EUVD-2006-0794

Malware in sbrugna...

EUVD-2002-1256

Malware in sbrugna...

EUVD-2003-1333

Malware in sbrugna...

EUVD-1999-1401

Malware in sbrugna...

CVE-2020-15921

Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution...

Online Marriage Registration System 1.0 Shell Upload

============================================================================================================================================= | Title : Online Marriage Registration System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

Lending Pair initialize function can be front run.

Handle jonah1005 Vulnerability details Impact LendingPair does not initialize tokenMaster, controller, tokens. A hacker can listen the deployer address and front run the initialize transaction. The initialized contract would look almost exactly the same if the hacker only replace lpTokenMaster wi...

Mida eFramework 2.9.0 - Back Door Access

Exploit Title: Mida eFramework 2.9.0 - Back Door Access Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...

CVE-2020-15921

Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution...

CVE-2020-15921

Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution...

Mida Solutions eFramework 2.9.0 XSS / Code Execution / SQL Injection Vulnerabilities

Mida Solutions eFramework versions 2.9.0 and below suffer from command execution, cross site scripting, denial of service, remote SQL injection, and path traversal vulnerabilities. ============================================= Title: Mida Solutions eFramework Multiple Vulnerabilities Author: Andr...

PHPStudy - Backdoor Remote Code execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "PHPStudy Backdoor Remote Code execution", 'Description' = %q This module can detect and exploit the backdoor of PHPStudy. , 'License' = MSFLICENS...

IoT: OFF by default

It’s increasingly difficult to buy home appliances and other tech that DOESN’T have connectivity. Despite reservations about the security of smart tech, if we want to buy mid to high end devices, we often have no choice but to buy appliances with connectivity. To quote @Mikko Hypponen: If it is...

Emotet Trojan Detection

The script tries to detect the Emotet Trojan via various known Indicators of Compromise IOC. Note: This script is not running by default as it needs to crawl the target host for various files which puts high load on the target during the scan. Please enable it separately within scripts preference...

NUUO NVRMini2 Multiple Vulnerabilities

The version of NUUO NVRMini2 installed on the remote host is affected by multiple vulnerabilities: - NUUO NVRMini2 web server utilizes CGI binaries in order to handle a variety of commands that require authenticated interaction. Implemented session handling mechanism doesn't validate user's input...

An attacker with Office vulnerability propagation FELIXROOT Backdoor-vulnerability warning-the black bar safety net

! One, the attack event details 2017 9 months, in response to Ukrainian attacks, FireEye found FELIXROOT Backdoor this malicious payload, and feedback to our intelligence perception of the customers. The attack activities using some malicious Ukrainian banks document that contains a macro, used t...

Rapicode, Multiple Extensions, Back Door

Rapicode, nultiple extensions, current versions, back door Extensions affected are:- Rapi Content Ticker Rapi Content Carousel Rapi Cookie Consent Rapi Countdown Rapi Preloader Rapi Loading Progress Bar Rapi Page Animate At the moment the back door seems to be loading mining code, it can be used ...

HDW Player,4.0.0, RCE

HDW Player,4.0.0 and all other versions, remote code execution Note that this vulnerabilitiy was supposedly fixed by the developer in version 3.2.2, the fact that this issue has arisen again suggests that the developer is aware of it and has created a deliberate back door. The VEL believe that th...

CNNVD on the United States Netsarang company multi software the presence of malicious code briefings-vulnerability warning-the black bar safety net

Recently, the national information security vulnerabilities library CNNVD received about the the United States Netsarang company more software there malicious code in case the message send. The company Xshell And Xmanager remote connection use of the product nssock2.dll module in the presence of...

Huiwen opac of the library back door leads to the source of the leak

0x00 description Hui Wen libsys library opac system is a colleges and universities to use more of the system, the user has Xiamen University, Nanjing University, Dalian Polytechnic University, Nankai University and many other schools. The system used is Oracle + the php, not from public contact t...