Vulnerability fixed in Zoho ManageEngine ADSelfService Plus

Zoho has fixed a vulnerability in ManageEngine ADSelfService Plus. An authenticated malicious person could potentially potentially exploit it to execute arbitrary code. The vulnerability is located in the password reset functionality. Systems are vulnerable only when custom scripts are enabled fo...

CVE-2021-40845

The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory...

CVE-2021-40845

The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory...

Design/Logic Flaw

The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory...

Zenitel AlphaCom XE Audio Server 11.2.3.10 Shell Upload Vulnerability

Zenitel AlphaCom XE Audio Server versions up to 11.2.3.10 have a web interface called AlphaWeb XE that allows for a remote shell upload. I. VULNERABILITY ------------------------- AlphaWeb XE - Authenticated Insecure File Upload leading to RCE II. CVE REFERENCE -------------------------...

Zenitel AlphaCom XE Audio Server 11.2.3.10 Shell Upload

I. VULNERABILITY ------------------------- AlphaWeb XE - Authenticated Insecure File Upload leading to RCE II. CVE REFERENCE ------------------------- CVE-2021-40845 III. VENDOR ------------------------- https://www.zenitel.com/ IV. DESCRIPTION ------------------------- The web part of Zenitel...

Exploit for Unrestricted Upload of File with Dangerous Type in Zenitel Alphacom_Xe_Audio_Server

CVE-2021-40845 I. VULNERABILITY ------------------------- Alp...

Code injection

Orbit Fox by ThemeIsle has a feature to add custom scripts to the header and footer of a page or post. There were no checks to verify that a user had the unfilteredhtml capability prior to saving the script tags, thus allowing lower-level users to inject scripts that could potentially be maliciou...

CVE-2021-24157 Orbit Fox by ThemeIsle < 2.10.3 - Authenticated Stored Cross Site Scripting

Orbit Fox by ThemeIsle has a feature to add custom scripts to the header and footer of a page or post. There were no checks to verify that a user had the unfilteredhtml capability prior to saving the script tags, thus allowing lower-level users to inject scripts that could potentially be maliciou...

CVE-2021-24157

The CVE-2021-24157 issue affects Orbit Fox by ThemeIsle WordPress plugin. Affected component: the header/footer script injection feature in Orbit Fox; root cause: no validation of user capabilities (unfiltered_html) before saving script tags, enablingAuthenticated users with lower privileges to i...

h1-ctf: H1 Hackyholidays CTF - The Grinch was defeated

The following writeup will underline all the steps and tools used to solve the 12 challenges of the H1 Holidays CTF. The theme of the competition was the Grinch. How it is possible to read from the competition blog post https://www.hackerone.com/blog/12-days-hacky-holidays-ctf , the goal was to...

Quiver - Tool To Manage All Of Your Tools For Bug Bounty Hunting And Penetration Testing

Quiver is the tool to manage all of your tools. It's an opinionated and curated collection of commands, notes and scripts for bug bounty hunting and penetration testing. Features ZSH / Oh-My-ZSH shell plugin Tab auto-completion Global variables Prefills the command line, doesn't hide commands fro...

CVE-2019-14416

An issue was discovered in Veritas Resiliency Platform VRP before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to resiliency plans and custom script functionality...

PT-2019-13685 · Veritas · Veritas Resiliency Platform

Name of the Vulnerable Software and Affected Versions: Veritas Resiliency Platform versions prior to 3.4 HF1 Description: An issue allows a malicious user to execute commands with root privilege within the virtual machine, related to resiliency plans and custom script functionality...

Security Bulletin: IBM Content Collector for Email affected by vulnerability due to WebSphere Application Server having insecure permissions when custom start up scripts are used

Summary IBM Content Collector for Email is affected by vulnerability due to WebSphere Application Server having insecure permissions when custom start up scripts are used. WAS might create files using the default permissions instead of the customized permissions, due to which a local attacker cou...

Dr0p1t-Framework - A Framework That Creates An Advanced FUD Dropper With Some Tricks

Have you ever heard about trojan droppers ? you can read about them from here . Dr0p1t let you create dropper like any tool but this time FUD with some tricks ; Features Works with Windows and Linux Adding malware after downloading it to startup Adding malware after downloading it to task schedul...

Bohatei - Flexible and Elastic DDoS Defense

Bohatei is a first of its kind platform that enables flexible and elastic DDoS defense using SDN and NFV. The repository contains a first version of the components described in the Bohatei paper, as well as a web-based User Interface. The backend folder consists of : an implementation of the...

How to Create a Custom SureBackup Test Script

Purpose This article provides information about creating custom SureBackup roles and scripts which can be used to enhance SureBackup testing. Solution Information regarding custom SureBackup roles can be found here: https://helpcenter.veeam.com/docs/backup/vsphere/creatingxmlfiles.html Informatio...

Cogent DataHub 7.1.1.63 - Source Disclosure

Cogent DataHub 7.1.1.63 - Source Disclosure Luigi Auriemma Application: Cogent DataHub http://www.cogentdatahub.com/Products/CogentDataHub.html Versions: = 7.1.1.63 Platforms: Windows Bug: source disclosure Exploitation: remote Date: 13 Sep 2011 Author: Luigi Auriemma e-mail: [email protected]...