Elections GoRansom – a smoke screen for the HermeticWiper attack

Executive summary On February 24, 2022, Avast Threat Research published a tweet announcing the discovery of new Golang ransomware, which they called HermeticRansom. This malware was found around the same time the HermeticWiper was found, and based on publicly available information from security...

SMBSR - Lookup For Interesting Stuff In SMB Shares

Well, SMBSR is a python script which given a CIDR/IP/IPfile/HOSTNAMEs enumerates all the SMB services listening 445 among the targets and tries to authenticate against them; if the authentication succeed then all the folders and subfolders are visited recursively in order to find secrets in files...

Improper file handling in concrete5/core

A bypass of adding remote files in Concrete CMS previously concrete5 File Manager leads to remote code execution in Concrete CMS concrete5 versions 8.5.6 and below. The external file upload feature stages files in the public directory even if they have disallowed file extensions. They are stored ...

Request a Quote < 2.3.5 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise, validate or escape some of its settings in the admin dashboard, leading to authenticated Stored Cross-Site Scripting issues even when the unfilteredhtml capability is disallowed. As admin, put the below payloads in the related vulnerable field/s and save them there i...

Ransomware scammers target artists with fake Krita revenue deals

The Krita digital painting application is currently being targeted by ransomware authors. Available on Steam and other platforms, it’s a powerful tool with a very cheap purchase price and great reviews. A perfect bit of bait to start reeling in potential victims, in other words. How does the scam...

CVE-2021-31799

In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. Recent assessments: wvu-r7 at May 03, 2021 1:43am UTC reported: CVE-2021-31799 Perlisms strike again in this RDoc command injection. Kernelopen is...

Wordpress Plugin SP Project and Document - Authenticated Remote Code Execution

This module allows an attacker with a privileged Wordpress account to launch a reverse shell due to an arbitrary file upload vulnerability in Wordpress plugin SP Project & Document /.php Module Options msf use exploit/multi/http/wppluginspprojectdocumentrce msf exploitwppluginspprojectdocumentrce...

MANSPIDER - Spider Entire Networks For Juicy Files Sitting On SMB Shares. Search Filenames Or File Content - Regex Supported!

Crawl SMB shares for juicy information. File content searching + regex is supported! File types supported: PDF DOCX XLSX PPTX any text-based format and many more!! MAN-SPIDER will crawl every share on every target system. If provided creds don't work, it will fall back to "guest", then to a null...

Cariddi - Take A List Of Domains, Crawl Urls And Scan For Endpoints, Secrets, Api Keys, File Extensions, Tokens And More...

Take a list of domains, crawl urls andscan for endpoints, secrets, api keys, file extensions, tokens and more... Preview Installation You need Go. Linux git clone https://github.com/edoardottt/cariddi.git cd cariddi go get make linux to install make unlinux to uninstall Or in one line: git clone...

CVE-2020-22249

Remote Code Execution vulnerability in phplist 3.5.1. The application does not check any file extensions stored in the plugin zip file, Uploading a malicious plugin which contains the php files with extensions like PHP,phtml,php7 will be copied to the plugins directory which would lead to the...

CVE-2020-22249

Remote Code Execution vulnerability in phplist 3.5.1. The application does not check any file extensions stored in the plugin zip file, Uploading a malicious plugin which contains the php files with extensions like PHP,phtml,php7 will be copied to the plugins directory which would lead to the...

CVE-2020-22249

Remote Code Execution vulnerability in phplist 3.5.1. The application does not check any file extensions stored in the plugin zip file, Uploading a malicious plugin which contains the php files with extensions like PHP,phtml,php7 will be copied to the plugins directory which would lead to the...

TYPO3 安全漏洞

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Typo3 Association. A file upload vulnerability exists in TYPO3, which can be exploited by an attacker to upload arbitrary data with arbitrary file extensions...

Unrestricted File Upload in Form Framework

Due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions - however, default fileDenyPattern successfully blocked files like .htaccess or malicious.php...

CVE-2020-4928

IBM Cloud Pak System 2.3 could allow a local privileged attacker to upload arbitrary files. By intercepting the request and modifying the file extention, the attacker could execute arbitrary code on the server. IBM X-Force ID: 191705...

Drupal core - Critical - Remote code execution - SA-CORE-2020-012

Update November 18: Documented longer list of dangerous file extensions Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting...

CVE-2020-4620

IBM Data Risk Manager iDNA 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious file, which could all...

Input validation

IBM Data Risk Manager iDNA 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious file, which could all...

Drag and Drop Multiple File Upload – Contact Form 7 < 1.3.5.5 - Unauthenticated Remote Code Execution

The Drag and Drop Multiple File Upload – Contact Form 7 WordPress plugin was vulnerable to Remote Code Execution via file upload. The plugin used a blacklist of dangerous file extensions that it did not allow to be uploaded, however, the extensions .phar and .phpt were not within the blacklist,...

Mozilla Firefox Input Validation Error Vulnerability (CNVD-2020-46333)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 28 for iOS-based platforms. An attacker can exploit the vulnerability to modify file extensions...