File Manager Pro < 1.8 - Remote Code Execution via CSRF

Description The plugin does not properly check the CSRF nonce in the fsconnector AJAX action. This allows attackers to make highly privileged users perform unwanted file system actions via CSRF attacks by using GET requests, such as uploading a web shell. PoC As a Super Admin, run the following...

PT-2023-26945 · Unknown · Rdpngfileupload.Dll +1

Name of the Vulnerable Software and Affected Versions: IRM Next Generation booking system affected versions not specified Description: A vulnerability in RDPngFileUpload.dll allows a remote attacker to upload arbitrary content, such as a web shell component, to the SQL database and execute it wit...

Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE

Description The plugin contains a web shell, allowing unauthenticated attackers to perform RCE. The plugin/vendor was not compromised and the files are the result of running a PoC for a previously reported issue https://wpscan.com/vulnerability/d4220025-2272-4d5f-9703-4b2ac4a51c42 and not deletin...

Flax Typhoon using legitimate software to quietly access Taiwanese organizations

Summary Microsoft has identified a nation-state activity group tracked as Flax Typhoon, based in China, that is targeting dozens of organizations in Taiwan with the likely intention of performing espionage. Flax Typhoon gains and maintains long-term access to Taiwanese organizations networks with...

Citrix NetScalers backdoored in widespread exploitation campaign

Fox-IT has uncovered a large-scale exploitation campaign of Citrix NetScalers in a joint effort with the Dutch Institute of Vulnerability Disclosure DIVD. Over 1900 instances were found to have a backdoor in the form of a web shell. These backdoored NetScalers can be taken over at will by an...

Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability

E-commerce sites using Adobe's Magento 2 software are the target of an ongoing campaign that has been active since at least January 2023. The attacks, dubbed Xurum by Akamai, leverage a now-patched critical security flaw CVE-2022-24086, CVSS score: 9.8 in Adobe Commerce and Magento Open Source...

Ivanti Addressed Second Zero-Day Flaw Exploited by Attackers

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability CVE-2023-35081 in Ivanti EPMM enables admin-authenticated attackers to write arbitrary files, risking unauthorized access, OS command execution, and malicious web shell...

Hackers Target Apache Tomcat Servers for Mirai Botnet and Crypto Mining

Misconfigured and poorly secured Apache Tomcat servers are being targeted as part of a new campaign designed to deliver the Mirai botnet malware and cryptocurrency miners. The findings come courtesy of Aqua, which detected more than 800 attacks against its Tomcat server honeypots over a two-year...

Citrix NetScaler ADC and Gateway Devices Under Attack: CISA Urges Immediate Action

The U.S. Cybersecurity and Infrastructure Security Agency CISA issued an advisory on Thursday warning that the newly disclosed critical security flaw in Citrix NetScaler Application Delivery Controller ADC and Gateway devices is being abused to drop web shells on vulnerable systems. "In June 2023...

Exploit for Code Injection in Citrix Netscaler_Application_Delivery_Controller

CVE-2023-3519 Inspector The cve20233519inspector.py is a...

PT-2023-11612 · Evertz · Evertz 7890Ixg +2

Name of the Vulnerable Software and Affected Versions: EVERTZ devices 3080IPX version exe-guest-v1.2-r26125 EVERTZ devices 7801FC version 1.3 Build 27 EVERTZ devices 7890IXG version V494 Description: The issue allows an authenticated attacker to perform Arbitrary File Upload, enabling them to...

TerraMaster TOS 4.2.06 Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability in TerraMaster TOS versions 4.2.06 and below via shell metacharacters in the Event parameter at vulnerable endpoint include/makecvs.php during CSV creation. Any unauthenticated user can therefore execute comman...

Clop Ransomware Gang Likely Aware of MOVEit Transfer Vulnerability Since 2021

The U.S. Cybersecurity and Infrastructure Security Agency CISA and Federal Bureau of Investigation FBI have published a joint advisory regarding the active exploitation of a recently disclosed critical flaw in Progress Software's MOVEit Transfer application to drop ransomware. "The Cl0p Ransomwar...

CVE-2023-2866

If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server...

CVE-2023-2866

If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server...

CVE-2023-2866 Advantech WebAccess Insufficient Type Distinction

If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server...

Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App

Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. "Exploitation is often followed by deployment of a web shell with data exfiltration capabilities," the Microsoft...

CVE-2023-3032

Unrestricted Upload of File with Dangerous Type vulnerability in Mobatime web application Documentary proof upload modules allows a malicious user to Upload a Web Shell to a Web Server.This issue affects Mobatime web application: through 06.7.22...

CVE-2023-3032

Unrestricted Upload of File with Dangerous Type vulnerability in Mobatime web application Documentary proof upload modules allows a malicious user to Upload a Web Shell to a Web Server.This issue affects Mobatime web application: through 06.7.22...

CVE-2023-3032 Mobatime web application - Arbitrary file upload (RCE)

Unrestricted Upload of File with Dangerous Type vulnerability in Mobatime web application Documentary proof upload modules allows a malicious user to Upload a Web Shell to a Web Server.This issue affects Mobatime web application: through 06.7.22...