CVE-2020-8803
SHA-256 | bf17496e890701853063b6c0ff76d7e4c10126a589c0ff3f257def2dcf623ee6
SuiteCRM 7.11.11 Bean Manipulation
Posted Feb 13, 2020
Authored by EgiX | Site karmainsecurity.com

SuiteCRM versions 7.11.11 and below suffer from an action_saveHTMLField bean manipulation vulnerability.

tags | exploit
advisories | CVE-2020-8802
SHA-256 | 2180571bb1e2260ae7306d067b16cfbedbc9933b8f3852afefaabda12b8e98f8
SuiteCRM 7.11.11 Phar Deserialization
Posted Feb 13, 2020
Authored by EgiX | Site karmainsecurity.com

SuiteCRM versions 7.11.11 and below suffer from multiple phar deserialization vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2020-8801
SHA-256 | 6635b4d98132797e97d5f7beb1446ac64f1d1b045f58dd11a4416288eebcbc03
SuiteCRM 7.11.11 Second-Order PHP Object Injection
Posted Feb 13, 2020
Authored by EgiX | Site karmainsecurity.com

SuiteCRM versions 7.11.11 and below suffer from a second-order php object injection vulnerability.

tags | exploit, php
advisories | CVE-2020-8800
SHA-256 | 0b39b583ac4c6a3f164f129018fb829ea101106ca187de455b16329ca19a3403
SuiteCRM 7.10.7 SQL Injection
Posted Feb 4, 2019
Authored by Mehmet Emiroglu

SuiteCRM version 7.10.7 suffers from multple remote SQL injection vulnerabilities.

tags | exploit, remote, sql injection
SHA-256 | f583d959eb1bbef80e7c6627ad1371a3948b262779c192a50df55da96824e357
PHP imap_open Remote Code Execution
Posted Nov 28, 2018
Authored by h00die, Anton Lopanitsyn, Twoster | Site metasploit.com

The imap_open function within PHP, if called without the /norsh flag, will attempt to preauthenticate an IMAP session. On Debian based systems, including Ubuntu, rsh is mapped to the ssh binary. Ssh's ProxyCommand option can be passed from imap_open to execute arbitrary commands. While many custom applications may use imap_open, this exploit works against the following applications: e107 v2, prestashop, SuiteCRM, as well as Custom, which simply prints the exploit strings for use. Prestashop exploitation requires the admin URI, and administrator credentials. suiteCRM/e107/hostcms require administrator credentials.

tags | exploit, arbitrary, php, imap
systems | linux, debian, ubuntu
SHA-256 | 5db80502619550a84a9d8068ff710ec5534f3d8a3239b812c7c114f85cc7972a
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close