CVE-2021-43815

Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerabili...

CVE-2021-43813

Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension...

Directory traversal

Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension...

UBUNTU-CVE-2021-43813

Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension...

CVE-2021-43813

Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension...

Grafana 路径遍历漏洞

Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface . The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus. Grafana suffers from a path traversal vulnerability that stems from the fact that Grafana prior to...

Design/Logic Flaw

Etherpad is a real-time collaborative editor. In versions prior to 1.8.16, an attacker can craft an .etherpad file that, when imported, might allow the attacker to gain admin privileges for the Etherpad instance. This, in turn, can be used to install a malicious Etherpad plugin that can execute...

CVE-2021-43802 Admin privilege escalation and arbitrary code execution via malicious *.etherpad imports

Etherpad is a real-time collaborative editor. In versions prior to 1.8.16, an attacker can craft an .etherpad file that, when imported, might allow the attacker to gain admin privileges for the Etherpad instance. This, in turn, can be used to install a malicious Etherpad plugin that can execute...

What is a search engine and why does anyone care which one you use?

An attempt at a simple definition: a search engine is a software system that allows users to find content on the Internet based on their input. The introduction of the major search engines brought about huge changes in the way we use the Internet. There is a wealth of knowledge available for thos...

Fortinet FortiOS Trust Management Issue Vulnerability (CNVD-2021-100290)

Fortinet FortiOS is a security operating system from Fortinet, Inc. that is designed to be used on the FortiGate network security platform. A security vulnerability exists in Fortinet FortiOS, which stems from the use of hard-coded encryption keys that could allow an attacker to retrieve the keys...

Windows Interactive Powershell Session, Reverse TCP SSL

Listen for a connection and spawn an interactive powershell session over SSL Module Options msf use payload/windows/x64/powershellreversetcpssl msf payloadpowershellreversetcpssl show actions ...actions... msf payloadpowershellreversetcpssl set ACTION msf payloadpowershellreversetcpssl show optio...

Windows Interactive Powershell Session, Reverse TCP SSL

Listen for a connection and spawn an interactive powershell session over SSL Module Options msf use payload/windows/powershellreversetcpssl msf payloadpowershellreversetcpssl show actions ...actions... msf payloadpowershellreversetcpssl set ACTION msf payloadpowershellreversetcpssl show options...

Windows Interactive Powershell Session, Reverse TCP SSL

Interacts with a powershell session on an established SSL socket connection Module Options msf use payload/cmd/windows/powershellreversetcpssl msf payloadpowershellreversetcpssl show actions ...actions... msf payloadpowershellreversetcpssl set ACTION msf payloadpowershellreversetcpssl show option...

CVE-2021-26108

A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...

Hardcoded credentials

A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...

CVE-2021-26108

A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...

Fortinet FortiOS 信任管理问题漏洞

Fortinet FortiOS is a security operating system from Fortinet, Inc. that is designed to be used on the FortiGate network security platform. A security vulnerability exists in Fortinet FortiOS, which stems from the use of hard-coded encryption keys that could allow an attacker to retrieve the keys...

Exploit for CVE-2021-1675

CVE-2021-1675 LPE PoC not my exploit! just wanted to play aro...

Exploit for CVE-2021-1675

CVE-2021-1675 LPE PoC not my exploit! just wanted to play aro...

XC - A Small Reverse Shell For Linux And Windows

Netcat like reverse shell for Linux & Windows. Features Windows Usage: └ Shared Commands: !exit !upload uploads a file to the target !download downloads a file from the target !lfwd local portforwarding like ssh -L !rfwd remote portforwarding like ssh -R !lsfwd lists active forwards !rmfwd remove...