Microsoft Windows TokenMagic Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Privilege Escalation via TokenMagic UAC Bypass', 'Description' = %q This module leverages a UAC bypass TokenMagic in order to spawn a...

Rockwell Automation Connected Components Workbench Path Traversal Vulnerability

Rockwell Automation CCW is an HMI editor and component-level industrial product for designing and configuring applications and performing microcontroller turns. A path traversal vulnerability exists in Rockwell Automation Connected Components Workbench, which can be exploited by an attacker to...

Trojan.Win32.Siscos.bqe Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b4a35ae6dcceea6390769829b4e1506f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Siscos.bqe Vulnerability: Insecure Permissions Description: The malware creates a...

CVE-2021-31800

Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../ directory traversal. This could potentially be abused to achieve arbitrary code execution by replacing...

CVE-2020-4039

SUSI.AI is an intelligent Open Source personal assistant. SUSI.AI Server before version d27ed0f has a directory traversal vulnerability due to insufficient input validation. Any admin config and file readable by the app can be retrieved by the attacker. Furthermore, some files can also be moved o...

Directory traversal

SUSI.AI is an intelligent Open Source personal assistant. SUSI.AI Server before version d27ed0f has a directory traversal vulnerability due to insufficient input validation. Any admin config and file readable by the app can be retrieved by the attacker. Furthermore, some files can also be moved o...

GO-2020-0025 Path traversal in code.cloudfoundry.org/archiver

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

CVE-2021-30493

CVE-2021-30493 describes a vulnerability in the Razer Synapse 3 software where multiple system services perform privileged operations on entries within the ChromaBroadcast subkey, specifically involving file name concatenation of a runtime log file used to store runtime log information. The resul...

Fixed in ClickHouse 21.4.3.21, 2021-04-12 

An attacker that has CREATE DICTIONARY privilege, can read arbitary file outside permitted directory...

CVE-2021-1492

The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Duo...

CVE-2021-27593

SAP 3D Visual Enterprise Viewer is affected by CVE-2021-27593. Opening specially crafted GIF files from untrusted sources can cause a crash and temporary unavailability of the application. Connected sources indicate the root cause as improper input validation. No exploitation or remediation detai...

Exploit for Server-Side Request Forgery in F5 Big-Ip_Access_Policy_Manager

Vuln Impact This vulnerability allows for unauthenticated at...

Hestia Control Panel 1.3.2 Arbitrary File Write

Title: Hestia Control Panel 1.3.2 - Arbitrary File Write Date: 07.03.2021 Author: Numan Türle Vendor Homepage: https://hestiacp.com/ Software Link: https://github.com/hestiacp/hestiacp Version: 1.3.3 Tested on: HestiaCP Version 1.3.2 curl --location --request POST...

XStream Arbitrary File Deletion Vulnerability (CNVD-2021-28336)

XStream is a simple Java-based library , Java objects serialized to xml and vice versa i.e. : Java objects and xml documents can easily be converted to each other . XStream has an arbitrary file deletion vulnerability that can be exploited by an attacker to manipulate the processed input stream a...

Joomla! 3.x < 3.9.25 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 3.x prior to 3.9.25. It is, therefore, affected by multiple vulnerabilities. - Usage of the insecure rand function within the process of generating the 2FA secret. CVE-2021-23126 - Usage of an...

Stack overflow

Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options...

Cisco NX-OS Software Arbitrary File Manipulation Vulnerability

Cisco NX-OS Software and so on are products of Cisco Corporation.Cisco NX-OS Software is a set of data center-grade operating system software used by switches.Cisco Nexus 3000 Series Switches is a 3000 series switch.Cisco Nexus 9000 Series Switches is a 9000 series switch. A security vulnerabilit...

Smart Template Engine Injection Vulnerability (CNVD-2021-13245)

The Smart template engine is one of the most famous PHP engines in the industry today. It provides an easy-to-manage way to separate business logic from presentation logic. A vulnerability has been reported in the Smart Template Engine, which allows an attacker to write to a cache file via the...

Siemens SINEMA Server and SINE CNMS Directory Traversal Vulnerability

Siemens SINE CNMS is the new generation of network management system Enterprise for digital libraries. This system can be used to centrally monitor, manage and configure networks.Siemens SINEMA Server is Siemens' network monitoring and management software for industrial Ethernet. A directory...

CVE-2021-20066

JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled...