2179 matches found
Emotet Malware Destroys Itself From All Infected Computers
Emotet, the notorious email-based Windows malware behind several botnet-driven spam campaigns and ransomware attacks, was automatically wiped from infected computers en masse following a European law enforcement operation. The development comes three months after a coordinated disruption of Emote...
3 Zero-Day Exploits Hit SonicWall Enterprise Email Security Appliances
SonicWall has addressed three critical security vulnerabilities in its hosted and on-premises email security ES product that are being actively exploited in the wild. Tracked as CVE-2021-20021 and CVE-2021-20022, the flaws were discovered and reported to the company by FireEye's Mandiant subsidia...
OpenEMR 5.0.2.1 - Remote Code Execution Exploit
Exploit Title: OpenEMR 5.0.2.1 - Remote Code Execution Exploit Author: Hato0, BvThTrd Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.2.1/openemr-5.0.2.tar.gz/download Version: 5.0.2.1 without patches Tested on: Ubuntu...
OpenEMR 5.0.2.1 - Remote Code Execution
Exploit Title: OpenEMR 5.0.2.1 - Remote Code Execution Exploit Author: Hato0, BvThTrd Date: 2020-08-07 Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.2.1/openemr-5.0.2.tar.gz/download Version: 5.0.2.1 without patches...
CVE-2021-24209
The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated admin+ RCE in the settings page due to input validation failure and weak $cachepath check in the WP Super Cache Settings - Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so...
CVE-2021-24209
The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated admin+ RCE in the settings page due to input validation failure and weak $cachepath check in the WP Super Cache Settings - Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so...
Input validation
The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated admin+ RCE in the settings page due to input validation failure and weak $cachepath check in the WP Super Cache Settings - Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so...
CVE-2021-24209 WP Super Cache < 1.7.2 - Authenticated Remote Code Execution (RCE)
The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated admin+ RCE in the settings page due to input validation failure and weak $cachepath check in the WP Super Cache Settings - Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so...
CVE-2021-24209
CVE-2021-24209 affects the WP Super Cache WordPress plugin prior to 1.7.2. It enables an authenticated (admin+) RCE via the Settings → Cache Location option due to input validation failure and a weak $cache_path check, with direct access to wp-cache-config.php permitting web shell injection. Rela...
WordPress plugin WP Super Cache 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code injection vulnerability exis...
PT-2021-15754 · WordPress · Wp Super Cache
Name of the Vulnerable Software and Affected Versions: WP Super Cache versions prior to 1.7.2 Description: The issue is related to an authenticated remote code execution RCE in the settings page of the WP Super Cache WordPress plugin. This is due to a failure in input validation and a weak check ...
WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution (Authenticated)
Exploit Title: WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution Authenticated Google Dork: inurl:/wp-content/plugins/wp-super-cache/ Date: 2021-03-13 Exploit Author: m0ze Version: Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so this...
Microsoft Exchange Server ProxyLogon vulnerability
Added: 03/19/2021 Background Microsoft Exchange is an e-mail server for Microsoft Windows operating systems. Problem A server-side request forgery vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary commands. Resolution Apply the patch referenced in Microsoft Advisory...
Exploit for Path Traversal in Vmware Cloud_Foundation
PoC exploit for CVE-2021-21972, a remote code execution vulnerability in VMware vCenter 6.5-7.0. The exploit uploads the web shell "shell.jsp" to the target server, which is then executed to gain remote code execution. The exploit is invoked by running the Python script "vcenterrce.py" with the U...
WP Super Cache < 1.7.2 - Authenticated Remote Code Execution (RCE)
The plugin was affected by an authenticated admin+ RCE in the settings page due to input validation failure and weak $cachepath check in the WP Super Cache Settings - Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so this vulnerability can be exploited for...
ProxyLogon PoC Exploit Released; Likely to Fuel More Disruptive Cyber Attacks
The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI on Wednesday issued a joint advisory warning of active exploitation of vulnerabilities in Microsoft Exchange on-premises products by nation-state actors and cybercriminals. "CISA and FBI...
ProxyLogon PoC Exploit Released; Likely to Fuel More Disruptive Cyber Attacks
The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI on Wednesday issued a joint advisory warning of active exploitation of vulnerabilities in Microsoft Exchange on-premises products by nation-state actors and cybercriminals. "CISA and FBI...
More on the Chinese Zero-Day Microsoft Exchange Hack
Nick Weaver has an excellent post on the Microsoft Exchange hack: The investigative journalist Brian Krebs has produced a handy timeline of events and a few things stand out from the chronology. The attacker was first detected by one group on Jan. 5 and another on Jan. 6, and Microsoft acknowledg...
SolarWinds Hack — New Evidence Suggests Potential Links to Chinese Hackers
A malicious web shell deployed on Windows systems by leveraging a previously undisclosed zero-day in SolarWinds' Orion network monitoring software may have been the work of a possible Chinese threat group. In a report published by Secureworks on Monday, the cybersecurity firm attributed the...
SolarWinds Hack — New Evidence Suggests Potential Links to Chinese Hackers
A malicious web shell deployed on Windows systems by leveraging a previously undisclosed zero-day in SolarWinds' Orion network monitoring software may have been the work of a possible Chinese threat group. In a report published by Secureworks on Monday, the cybersecurity firm attributed the...