SUSE CVE-2020-35458

An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the loginfromcookie cookie. The user logout routine could be used by unauthenticated remote attackers to execute code as hauser...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4j Vulnerability --- --- --- Tutorial: https...

OpenTSDB 2.4.0 Command Injection Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability in the yrange parameter in OpenTSDB through 2.4.0 CVE-2020-35476 in order to achieve unauthenticated remote code execution as the root user. The module first attempts to obtain the OpenTSDB version via the api. If...

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x upload.cgi Code Execution

!/usr/bin/env python SOUND4 IMPACT/FIRST/PULSE/Eco =2.x upload.cgi Unauthenticated Remote Code Execution Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Versio...

Vulnerability fixed in FortiOS SSL-VPN

Fortinet has fixed a vulnerability in FortiOS SSL-VPN. A unauthenticated remote malicious party can exploit the vulnerability exploit it to execute arbitrary code. This requires malicious network traffic must be sent to the vulnerable interface sent. Fortinet says it is aware of an incident in...

A Door Isn’t a Door When It’s Ajar- Part 1

A Door Isn’t a Door When It’s Ajar - Part 1 By Trellix · August 11, 2022 This story was also written by Steve Povolny and Sam Quinn Contents Executive Summary Target Selection What is it? Reconnaissance & Standard Operations Recon Standard Operations Hardware Hacking Hardware Hacking Shopping Lis...

CVE-2022-35223

EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation vulnerability. Deserializing a cookie containing malicious payload will trigger this insecure deserialization vulnerability, allowing an unauthenticated remote attacker to execute arbitrary code, manipulate...

CVE-2022-35405

CVE-2022-35405 affects Zoho ManageEngine PAM360 (before 5.5/5510) and Password Manager Pro (before 12.1/12101), plus Access Manager Plus (before 4.3/4303 with auth). The root cause is a Java deserialization issue in XML-RPC handling that enables unauthenticated RCE for Password Manager Pro and PA...

WordPress Tatsu plugin < 3.3.13 - Unauthenticated Remote Code Execution (RCE) vulnerability

Unauthenticated Remote Code Execution RCE vulnerability discovered by Vincent Michel in WordPress Tatsu plugin versions 3.3.13. Solution Update the WordPress Tatsu plugin to the latest available version at least 3.3.13...

CVE-2020-15591

fexsrv in FEX aka Frams' Fast File EXchange before fex-201609192 allows eval injection for unauthenticated remote code execution...

CVE-2022-24983

CVE-2022-24983 concerns forms generated by JQueryForm.com before 2022-02-05. The vulnerability allows remote attackers to obtain the URI of uploaded files by capturing the POST response (the Unique ID is included in the response). This is stated to enable unauthenticated remote code execution whe...

Unspecified vulnerability in ImpressCMS

ImpressCMS is a MySQL-based, modular content management system CMS. The system includes modules for press releases, forums, and photo albums. ImpressCMS has a security vulnerability that stems from the fact that impress scms prior to 1.4.2 allows traversal of the origName or imageName directory b...

Backdoor.Win32.Zxman Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/e369bbd8acbe8322834e3adbad30ff5c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zxman Vulnerability: Unauthenticated Remote Code Execution Description: The malware b...

Authentication flaw

Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required...

CVE-2021-44077

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration...

CVE-2021-44077

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration. Recent assessments:...

CVE-2021-41269 Unauthenticated remote code injection in cron-utils

cron-utils is a Java library to define, parse, validate, migrate crons as well as get human readable descriptions for them. In affected versions A template Injection was identified in cron-utils enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code...

CVE-2021-41833

Zoho ManageEngine Patch Connect Plus before 90099 is vulnerable to unauthenticated remote code execution...

Sql injection

BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation. SQL injection can, for example, use the txtID aka username parameter. Successful exploitation can include...

CVE-2021-40238

A Cross Site Scriptiong XSS vulnerability exists in the admin panel in Webuzo 2.9.0 via an HTTP request to a non-existent page, which is activated by administrators viewing the "Error Log" page. An attacker can leverage this to achieve Unauthenticated Remote Code Execution via the "Cron Jobs"...