CVE-2018-18930

The Tightrope Media Carousel digital signage product 7.0.4.104 contains an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. An authenticated attacker can upload a crafted ZIP file based on an exported backup of...

Virus Bulletin 2019: VoIP Espionage Campaign Hits U.S. Utilities Supplier

LONDON — A recent attack aimed at a U.S.-based oil, gas and chemical supplier leverages the company’s use of the enterprise-class Asterisk open-source PBX software, used for VoIP services. According to research from Check Point, presented here at Virus Bulletin 2019 on Friday, the attack was firs...

Command Execution Vulnerability in Fiserv Patrol au***.php File

Fisheye Web Patrol is an IT operations and maintenance management system. A command execution vulnerability exists in the Feith Web Patrol au.php file. An attacker can exploit the vulnerability to obtain the host webshell...

Elderly China Chopper Tool Still Going Strong in Multiple Campaigns

A nine-year-old web shell used for providing remote access to web servers for cyberattackers is staying very active despite its advanced age in cyber-years, anyway. Researchers said they’ve spotted it being used in several recent campaigns – all with disparate goals. The tool, known as China...

China Chopper still active 9 years later

By Paul Rascagneres and Vanja Svajcer. Introduction Threats will commonly fade away over time as they're discovered, reported on, and detected. But China Chopper has found a way to stay relevant, active and effective nine years after its initial discovery. China Chopper is a web shell that allows...

CVE-2019-10267

An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0.50. It is possible to upload a file into any directory of the server. One can insert a JSP shell into the web server's directory and execute it. This leads to full access to the system, as the...

EBK BKS Buskoppler Remote Code Execution Vulnerability

The BKS EBK Ethernet-Buskoppler Pro is an Ethernet bus coupler. A code issue vulnerability exists in BKS EBK Ethernet-Buskoppler Pro versions prior to 3.01. An attacker can exploit this vulnerability to overwrite a file under the web root path and run the added web shell...

BKS EBK Ethernet-Buskoppler Pro Shell Upload Vulnerability

BKS EBK Ethernet-Buskoppler Pro versions prior to 3.01 suffer from a remote shell upload vulnerability. Product: BKS EBK Ethernet-Buskoppler Pro Manufacturer: BKS GmbH Affected Versions: 3.01 Vulnerability Type: Unrestricted Upload of File with Dangerous Type CWE-434 Risk Level: High Solution...

CVE-2017-11561

An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell...

CVE-2017-11561

An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell...

Design/Logic Flaw

An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell...

CVE-2017-11561

CVE-2017-11561 affects ZOHO ManageEngine OpManager 12.2. An authenticated user can upload arbitrary files in the Group Chat or Alarm sections, enabling potential web shells. The vulnerability arises from insecure file upload handling, allowing an attacker to upload executable content. Public desc...

CVE-2017-11561

An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell...

Exploit for Unrestricted Upload of File with Dangerous Type in Elabftw

Exploit Title : eLabFTW 1.8.5 'EntityController' Arbit...

CVE-2019-11680

KonaKart 8.9.0.0 is vulnerable to Remote Code Execution by uploading a web shell as a product category image...

CVE-2019-11680

KonaKart 8.9.0.0 is vulnerable to Remote Code Execution by uploading a web shell as a product category image...

Remote code execution

KonaKart 8.9.0.0 is vulnerable to Remote Code Execution by uploading a web shell as a product category image...

CVE-2019-11680

CVE-2019-11680 affects KonaKart 8.9.0.0. The vulnerability allows remote code execution by uploading a web shell as a product category image, indicating the attacker can run arbitrary code on the server. Multiple connected sources (NVD, Red Hat advisory, CNVD, PRION, CVE lists) corroborate that K...

FIN7 Linked to Escalating Active Exploits for Microsoft SharePoint Bug

A recently patched, high-severity vulnerability in Microsoft SharePoint CVE-2019-0604 that allows remote code-execution is being increasingly exploited in the wild, according to researchers – possibly by the FIN7 group, among others. According to the Microsoft’s advisory, the vulnerability which...

Joomla Jmail Breaker Arbitrary File Upload

An attacker might use a web shell backdoor to upload arbitrary files using Joomla Jmail service. A successful exploitation might allow the attacker to run arbitrary code, or use the server as a bot for further attacks...