308 matches found
Agent Tesla Botnet - Arbitrary Code Execution Exploit
Agent Tesla Botnet - Arbitrary Code Execution import requests import argparse import base64 Agent Tesla C2 RCE by prsecurity For research purposes only. Don't pwn what you don't own. def getargs: parser = argparse.ArgumentParser prog="agentteslasploit.py", formatterclass=lambda prog:...
Azorult Botnet - SQL Injection Exploit
Azorult Botnet - SQL Injection import requests import argparse import base64 Azorult 3.3.1 C2 SQLi by prsecurity For research purposes only. Don't pwn what you don't own. change GUID and XOR key to specific beacon, can be extracted from a sample guid =...
Agent Tesla Botnet Arbitrary Code Execution
import requests import argparse import base64 Agent Tesla C2 RCE by prsecurity For research purposes only. Don't pwn what you don't own. def getargs: parser = argparse.ArgumentParser prog="agentteslasploit.py", formatterclass=lambda prog: argparse.HelpFormatterprog, maxhelpposition=50, epilog= ''...
@arkecosystem/core (>=2.1.0 <=2.7.26), @arkecosystem/core-database-postgres (>=0.2.0 <=2.7.26) +221 more potentially affected by unknown CVE via sql (>=0.0.5 <=0.78.0)
sql NPM version =0.0.5, =2.1.0, =0.2.0, =2.4.0, =0.1.0, =2.1.0, =1.0.0, =1.0.0, =2.0.0-alpha.1, =2.0.0-pre.12, =2.0.0-alpha.1, =1.0.0, =0.20.1, =0.4.4, =1.1.0, =1.2.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-8F93-RV4P-X4JW...
SS-2018-020: Potential SQL vulnerability in PostgreSQL database connector
More info at https://www.silverstripe.org/download/security-releases/ss-2018-020/...
Joomla! Dutch Auction Factory 2.0.2 SQL Injection
Exploit Title: Joomla! Component Dutch Auction Factory 2.0.2 - 'filterorderDir' SQL Injection Dork: N/A Exploit Author: Ihsan Sencan Date: 2018-09-24 Vendor Homepage: https://thephpfactory.com/ Software Link:...
hostel365.com.br Improper Access Control vulnerability
Open Bug Bounty ID: OBB-654649 Description| Value ---|--- Affected Website:| hostel365.com.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
OPENSUSE-SU-2018:1059-1 Security update for phpMyAdmin
This update for phpMyAdmin to version 4.8.0.1 fixes the following issues: - CVE-2018-10188: Possible execution of arbitrary SQL statements via manipulated URLs boo1090309 This version also contains a number of upstream changes, improvements, new functions and bug fixes...
capitolcardiology.com Improper Access Control vulnerability
Open Bug Bounty ID: OBB-593766 Description| Value ---|--- Affected Website:| capitolcardiology.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
flergalicious.com Improper Access Control vulnerability
Open Bug Bounty ID: OBB-593080 Description| Value ---|--- Affected Website:| flergalicious.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
EUVD-2017-3126
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
RED HAWK v2.0.0 - All in one tool for Information Gathering, Vulnerability Scanning and Crawling
RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scannig and Crawling. Coded In PHP. Features: Basic Scan Site Title NEW IP Address Web Server Detection IMPROVED CMS Detection Cloudflare Detection robots.txt Scanner Whois Lookup IMPROVED Geo-IP Lookup Grab Banners...
RED HAWK - All In One Tool For Information Gathering, SQL Vulnerability Scannig and Crawling
RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scannig and Crawling. Coded In PHP. Features Of The Tool: Server detection Cloudflare detector robots scanner CMS Detector WordPress Joomla Drupal Magento Whois GEO-IP Scan NMAP Port Scan DNS Lookup SubNet Calculator...
An All In One Information Gathering Tool: RED HAWK
RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scanning and Crawling.Coded In PHP Scans That You Can Perform Using RED HAWK : Basic Scan Site Title NEW IP Address Web Server Detection IMPROVED CMS Detection Cloudflare Detection robots.txt Scanner Whois Lookup IMPROVED...
Whitewidow - SQL Vulnerability Scanner
Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server information, multiple SQL injection syntax, abili...
CVE-2017-5347
SQL injection vulnerability in inc/mod/newsletter/options.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the recipient parameter to gxadmin/index.php...
UBUNTU-CVE-2016-5609
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML...
MGASA-2016-0289 Updated postgresql packages fix security vulnerability
It was discovered that certain SQL statements containing CASE/WHEN commands could crash the PostgreSQL server, or disclose a few bytes of server memory, potentially leading to arbitrary code execution CVE-2016-5423. It was found that PostgreSQL client programs mishandle database and role names...
Whitewidow - SQL Vulnerability Scanner
Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server information, multiple SQL injection syntax, and a...
Automated SQL Vulnerability Scanner: Whitewidow
Open Source Automated SQL Vulnerability Scanner Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server...