11 Malicious PyPI Python Libraries Caught Stealing Discord Tokens and Installing Shells

Cybersecurity researchers have uncovered as many as 11 malicious Python packages that have been cumulatively downloaded more than 41,000 times from the Python Package Index PyPI repository, and could be exploited to steal Discord access tokens, passwords, and even stage dependency confusion...

CVE-2021-41277

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...

CVE-2021-41277

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...

Design/Logic Flaw

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...

CVE-2021-41277 GeoJSON URL validation can expose server files and environment variables to unauthorized users

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...

CVE-2021-41277

Metabase GeoJSON API Local File Inclusion vulnerability (CVE-2021-41277) affects Metabase prior to version 0.40.5/1.40.5, via the custom GeoJSON map feature where URLs were not validated before loading, enabling local file access (including environment variables). Impact described as local file i...

CVE-2021-41277 GeoJSON URL validation can expose server files and environment variables to unauthorized users

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...

SuiteCRM 7.11.18 - Remote Code Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SuiteCRM Log File Remote Code Execution', 'Description' = %q This module exploits an input validation error on the log file extension parameter. ...

PT-2021-23236 · Metabase · Metabase

Name of the Vulnerable Software and Affected Versions: Metabase versions prior to 0.40.5 Metabase versions prior to 1.40.5 Description: A security issue has been discovered in Metabase, an open source data analytics platform, related to the custom GeoJSON map support and potential local file...

SuiteCRM 7.11.18 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SuiteCRM Log File Remote Code Execution', 'Description' = %q This module exploits an input validation error on the log file extension parameter. ...

GitLab 13.10.2 - Remote Code Execution Exploit

Exploit Title: GitLab 13.10.2 - Remote Code Execution RCE Unauthenticated Shodan Dork: https://www.shodan.io/search?query=title%3A%22GitLab%22+%2B%22Server%3A+nginx%22 Exploit Author: Jacob Baines Vendor Homepage: https://about.gitlab.com/ Software Link: https://gitlab.com/gitlab-org/gitlab...

GitLab 13.10.2 Remote Code Execution

Exploit Title: GitLab 13.10.2 - Remote Code Execution RCE Unauthenticated Shodan Dork: https://www.shodan.io/search?query=title%3A%22GitLab%22+%2B%22Server%3A+nginx%22 Date: 11/01/2021 Exploit Author: Jacob Baines Vendor Homepage: https://about.gitlab.com/ Software Link:...

openSUSE 15 Security Update : tomcat (openSUSE-SU-2021:3672-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3672-1 advisory. - A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to...

Researchers Demonstrate New Way to Detect MitM Phishing Kits in the Wild

No fewer than 1,220 Man-in-the-Middle MitM phishing websites have been discovered as targeting popular online services like Instagram, Google, PayPal, Apple, Twitter, and LinkedIn with the goal of hijacking users' credentials and carrying out further follow-on attacks. The findings come from a ne...

North Korean Hackers Target Cybersecurity Researchers with Trojanized IDA Pro

Lazarus, the North Korea-affiliated state-sponsored group, is attempting to once again target security researchers with backdoors and remote access trojans using a trojanized pirated version of the popular IDA Pro reverse engineering software. The findings were reported by ESET security researche...

Exploit for CVE-2017-17562

GoAhead Web Server 2.5 use multi/handler msf6 exploitmulti/h...

Exploit for CVE-2017-17562

GoAhead Web Server 2.5 use multi/handler msf6 exploitmulti/h...

Exploit for Code Injection in Gitlab

CVE-2021-22205 GitLab CE/EE Preauth RCE using ExifTool This...

EulerOS 2.0 SP5 : golang (EulerOS-SA-2021-2661)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which in some situations allows...

Concrete CMS: open redirect to a remote website which can phish users

By Adding some extra headers in the request I noticed that the user is redirected to a remote website. This can lead to stealing a user credentials phishing on a remote server. These headers can be added either using a MITM attack or by chaining with another vulnerability such as request smugglin...