Elusive ToddyCat APT Targets Microsoft Exchange Servers

An advanced persistent threat APT group, dubbed ToddyCat, is believed behind a series of attacks targeting Microsoft Exchange servers of high-profile government and military installations in Asia and Europe. The campaigns, according to researchers, began in December 2020, and have been largely...

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity

A sophisticated Chinese advanced persistent threat APT actor exploited a critical security vulnerability in Sophos' firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack. "The attacker implemented an interesting web...

PT-2022-3281 · Unknown · Ldap Account Manager

Name of the Vulnerable Software and Affected Versions: LDAP Account Manager versions prior to 8.0 Description: The issue allows an attacker to gain code execution on the host by writing a web-shell into the tmp directory, accessible via /lam/tmp/. This directory allows interpretation of .php file...

[updated]Unpatched Atlassian Confluence vulnerability is actively exploited

Researchers found a vulnerability in Atlassian Confluence by conducting an incident response investigation. Atlassian rates the severity level of this vulnerability as critical. Atlassian has issued a security advisory and is working on a fix for the affected products. This qualifies the...

CVE-2021-26634

SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation. Attackers can use these vulnerabilities to perform attacks such as...

CVE-2021-26634

SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation. Attackers can use these vulnerabilities to perform attacks such as...

Sql injection

SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation. Attackers can use these vulnerabilities to perform attacks such as...

CVE-2021-26634 Maxboard multiple vulnerabilities

SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation. Attackers can use these vulnerabilities to perform attacks such as...

PT-2022-9782 · Maxboard · Maxboard

Name of the Vulnerable Software and Affected Versions: Maxboard affected versions not specified Description: The issue allows for SQL injection and file upload attacks due to insufficient validation of input values in some parameters and variables of files, which may lead to arbitrary code...

Exploit for Unrestricted Upload of File with Dangerous Type in Artica Pandora_Fms

Exploit for CVE-2020-5844 Pandora FMS v7.0NG.742 - Remote Co...

CISA Urges Organizations to Patch Actively Exploited F5 BIG-IP Vulnerability

.jpg The U.S. Cybersecurity and Infrastructure Security Agency CISA has added the recently disclosed F5 BIG-IP flaw to its Known Exploited Vulnerabilities Catalog following reports of active abuse in the wild. The flaw, assigned the identifier CVE-2022-1388 CVSS score: 9.8, concerns a critical bu...

Chinese Hackers Caught Stealing Intellectual Property from Multinational Companies

An elusive and sophisticated cyberespionage campaign orchestrated by the China-backed Winnti group has managed to fly under the radar since at least 2019. Dubbed "Operation CuckooBees" by Israeli cybersecurity company Cybereason, the massive intellectual property theft operation enabled the threa...

New Hacker Group Pursuing Corporate Employees Focused on Mergers and Acquisitions

A newly discovered suspected espionage threat actor has been targeting employees focusing on mergers and acquisitions as well as large corporate transactions to facilitate bulk email collection from victim environments. Mandiant is tracking the activity cluster under the uncategorized moniker...

Opportunistic Exploitation of WSO2 CVE-2022-29464

On April 18, 2022, MITRE published CVE-2022-29464 , an unrestricted file upload vulnerability affecting various WSO2 products. WSO2 followed with a security advisory explaining the vulnerability allowed unauthenticated and remote attackers to execute arbitrary code in the following products: API...

Tarrask malware uses scheduled tasks for defense evasion

As Microsoft continues to track the high-priority state-sponsored threat actor HAFNIUM, new activity has been uncovered that leverages unpatched zero-day vulnerabilities as initial vectors. The Microsoft Detection and Response Team DART in collaboration with the Microsoft Threat Intelligence Cent...

Musical World 1 Shell Upload Exploit

Musical-World-Unrestricted-File-Upload-RCE-POC Author: D4rkP0w4r Note Login to client. don't need login to admin Description Upload web shell at UploadedSongs Step to Reproduct Login to user - TRACK - UploadedSongs - Choose File - UPLOAD - access /songs/uploadedsongs/shell.php Exploit When upload...

E-Commerce Website 1.0 Shell Upload Exploit

Ecommerce Website Unrestricted File Upload + RCE Author: D4rkP0w4r Note = Create account, don't need login client or admin Description = Create account upload web shell at Customer Image Step to Reproduct Register - upload web shell at Customer Image - clicked Register button Exploit Upload web...

AeroCMS 0.0.1 Shell Upload Exploit

AeroCMS-Unrestricted-File-Upload-POC Author: D4rkP0w4r Description = Upload web shell at Post Image in admin panel Step to Reproduct Login to admin panel - Posts - Add Posts - Post Image - upload malicious file shell.php - access /images/shell.php on url - shell.php page Exploit When upload succe...

Simple House Rental System 1 Shell Upload Exploit

Simple House Rental System Unrestricted File Upload + RCE Author: D4rkP0w4r Note = login to client, don't need login to admin Description = Login to client = Upload web shell at Image Step to Reproduct Login to client - Register - Apartment Registration - Image - Submit Exploit Upload web shell a...

PHPGurukul Zoo Management System 1.0 Shell Upload

Zoo Management System Unrestricted File Upload + RCE Author: D4rkP0w4r Note = don't need register or login account Description= Upload web shell at Upload CV Step to Reproduct Access Vacancies - upload web shell at - Upload CV - APPLY Exploit Upload web shell at Upload CV When upload success acce...