116 matches found
CVE-2023-4493
Stored Cross-Site Scripting in Easy Address Book Web Server 1.6 version, through the usersadmin.ghp file that affects multiple parameters such as firstname, homephone, lastname, lastname, middlename, workaddress, workcity, workcountry, workphone, workstate, workzip. This vulnerability allows a...
New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain
Cybersecurity researchers have discovered a new ongoing campaign aimed at the npm ecosystem that leverages a unique execution chain to deliver an unknown payload to targeted systems. "The packages in question seem to be published in pairs, each pair working in unison to fetch additional resources...
Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware
A new strain of JavaScript dropper has been observed delivering next-stage payloads like Bumblebee and IcedID. Cybersecurity firm Deep Instinct is tracking the malware as PindOS, which contains the name in its "User-Agent" string. Both Bumblebee and IcedID serve as loaders, acting as a vector for...
Cross-site Scripting (XSS)
Overview johnpbloch/wordpress-core is a web software you can use to create a website or blog. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insufficient validation of the protocol in the response when processing oEmbed discovery. An attacker can inject...
Researchers Uncover Covert Attack Campaign Targeting Military Contractors
A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to deploy an unknown payload on compromised machines. The highly-targeted intrusions, dubbed STEEPMAVERICK by Securonix, also...
CVE-2020-35936
Stored Cross-Site Scripting XSS vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to import layouts including JavaScript supplied via a remotely hosted crafted payload in the source parameter via AJAX. The action must be set to...
Attackers Target Porn Site Goers in ‘Malsmoke’ Zloader Attack
Cybercriminals are tricking adult website visitors – including sites such as bravoporn.com and xhamster.com – in malvertising attacks that redirect victims to malicious websites serving up malware. The campaign, which is part of a larger malvertising effort dubbed “malsmoke”, has been tracked...
Office8570
This is a Microsoft PowerPoint presentation file .ppt that contains a malicious payload. The file is encoded with a password, and the presentation itself contains a malicious VBA Visual Basic for Applications macro that can be used to deliver a payload. The presentation contains a slide layout th...
CVE-2020-10989
An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter...
Batch-Move Posts <= 1.5 - Broken Authentication leading to Unauthenticated Stored XSS
An attacker can add a Cross-Site Scripting XSS payload remotely without any authentication. The Payload gets triggered when an Admin visits the settings page of the plugin. Edit WPScanTeam: The plugin is still affected and has been closed. PoC Vulnerable code is from lines 68 to 84. The code gets...
Exploit for Deserialization of Untrusted Data in Telerik Ui_For_Asp.Net_Ajax
CVE-2019-18935 Proof-of-concept exploit for a .NET JSON deser...
Exploit for CVE-2017-8570
The provided repository is an exploit toolkit for CVE-2017-8570, a vulnerability in Microsoft Office PPSX files. The toolkit is designed to generate malicious PPSX files that can deliver payloads to a target system. The payloads can be either local or remote, depending on the user's preference. T...
Exploit for CVE-2017-8570
PoC exploit for CVE-2017-8570. The exploit toolkit, CVE-2017-8570, is a Python script designed to generate malicious PPSX files that can deliver payloads to users. It can be used in two scenarios: delivering local payloads or remote payloads. To deliver local payloads, the script generates a...
Google Android ADB Debug Server - Remote Payload Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/proto/adb' class Metasploit3 'Android ADB Debug Server Remote Payload Execution', 'Description' = %q Writes and spawns a native payload on...
Researchers Demonstrate Zero-Day Vulnerabilities in Tails Operating System
The critical zero-day security flaws, discovered in the privacy and security dedicated Linux-based Tails operating system by the researcher at Exodus Intelligence that could help attackers or law enforcements to de-anonymize anyone’s identity, actually lie in the I2P software that’s bundled with...
More Malware Using a Remote Payload Discovered on Google Play
Symantec is warning of new malware masquerading as two apps on Google Play that claimed up to 100,000 victims before the Trojan was removed. Both “Super Mario Bros.” and “GTA 3 Moscow City” racked up 50,000 to 100,000 downloads after being posted June 24 on Google Play. “What is most interesting...