1015 matches found
WordPress SP Project And Document Remote Code Execution Exploit
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress SP Project and Document plugin versions prior to 4.22. The security check only searches for lowercase file extensions such as .php,...
WordPress Modern Events Calendar Remote Code Execution Exploit
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress Modern Events Calendar plugin versions prior to 5.16.5. This is due to an incorrect check of the uploaded file extension. Indeed, by...
WordPress Backup Guard Authenticated Remote Code Execution Exploit
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in Wordpress plugin Backup Guard versions prior to 1.6.0. This is due to an incorrect check of the uploaded file extension which should be of SGBP...
CVE-2021-32679
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, filenames where not escaped by default in controllers using DownloadResponse. When a user-supplied filename was passed unsanitized into a DownloadResponse, this could be used to...
CVE-2021-32679 Filenames not escaped by default in controllers using DownloadResponse
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, filenames where not escaped by default in controllers using DownloadResponse. When a user-supplied filename was passed unsanitized into a DownloadResponse, this could be used to...
CVE-2021-24347
The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that php files could still be...
CVE-2021-24347 SP Project & Document Manager <2 4.22 - Authenticated Shell Upload
The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that php files could still be...
HTMLDOC 代码问题漏洞
HTMLDOC is an open source program that converts HTML and Markdown files to EPUB, Indexed HTML, PostScript and PDF formats. HTMLDOC suffers from a code issue vulnerability that stems from insufficient validation of user-supplied input in the fileextension function in file.c. The vulnerability can ...
SuiteCRM Log File Remote Code Execution Exploit
This Metasploit module exploits an input validation error on the log file extension parameter. It does not properly validate upper/lower case characters. Once this occurs, the application log file will be treated as a php file. The log file can then be populated with php code by changing the...
SuiteCRM Log File Remote Code Execution
This module exploits an input validation error on the log file extension parameter. It does not properly validate upper/lower case characters. Once this occurs, the application log file will be treated as a php file. The log file can then be populated with php code by changing the username of a...
Watch out as fake ransomware attack infects PCs with StrRAT
By Habiba Rashid StrRAT malware steals credentials and changes file name extension to .crimson but it does not encrypt any data like in a ransomware attack. This is a post from HackRead.com Read the original post: Watch out as fake ransomware attack infects PCs with StrRAT...
Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware
Microsoft on Thursday warned of a "massive email campaign" that's pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection. "This RAT is infamous for its ransomware-like behavior of appending the file name extension...
Mozilla Firefox 88.0.1 - File Extension Execution of Arbitrary Code Exploit
Exploit Title: Mozilla Firefox 88.0.1 - File Extension Execution of Arbitrary Code Exploit Authors: Carlo Di Dato and Michael Caruso from BestEffort Team https://besteffortteam.it Vendor Homepage: https://www.mozilla.org Version: = 88.0.1 Tested on: Windows XP Professional SP3 32-bit, Windows 7...
Mozilla Firefox 88.0.1 File Extension Execution
Exploit Title: Mozilla Firefox 88.0.1 - File Extension Execution of Arbitrary Code Date: 20/05/2021 Exploit Authors: Carlo Di Dato and Michael Caruso from BestEffort Team https://besteffortteam.it Vendor Homepage: https://www.mozilla.org Version: = 88.0.1 Tested on: Windows XP Professional SP3...
Unrestricted file upload
Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to upload arbitrary files by attaching a file with a ".jpg.php" extension to the component "admin/wenjian.php?wj=../templets/pc"...
SAP Process Integration 代码问题漏洞
SAP Process Integration is middleware from SAP Germany that enables SAP to seamlessly integrate with non-SAP applications in the company or with systems outside the company. A vulnerability exists in the Integration Builder Framework for SAP Process Integration versions 7.10, 7.11, 7.20, 7.30,...
Centreon Web Upload Bypass Vulnerability
Centreon Web is a set of open source system monitoring tools from the French company Centreon . The product mainly provides monitoring functions on the network , system and application resources . An upload bypass vulnerability exists in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2, which...
CVE-2021-26804
Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote attackers to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the application...
Input validation
Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote attackers to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the application...
CVE-2021-26804
CVE-2021-26804 affects Centreon Web versions 19.10.18, 20.04.8, and 20.10.2. The issue stems from insecure permissions that allow a remote attacker to bypass validation by changing any file extension to ".gif" and uploading it via Administration/Parameters/Images, effectively enabling unauthorize...