Lucene search
K

19 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2021/04/27 12:0 a.m.156 views

Hello Ransomware Uses Updated China Chopper Web Shell, SharePoint Vulnerability

We discuss the technical features of a Hello ransomware attack, including its exploitation of CVE-2019-0604 and the use of a modified version of the China Chopper web shell...

7.5CVSS1.8AI score0.99913EPSS
Exploits29
GithubExploit
GithubExploit
added 2021/04/22 12:11 p.m.146 views

Exploit for Improper Input Validation in Microsoft

Weaponized CVE-2019-0604 Automated Exploit Tool to Maximize C...

9.8CVSS8.3AI score0.99913EPSS
Exploits29
Saint
Saint
added 2020/03/03 12:0 a.m.1473 views

Microsoft SharePoint Picker.aspx deserialization vulnerability

Added: 03/03/2020 CVE: CVE-2019-0604 BID: 106914 Background Microsoft SharePoint is a tool for management and automation of business processes, as well as a platform for social networking. Problem A deserialization vulnerability in Microsoft SharePoint allows remote attackers to execute arbitrary...

7.5CVSS9.9AI score0.99913EPSS
Exploits29
Saint
Saint
added 2020/03/03 12:0 a.m.482 views

Microsoft SharePoint Picker.aspx deserialization vulnerability

Added: 03/03/2020 CVE: CVE-2019-0604 BID: 106914 Background Microsoft SharePoint is a tool for management and automation of business processes, as well as a platform for social networking. Problem A deserialization vulnerability in Microsoft SharePoint allows remote attackers to execute arbitrary...

9.8CVSS9.9AI score0.99913EPSS
Exploits29
Saint
Saint
added 2020/03/03 12:0 a.m.462 views

Microsoft SharePoint Picker.aspx deserialization vulnerability

Added: 03/03/2020 CVE: CVE-2019-0604 BID: 106914 Background Microsoft SharePoint is a tool for management and automation of business processes, as well as a platform for social networking. Problem A deserialization vulnerability in Microsoft SharePoint allows remote attackers to execute arbitrary...

9.8CVSS9.9AI score0.99913EPSS
Exploits29
ThreatPost
ThreatPost
added 2020/01/30 4:2 p.m.309 views

U.N. Hack Stemmed From Microsoft SharePoint Flaw

Hackers breached the United Nations network in July by exploiting a Microsoft SharePoint vulnerability, according to reports. The breach, which appears to be an espionage operation, reportedly gave the hackers access to an estimated 400 GB of sensitive data. The breach was swept under the rug by...

7.5CVSS0.4AI score0.99913EPSS
Exploits29References9
GithubExploit
GithubExploit
added 2020/01/10 6:43 p.m.5 views

Exploit for Improper Input Validation in Microsoft

Desharialize Desharialize: Easy mode to Exploit CVE-2019-0604...

9.8CVSS8.3AI score0.99913EPSS
Exploits29
Gitee
Gitee
added 2019/10/27 5:30 p.m.7 views

Exploit for Improper Input Validation in Microsoft

cve-2019-0604 SharePoint RCE exploit...

9.8CVSS7AI score0.99913EPSS
Exploits29
GithubExploit
GithubExploit
added 2019/09/15 8:6 p.m.4 views

Exploit for Improper Input Validation in Microsoft

PoC exploit for CVE-2019-0604, a SharePoint RCE vulnerability. T...

9.8CVSS7.6AI score0.99913EPSS
Exploits29
GithubExploit
GithubExploit
added 2019/06/26 3:0 p.m.186 views

Exploit for Improper Input Validation in Microsoft

CVE-2019-0604 cve-2019-0604 SharePoint RCE...

9.8CVSS8.2AI score0.99913EPSS
Exploits29
ThreatPost
ThreatPost
added 2019/05/10 9:29 p.m.320 views

FIN7 Linked to Escalating Active Exploits for Microsoft SharePoint Bug

A recently patched, high-severity vulnerability in Microsoft SharePoint CVE-2019-0604 that allows remote code-execution is being increasingly exploited in the wild, according to researchers – possibly by the FIN7 group, among others. According to the Microsoft’s advisory, the vulnerability which...

7.5CVSS10AI score0.99913EPSS
Exploits29References10
Hacker One
Hacker One
added 2019/04/11 8:27 p.m.576 views

Starbucks: Store Development Resource Center was vulnerable to a Remote Code Execution - Unauthenticated Remote Command Injection (CVE-2019-0604)

l00ph0le discovered an endpoint on the Store Development Resource Center site at https://sdrc.starbucks.com/layouts/15/picker.aspx was vulnerable to a deserialization RCE in Microsoft Sharepoint per CVE-2019-0604. @l00ph0le — thank you for reporting this vulnerability, your patience while we...

7.5CVSS2.2AI score0.99913EPSS
Exploits29
Hacker One
Hacker One
added 2019/04/10 7:54 p.m.465 views

U.S. Dept Of Defense: Remote Code Execution - Unauthenticated Remote Command Injection (via Microsoft SharePoint CVE-2019-0604)

Summary: Microsoft recently released a patch for CVE-2019-0604. This vulnerability is caused by the Microsoft SharePoint application deserializing untrusted data from a user. This means an attacker can send a specially crafted/encoded parameter to a Microsoft SharePoint URL, and it will allow...

7.5CVSS0.2AI score0.99913EPSS
Exploits29
Check Point Advisories
Check Point Advisories
added 2019/03/20 12:0 a.m.27 views

Microsoft SharePoint Remote Code Execution (CVE-2019-0604)

A remote code execution vulnerability exists in Microsoft SharePoint. A remote attacker can exploit this vulnerability to execute arbitrary code via a specially crafted package on the vulnerable server...

7.5CVSS4.9AI score0.99913EPSS
Exploits29
Tenable Nessus
Tenable Nessus
added 2019/03/14 12:0 a.m.287 views

Security Updates for Microsoft Sharepoint Server (March 2019)

The Microsoft Sharepoint Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerabilities: - A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request ...

9.8CVSS8AI score0.99913EPSS
Exploits29References7
Cvelist
Cvelist
added 2019/03/06 12:0 a.m.33 views

CVE-2019-0604

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594...

9.6AI score0.99913EPSS
Exploits29References2
CVE
CVE
added 2019/03/06 12:0 a.m.1649 views

CVE-2019-0604

CVE-2019-0604 affects Microsoft SharePoint and is a remote code execution vulnerability caused by improper checking of the source markup in application packages. Exploitation could run code in the SharePoint server context and farm account over the network (high severity: CVSS v3.1 = 9.8; CVSS 2....

9.8CVSS9.5AI score0.99913EPSS
In wildExploits29References3Affected Software3
Prion
Prion
added 2019/03/05 11:29 p.m.42 views

Remote code execution

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0604...

6.5CVSS9.5AI score0.99913EPSS
Exploits29References2Affected Software3
Circl
Circl
added 2019/02/13 2:35 p.m.11 views

CVE-2019-0604

creationtimestamp| type| source ---|---|--- 2019-02-13 14:35:52+00:00| seen| MISP/5c642a56-2440-4af0-8bfd-6e4a0a021402 2019-03-23 18:43:00+00:00| published-proof-of-concept| https://t.me/antichat/4119 2019-03-23 19:42:30+00:00| seen| https://t.me/canyoupwnme/5306 2019-03-24 15:21:55+00:00| seen|...

9.8CVSS6.9AI score0.99913EPSS
Exploits29References37
Rows per page
Query Builder