Cypress Solutions CTM-200/CTM-ONE Hard-Coded Credentials Remote Root

!/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: CTM-ONE 1.3.6-latest CTM-ONE 1.3.1 CTM-ONE 1.1.9 CTM200 2.7.1.5659-latest CTM200 2.0.5.3356-184 Summar...

Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection

Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: 2.7.1.5659 2.0.5.3356-184 Summary: CTM-200 is the industrial cellular wireless gateway for fixed and mobile applications. The CTM-200 is a...

Fedora: Security Advisory for cockpit (FEDORA-2021-6d84fa5ea2)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: cockpit-254-1.fc34

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

MySQL User-Defined (Linux) x32 / x86_64 - 'sys_exec' Local Privilege Escalation (2)

Exploit Title: MySQL User-Defined Linux x32 / x8664 - 'sysexec' Local Privilege Escalation 2 Date: 29/08/2021 Exploit Author: ninpwn Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on: Debian GNU/Linux 9 / mysql Ver 14.14 Distrib 5.7.30, for Linux...

MySQL User-Defined (Linux) x32 / x86_64 sys_exec Local Privilege Escalation

Exploit Title: MySQL User-Defined Linux x32 / x8664 - 'sysexec' Local Privilege Escalation 2 Date: 29/08/2021 Exploit Author: ninpwn Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on: Debian GNU/Linux 9 / mysql Ver 14.14 Distrib 5.7.30, for Linux...

The vulnerability in the run-x-session script of the LDM package for the Debian GNU/Linux operating system allows a hacker to elevate their privileges to the level of the superuser.

The vulnerability in the run-x-session script of the LDM package for the Debian GNU/Linux operating system is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to elevate their privileges to a superuser level...

Websvn 2.6.0 Remote Code Execution

Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Date: 20/06/2021 Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE :...

Websvn 2.6.0 - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE : CVE-2021-32305 import...

WordPress visitors-app 0.3 Plugin - (user-agent) Stored Cross-Site Scripting Vulnerability

Exploit Title: WordPress Plugin visitors-app 0.3 - 'user-agent' Stored Cross-Site Scripting XSS Exploit Author: Mesut Cetin Vendor Homepage: https://profiles.wordpress.org/domingoruiz/ Software Link: https://wordpress.org/plugins/visitors-app/ Version: 0.3 Tested on: Debian GNU/Linux 10 Reference...

SUSE: Security Advisory (SUSE-SU-2019:2913-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:2902-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LogonTracer 1.2.0 - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: LogonTracer 1.2.0 - Remote Code Execution Unauthenticated Exploit Author: g0ldm45k Vendor Homepage: https://www.jpcert.or.jp/ Software Link: https://github.com/JPCERTCC/LogonTracer/releases/tag/v1.2.0 Version: 1.2.0 and earlier Tested on: Version 1.2.0 on Debian GNU/Linux 8 jessie...

LogonTracer 1.2.0 - Remote Code Execution (Unauthenticated)

Exploit Title: LogonTracer 1.2.0 - Remote Code Execution Unauthenticated Date: 29/05/2021 Exploit Author: g0ldm45k Vendor Homepage: https://www.jpcert.or.jp/ Software Link: https://github.com/JPCERTCC/LogonTracer/releases/tag/v1.2.0 Version: 1.2.0 and earlier Tested on: Version 1.2.0 on Debian...

PHP 8.1.0-dev Backdoor Remote Command Execution Exploit (2)

PHP version 8.1.0-dev unauthenticated remote command execution proof of concept exploit that leverages the backdoor. !/usr/bin/env python3 Exploit Title: PHP 8.1.0-dev WebShell RCE Unauthenticated Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.php.net/ Software Link:...

PHPFusion 9.03.50 Remote Code Execution

Exploit Title: PHPFusion 9.03.50 - Remote Code Execution Date: 20/05/2021 Exploit Author: g0ldm45k Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://www.php-fusion.co.uk/infusions/downloads/downloads.php?catid=30&downloadid=606 Version: 9.03.50 Tested on: Docker + Debi...

PHPFusion 9.03.50 - Remote Code Execution

Exploit Title: PHPFusion 9.03.50 - Remote Code Execution Date: 20/05/2021 Exploit Author: g0ldm45k Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://www.php-fusion.co.uk/infusions/downloads/downloads.php?catid=30&downloadid=606 Version: 9.03.50 Tested on: Docker + Debi...

EgavilanMedia PHPCRUD 1.0 - (First Name) SQL Injection Vulnerability

Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection Exploit Author: Dimitrios Mitakos Vendor Homepage: https://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: Debian GNU/Linux 10 Vulnerable...

EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection

Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection Date: 5/17/2021 Exploit Author: Dimitrios Mitakos Vendor Homepage: https://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: Debian GNU/Linux ...

Linux/x64 - execve(/bin/sh) Shellcode (21 bytes) (2)

Linux/x64 - execve/bin/sh Shellcode 21 bytes Author: s1ege Tested on: x8664 GNU/Linux Shellcode Length: 21 / objdump disassembly 401000: 50 push %rax 401001: 48 31 d2 xor %rdx,%rdx 401004: 48 bb 2f 62 69 6e 2f movabs $0x68732f2f6e69622f,%rbx 40100b: 2f 73 68 40100e: 53 push %rbx 40100f: 54 push...