13 matches found
EUVD-2002-1701
Malware in sbrugna...
EUVD-2018-1207
Malware in sbrugna...
EUVD-2022-2845
Malicious code in bioql PyPI...
CVE-2024-6091
A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises when the denylist is configured to block specific commands, such as 'whoami' and '/bin/whoami'. An attacker can circumvent this restriction by executin...
CVE-2023-0459 Copy_from_user Spectre-V1 Gadget in Linux Kernel
Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond...
Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection
Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that bypasses all current detections. Tracked as CVE-2023-27350 CVSS score: 9.8, the issue affects PaperCut MF and NG installations that could be exploited by an unauthenticate...
Gtfo - Search For Unix Binaries That Can Be Exploited To Bypass System Security Restrictions
This is a standalone script written in Python 3 for GTFOBins. You can search for Unix binaries that can be exploited to bypass system security restrictions. These binaries can be abused to get the fk break out of restricted shells, escalate privileges, transfer files, spawn bind and reverse shell...
Deadly Simple Exploit Bypasses Apple Gatekeeper Security to Install Malicious Apps
Apple Mac Computers are considered to be invulnerable to malware, but the new Exploit discovered by security researchers proves it indeed quite false. Patrick Wardle, director of research at security firm Synack, has found a deadly simple way that completely bypass one of the core security featur...
cmseasy csrf导致sql注入绕过union getshell
简要描述: 上一次做了一个csrf+sql注入getshell的 这一次我继续发一个,由于此属于一个get类型的,所以很简单的,管理员根本就不用去点击,就能触发sql并且getshell 详细说明: 首先我们分析一下sql语句: admin/live/header.php:line:16-21 include'../../include/config.inc.php'; includeCEROOT.'/include/admin/check.inc.php'; includeCEROOT.'/include/celive.class.php'; $adminheader = new...
Simple Portal V2.0 <= Auth Bypass
Exploit for unknown platform in category web applications ================================= Simple Portal V2.0 = Auth Bypass ================================= ? Script: Simple Portal V2.0 ? Language: PHP ? Vendor http://www.simpleportal.net/ === Exploit Bypass SQL === Expl0it: Add Path/Panel Y0ur...
Apple QuickTime 7.2/7.3 (Windows Vista/XP) - RSTP Response Code Execution
/ ============================================================= Apple Quicktime Vista/XP RSTP Response Remote Code Exec ============================================================= Discovered by: h07 Author: InTeL Tested on: - Quicktime 7.3 on Windows Vista, Result: SEH Overwrite, Code Exec -...
Working Resources BadBlue 1.7.x2.x - Unauthorized HTS Access
Working Resources BadBlue 1.7.x2.x - Unauthorized HTS Access source: https://www.securityfocus.com/bid/7638/info BadBlue is prone to a vulnerability that could allow remote attackers to gain unauthorized access to administrative functions. It is possible to bypass BadBlue security checks when...
msproxy2.0.exploit.txt
Date: Wed, 7 Oct 1998 07:10:49 +0100 From: Mnemonix To: [email protected] Subject: WARNING: By-passing MS Proxy packet filtering The following text is in the "ISO-8859-1" character set. Your display is set for the "US-ASCII" character set. Some characters may be displayed incorrectly. Whilst...