CMS Made Simple Code Execution Vulnerability

CMS Made Simple CMSMS is an open source content management system CMS developed by the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A security vulnerability exists in some core modul...

CVE-2017-1000453

CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution...

CVE-2017-1000453

CMS Made Simple versions 2.1.6 and 2.2 are affected by a Smarty templating injection in some core modules, enabling unauthenticated PHP code execution. The vulnerability stems from core module handling of Smarty templates (root cause as described). Impact is unauthenticated code execution with po...

F5 Networks BIG-IP : Apache HTTPD vulnerability (K83043359)

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection during an HTTP request to an HTTPS port. CVE-2017-3169 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

CVE-2017-15311

The CVE-2017-15311 issue affects Huawei baseband modules in Mate 10/Mate 10 Pro and Mate 9 series (prior to ALP-AL00 8.0.0.120/SP2C00, BLA-AL00 8.0.0.120/SP2C00, MHA-AL00B 8.0.0.334(C00), LON-AL00B 8.0.0.334(C00)). Root cause: lack of parameter validation leading to a stack overflow in the baseba...

CVE-2017-17670

In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...

UPDATE: WordPress Exploit Framework v1.8!

PenTestIT RSS Feed Good news guys! We now have the WordPress Exploit Framework v1.8 amongst us! This new version fixes API compatibility with a shell upload module, updates multiple dependencies, introduces multiple API changes and adds multiple new modules and payloads! WordPress Exploit Framewo...

Directory Traversal

node is vulnerable to directory traversal attacks. Attackers can gain access to files due to a change in pathname validation for ".." which affected path checks in community modules...

ShellcodeToAssembly - Transform your Shellcode to Assembly (ARM, ARM64, MIPS, PPC, X86)

Transform your Shellcode to Assembly ARM, ARM64, MIPS, PPC, X86 Replace in shellcodetoasm.py with your shellcode. shellcode = '' Installation git clone https://github.com/blacknbunny/ShellcodeToAssembly.git && cd ShellcodeToAssembly/ && pip install -r requirements.txt && python2 shellcodetoasm.py...

Node.js third-party modules: [augustine] Static Web Server Directory Traversal via Crafted GET Request

Hi, A crafted GET request can be leveraged to traverse the directory structure of a host using the augustine web server package, and request arbitrary files outside of the specified web root. Module specification Name: augustine Version: 0.2.3 latest release build Verified conditions Test server:...

CentOS 7 : sssd (CESA-2017:3379)

An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

DRUPAL-CONTRIB-2017-091

The Configuration Update Reports sub-module in the Configuration Update module project enables you to run reports to see what configuration on your site differs from the configuration distributed by a module, theme, or installation profile, and to revert, delete, or import configuration. This...

Dr0p1t-Framework 1.3.2.1 - A Framework That Creates An Advanced FUD Dropper With Some Tricks

Have you ever heard about trojan droppers ? In short dropper is type of malware that downloads other malwares and Dr0p1t gives you the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks. Features + Generated executable properties: The executable size is smaller...

CVE-2017-12351

A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials to perform this attack. The vulnerability is due t...

Command injection

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

CVE-2017-12335

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

CVE-2017-12351

A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials to perform this attack. The vulnerability is due t...

DBC2 (DropboxC2) - A Modular Post-Exploitation Tool, Composed Of An Agent Running On The Victim'S Machine

DBC2 DropboxC2 is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any machine, powershell modules, and Dropbox servers as a means of communication. This project was initially inspired by the fantastic Empire framework, but also as an...

DDEtect - Simple DDE Object Detector

Written by Amit Serper, @0xAmit DDEtector is a simple DDE object detector written in python Currently supports only word DOCX and legacy DOC files Prints the contents of the DDE payloads Note: In some cases DDEtect won't print the entire DDE payload. I'm working on writing a better matching...

Belden Hirschmann Tofino Xenon Security Appliance Firewall Bypass Vulnerability

The Tofino Xenon security appliance is the ideal solution for segmenting control networks into secure zones. A firewall bypass vulnerability exists in the Tofino Xenon security appliance prior to version 03.2.00. The vulnerability is due to a design flaw in the OPC classic and custom netfilter...