Malicious code in textwrap-ext (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 da4e8d5daae9a14e0ceb5a942afd308068957ec655cdd950b2b041934e9ec182 During installation, obfuscated code exfiltrates cryptocurrency wallet data to a hardcoded location and places a backdoor through a new authorized SSH key...

Malicious code in textwrap-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 029e190fc99763d65a096339b29fa85aeb0a23c3818a632a2dd4dc99f3e8fd64 During installation, obfuscated code exfiltrates cryptocurrency wallet data to a hardcoded location and places a backdoor through a new authorized SSH key...

MAL-2026-3210 Malicious code in graphicsctxr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 10408decaf8cace14b8124fa392ee96996c3c91358cb454cbfcd45790d18cdf9 Package contains code to exfiltrate .env to a remote target. Prior to version 2.1.1, it also created a persistent backdoor via embedding a hardcoded SSH key...

CVE-2025-9909 Aap-gateway: improper path validation in gateway allows credential exfiltration

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

CVE-2025-6389 Sneeit Framework <= 8.3 - Unauthenticated Remote Code Execution in sneeit_articles_pagination_callback

The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.3 via the sneeitarticlespaginationcallback function. This is due to the function accepting user input and then passing that through calluserfunc. This makes it possible for...

EUVD-2018-2326

Malware in sbrugna...

EUVD-2023-48553

Malicious code in bioql PyPI...

CVE-2024-5827

Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents . This can lead to...

CVE-2023-42143

Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to create a backdoor by redirecting the device to an attacker-controlled machine which serves the manipulated firmware file. The device is updated with the manipulated firmware...

Ubuntu 18.04 LTS : Checkmk vulnerabilities (USN-5527-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5527-1 advisory. It was discovered that Checkmk incorrectly handled authentication. An attacker could possibly use this issue to cause a race condition leading to...

Has your WordPress site been backdoored by a skimmer?

Skimmers and other threat actors are backdooring websites, and WordPress instances in particular, according to a recently released report. Researchers at Sucuri say attackers have developed methods to make sure that their grip on the infected site is not easily removed by applying the next update...

Hootoo HT-05 - Remote Code Execution (Metasploit)

Hootoo HT-05 - Remote Code Execution Metasploit require 'msf/core' require 'net/http' require "uri" class MetasploitModule 'Hotoo HT-05 remote shell exploit', 'Description' = %q This module tries to open a door in the device by exploiting the RemoteCodeExecution by creating a backdoor inside the...

Hootoo HT-05 - Remote Code Execution Exploit

require 'msf/core' require 'net/http' require "uri" class MetasploitModule 'Hootoo HT-05 remote shell exploit', 'Description' = %q This module tries to open a door in the device by exploiting the RemoteCodeExecution by creating a backdoor inside the device This exploit was written by Andrei Manol...

Exploit for Argument Injection in Phpmailer_Project Phpmailer

PHPMailer And that's it, you have your shell. There is...

Shellsploit - New Generation Exploit Development Kit

Shellsploit let's you generate customized shellcodes, backdoors, injectors for various operating system. And let's you obfuscation every byte via encoders. Install/Uninstall If you want to use Shellsploit, you have to install Capstone first. For the Capstone's installation: root$ sudo pip install...

How to Detect IE Zero-day Exploit Used to Deploy Korplug Malware

Recently, Microsoft issued an Emergency patch for a zero-day vulnerability in Internet Explorer that is being exploited to deploy Korplug malware on vulnerable PCs. Korplug, a known variant of PlugX, is a Trojan that creates a backdoor used for information stealing on infected computers. In one o...

NPDS Versions Prior to 08.06 Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33051/info NPDS is prone to multiple input-validation vulnerabilities: - Multiple local file-include vulnerabilities - An HTML-injection vulnerability - Multiple SQL-injection vulnerabilities - Multiple cross-site scripti...

Sudo v1.8.0-1.8.3p1 (sudo_debug) - Root Exploit

sudo versions 1.8.0 through 1.8.3p1 sudodebug root exploit with glibc FORTIFYSOURCE bypass. include include include include include include include include include include define OFFSET 65000 define NUMTHREADS 0 / files that we create on disk / define BACKDOOR "e.c" define BDCOMPILED "e" define...

ExtCalendar2 - Cookie Authentication Bypass / Backdoor Upload

ext20username pregmatchall'extcalcookieid = "."', DzCURL$target,0,0 , $prf; $prefix = $prf10; header .. $header = "Cookie: ".$prefix."username=admin ' or '1'= '1; ".$prefix."password=admin ' or '1'= '1;"; check if it's work by looking for logout echo eregi"logout", DzCURL$target,0,$header ? " Log...

CPA Site Solutions - Arbitrary File Upload

|REMOTE FILE UPLOAD VULNERABILTY| .:|cpasitesolutions|::. AUTHOR : R3VANBASTARD SITE : www.sux0r.net PROVIDER: http://www.cpasitesolutions.com DORK : intext:Powered by CPA Site Solutions x EXPLOIT:...