Lucene search
K

7082 matches found

Kitploit
Kitploit
added 2021/03/20 11:30 a.m.224 views

Reverse-Shell-Generator - Hosted Reverse Shell Generator With A Ton Of Functionality

Hosted Reverse Shell generator with a ton of functionality -- great for CTFs Hosted Instance https://revshells.com Features Generate common listeners and reverse shells Automatically copy to clipboard Button to increment the listening port number by 1 URI and Base64 encoding LocalStorage to persi...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/03/18 5:0 p.m.158 views

USN-4882-1: Ruby vulnerabilities

It was discovered that the Ruby JSON gem incorrectly handled certain JSON files. If a user or automated system were tricked into parsing a specially crafted JSON file, a remote attacker could use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

7.5CVSS7.4AI score0.06811EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/03/18 1:3 p.m.65 views

How to Successfully Pursue a Career in Malware Analysis

Are you looking to becoming a malware analyst? Then continue reading to discover how to gain the training you need and start a career in malware analysis career. Did you know that new malware is released every seven seconds? As more and more systems become reliant on the internet, the proliferati...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/18 1:3 p.m.3 views

How to Successfully Pursue a Career in Malware Analysis

Are you looking to becoming a malware analyst? Then continue reading to discover how to gain the training you need and start a career in malware analysis career. Did you know that new malware is released every seven seconds? As more and more systems become reliant on the internet, the proliferati...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2021/03/17 12:7 p.m.103 views

Exploit for Unrestricted Upload of File with Dangerous Type in Cutephp Cutenews

CVE-2019-11447 Exploit/PoC - CuteNews 2.1.2 Avatar upload RCE...

8.8CVSS8.9AI score0.52901EPSS
Exploits10
Malwarebytes
Malwarebytes
added 2021/03/16 6:15 p.m.46 views

ProxyLogon PoCs trigger a game of whack-a-mole

As we reported recently, the use of the Microsoft Exchange Server ProxyLogon vulnerabilities has gone from “limited and targeted attacks” to a full-size panic in no time. Criminal activities, ranging in severity from planting crypto-miners to deploying ransomware, and conducted by numerous groups...

7.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/03/16 3:17 p.m.5 views

tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling

A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the...

5.8CVSS6.8AI score0.09386EPSS
Exploits0References7
0day.today
0day.today
added 2021/03/16 12:0 a.m.11 views

Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution Exploit

Exploit Title: Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution File Upload + SQL injection Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11676/alphaware-simple-e-commerce-system.html...

0.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/03/15 11:16 a.m.33 views

Security Analysis of Apple’s “Find My…” Protocol

Interesting research: "Who Can Find My Devices? Security and Privacy of Apples Crowd-Sourced Bluetooth Location Tracking System": Abstract: Overnight, Apple has turned its hundreds-of-million-device ecosystem into the worlds largest crowd-sourced location tracking network called offline finding O...

2.4AI score
Exploits0
Kitploit
Kitploit
added 2021/03/14 11:30 a.m.80 views

Girsh - Automatically Spawn A Reverse Shell Fully Interactive

Who didn't get bored of manually typing the few lines to upgrade a reverse shell to a full interactive reverse shell tty spawn, stty size ..., stty raw -echo or typing the command to use ConPTY. Description With Girsh, just run it and it will detect the OS and execute the correct commands to...

7.8AI score
Exploits0References2
Kitploit
Kitploit
added 2021/03/12 8:30 p.m.34 views

Go-RouterSocks - Router Sock. One Port Socks For All The Others.

The next step after compromising a machine is to enumerate the network behind. Many tools exist to expose a socks port on the attacker's machine and send all the traffic through a tunnel to the compromised machine. When several socks ports are available, we have to manage different proxychains...

7.5AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/03/11 4:48 a.m.6 views

golang: data race in certain net/http servers including ReverseProxy can lead to DoS

A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability...

5.9CVSS7.3AI score0.02893EPSS
Exploits0References5
CNVD
CNVD
added 2021/03/11 12:0 a.m.9 views

SAP Netweaver Application Server Java Reverse Tag Phishing Vulnerability

SAP Netweaver Application Server Java is part of the SAP NetWeaver Application Platform, which provides a complete infrastructure for deploying and running Java applications. A reverse tag phishing vulnerability exists in SAP Netweaver Application Server Java 7.00, 7.10, 7.11, 7.20, 7.30, 7.31,...

6.1CVSS6.6AI score0.00666EPSS
Exploits0References1
NVD
NVD
added 2021/03/10 3:15 p.m.12 views

CVE-2021-21491

SAP Netweaver Application Server Java Applications based on WebDynpro Java versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

6.1CVSS0.00666EPSS
Exploits0References2
OSV
OSV
added 2021/03/10 3:15 p.m.4 views

CVE-2021-21491

SAP Netweaver Application Server Java Applications based on WebDynpro Java versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

6.1CVSS6AI score0.00666EPSS
Exploits0References2
Prion
Prion
added 2021/03/10 3:15 p.m.18 views

Design/Logic Flaw

SAP Netweaver Application Server Java Applications based on WebDynpro Java versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

5.8CVSS6.2AI score0.00666EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/03/10 2:11 p.m.14 views

CVE-2021-21491

SAP Netweaver Application Server Java Applications based on WebDynpro Java versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

4.7CVSS6.4AI score0.00666EPSS
Exploits0References2
CVE
CVE
added 2021/03/10 2:11 p.m.65 views

CVE-2021-21491

CVE-2021-21491 affects SAP NetWeaver Application Server Java (WebDynpro Java) and its supported Java applications, specifically versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50. The vulnerability is described as a Reverse Tabnabbing issue that can allow an attacker to redirect users to...

6.1CVSS6.2AI score0.00666EPSS
Exploits0References2Affected Software1
Wired Threat Level
Wired Threat Level
added 2021/03/10 12:0 p.m.42 views

It’s Open Season for Microsoft Exchange Server Hacks

A patch for the vulnerabilities China exploited has been released. Now, criminal groups are going to reverse engineer it—if they haven’t already...

7.1AI score
Exploits0
Prion
Prion
added 2021/03/10 3:15 a.m.20 views

Integer overflow

An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request...

5CVSS7.6AI score0.16652EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder