CVE-2019-9825

FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arbitrary PHP code by visiting index.php?s=Admin-Index to modify the set of allowable file extensions, as demonstrated by adding php to the default jpg,gif,png,jpeg setting, and then using the "add article" feature...

CVE-2019-9825

FeiFeiCMS 4.1.190209 is affected by CVE-2019-9825. The vulnerability allows remote attackers to upload and execute arbitrary PHP code by visiting index.php?s=Admin-Index and modifying the set of allowable file extensions (e.g., adding PHP to the default image extensions). The attacker can then us...

Total.js prior to 3.2.4 Directory Traversal

This module check and exploits a directory traversal vulnerability in Total.js prior to 3.2.4. Here is a list of accepted extensions: flac, jpg, jpeg, png, gif, ico, js, css, txt, xml, woff, woff2, otf, ttf, eot, svg, zip, rar, pdf, docx, xlsx, doc, xls, html, htm, appcache, manifest, map, ogv,...

Spotlight on Troldesh ransomware, aka ‘Shade’

Despite the decline in the number of ransomware infections over the last year, there are several ransomware families that are still active. Ransom.Troldesh, aka Shade, is one of them. According to our product telemetry, Shade has experienced a sharp increase in detections from Q4 2018 to Q1 2019...

WordPress Category Page Icons 3.6.1 CSRF / Shell Upload

Exploit Title : WordPress category-page-icons Plugins 3.6.1 CSRF Shell Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 17/01/2019 Vendor Homepage : wordpress.org wp-premiumplugins.com/category-page-icons/ wordpress.org/plugins/category-page-icons/ Softwar...

Design/Logic Flaw

Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into the image; PHP code can be executed using "" tags, as demonstrated by a CompanyDetailsSave action...

CVE-2019-5009

Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into the image; PHP code can be executed using "" tags, as demonstrated by a CompanyDetailsSave action...

CVE-2019-5009

Vtiger CRM 7.1.0 before Hotfix2 contains a file-upload vulnerability in the logo field: an uploaded PNG image of 150x40 with an extension allowed as php3 can carry PHP code, bypassing the extension filter and enabling code execution via the image (e.g., using PHP tags). Affected files/documented ...

pyHAWK - Searches The Directory Of Choice For Interesting Files. Such As Database Files And Files With Passwords Stored On Them

Searches the directory of choice for interesting files. Such as database files and files with passwords stored on them Features Scans directory for intresting file types Outputs them to the screen Supports many file types Installation Instructions The installation is easy. Git clone the repo and...

GHSA-RP28-29CH-GH92 Directory Traversal in elding

Affected versions of elding resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. This...

CVE-2018-14857

Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...

CVE-2018-14857

Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...

CVE-2018-14857

Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...

CVE-2018-5173

The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full,...

fuzzdb-collect

Based on the provided context, it appears that the repository contains a tool for brute-forcing file extensions with 3-character names. The tool is designed to test...

UBUNTU-CVE-2018-5173

The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full,...

CVE-2018-6660

Directory Traversal vulnerability in McAfee ePolicy Orchestrator ePO 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows administrators to use Windows alternate data streams, which could be used to bypass the file extensions, via not properly validating the path when exporting a particular XML file...

Disable Risky Windows Features: Hardentools

Hardentools is a collection of simple utilities designed to disable a number of “features” exposed by operating systems Microsoft Windows, for now, and primary consumer applications. These features, commonly thought for Enterprise customers, are generally useless to regular users and rather pose ...

Domain Analyzer - Analyze The Security Of Any Domain By Finding All the Information Possible

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. How Domain analyzer takes a domain name and finds information about it, such as DNS servers, mail servers, IP...

FakeImageExploiter - Use a Fake image.jpg (hide known file extensions) to exploit targets

This module takes one existing image.jpg and one payload.ps1 input by user and builds a new payload agent.jpg.exe that if executed it will trigger the download of the 2 previous files stored into apache2 image.jpg + payload.ps1 and execute them. This module also changes the agent.exe Icon to matc...