Lucene search
K
PacketstormRecent

50786 matches found

Packet Storm
Packet Storm
•added 2021/04/21 12:0 a.m.•245 views

Adtran Personal Phone Manager 10.8.1 DNS Exfiltration

Exploit Title: Adtran Personal Phone Manager 10.8.1 - DNS Exfiltration Date: 1/21/2021 Exploit Author: 3ndG4me Vendor Homepage: https://adtran.com/web/page/portal/Adtran/wphome Version: v10.8.1 Tested on: NetVanta 7060 and NetVanta 7100 CVE : CVE-2021-25681 CVE-2021-25681 - AdTran Personal Phone...

7.6AI score0.13418EPSS
Exploits5
Packet Storm
Packet Storm
•added 2021/04/21 12:0 a.m.•451 views

OpenEMR 5.0.2.1 Remote Code Execution

Exploit Title: OpenEMR 5.0.2.1 - Remote Code Execution Exploit Author: Hato0, BvThTrd Date: 2020-08-07 Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.2.1/openemr-5.0.2.tar.gz/download Version: 5.0.2.1 without patches...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/21 12:0 a.m.•354 views

Discourse 2.7.0 2FA Bypass

Exploit Title: Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass Date: 14/01/2021 Exploit Author: Mesh3l911 Vendor Homepage: https://www.discourse.org/ Software Link:https://github.com/discourse/discourse Version: Discourse 2.7.0 CVE: CVE-2021-3138 import requests username = input"\n input ...

5CVSS7.6AI score0.03073EPSS
Exploits4
Packet Storm
Packet Storm
•added 2021/04/20 12:0 a.m.•196 views

Phone Shop Sales Management System 1.0 Shell Upload

Exploit Title: Phone Shop Sales Management System - Arbitrary File Upload Unauthenticated Date: 20/04/21 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/10882/phone-shop-sales-managements-system.html Version: 1.0 Tested on: Windows 10 build 19041 + xampp 3.2.4...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/20 12:0 a.m.•550 views

Cisco RV Authentication Bypass / Code Execution

IoT Inspector Research Lab Security Advisory IOT-20210414-0 title: Cisco RV series Authentication Bypass and Remote Command Execution vendor/product: Cisco https://www.cisco.com/ vulnerable version: RV16X/RV26X: 1.0.01.02 & below. RV34X: 1.0.03.20 & below. fixed version: RV16X/RV26X: 1.0.01.03...

7.5CVSS0.5AI score0.72472EPSS
Exploits8
Packet Storm
Packet Storm
•added 2021/04/20 12:0 a.m.•575 views

Fibaro Home Center MITM / Missing Authentication / Code Execution

IoT Inspector Research Lab Advisory IOT-20210408-0 title: Multiple vulnerabilities vendor/product: Fibaro Home Center Light / Fibaro Home Center 2 https://www.fibaro.com/ vulnerable version: 4.600 and older fixed version: 4.610 CVE number: CVE-2021-20989, CVE-2021-20990, CVE-2021-20991,...

0.9AI score0.05437EPSS
Exploits6
Packet Storm
Packet Storm
•added 2021/04/19 12:0 a.m.•218 views

WordPress Photo Gallery 1.5.69 Cross Site Scripting

Researcher Name: ThuraMoeMyint Twitter: https://twitter.com/mgthuramoemyint Vendor Url: https://wordpress.org/plugins/photo-gallery/ "Photo Gallery by 10Web / Mobile-Friendly Image Gallery" photo-gallery Multiple RXSS The parameter bwgalbumbreadcrumb0 is able to inject malicious javascript code...

Exploits0
Packet Storm
Packet Storm
•added 2021/04/19 12:0 a.m.•535 views

Nagios XI 5.7.3 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI 5.6.0-5.7.3 - Mibs.php Authenticated Remote Code Exection', 'Description' = %q This module exploits CVE-2020-5791, an OS command...

9CVSS7.2AI score0.78632EPSS
Exploits7
Packet Storm
Packet Storm
•added 2021/04/19 12:0 a.m.•374 views

Trojan.Win32.Agentb.iofv Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d4ac133a9df0c627f899bb6039d04215.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agentb.iofv Vulnerability: Insecure Permissions Description: Agentb.iofv creates an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/19 12:0 a.m.•344 views

Trojan.Win32.Agent.hsm Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c58d5aecd223ac95ae5fab6dcd69e953.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agent.hsm Vulnerability: Insecure Permissions Description: Agent.hsm creates an insecur...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/19 12:0 a.m.•424 views

Trojan.Win32.NanoBot.onh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9fff4c02274c0162880844f27ff91407.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.NanoBot.onh Vulnerability: Insecure Permissions Description: NanoBot.onh creates an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/19 12:0 a.m.•457 views

Trojan.Win32.Bayrob.dtrg Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2f3f0e9be7edb73e545fc49b5a78b4f0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Bayrob.dtrg Vulnerability: Insecure Permissions Description: Bayrob.dtrg creates an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/19 12:0 a.m.•368 views

Trojan-Dropper.Win32.Agent.bjtzcp Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2992b86d03c3922ed45fa09ef105f018.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Agent.bjtzcp Vulnerability: Insecure Permissions Description: Agent.bjtzcp...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/18 12:0 a.m.•259 views

Constructor.Win32.Bifrose.ag Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/db45a906a0a3747398b2b8a5faff5e44.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Constructor.Win32.Bifrose.ag Vulnerability: Local Stack Buffer Overflow Description: Bifrost crypted...

0.8AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/17 12:0 a.m.•317 views

HEUR.Backdoor.Win32.Generic File Download

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d7648b676dd139d1b7ba781816726510.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Generic Vulnerability: Unauthenticated Open Proxy Description: The backdoor...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/16 12:0 a.m.•560 views

GetSimple CMS My SMTP Contact 1.1.1 CSRF / Remote Code Execution

Exploit Title: GetSimple CMS My SMTP Contact Plugin = v1.1.1 - CSRF to RCE Exploit Author: Bobby Cooke boku Date: April 15th, 2021 Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/extend/download.php?file=files/18274/1221/my-smtp-contact1.1.1.zip&id=1221 Vendor:...

Exploits0
Packet Storm
Packet Storm
•added 2021/04/16 12:0 a.m.•242 views

glFTPd 2.11a Denial Of Service

Exploit Title: glFTPd 2.11a - Remote Denial of Service Date: 15/05/2021 Exploit Author: xynmaps Vendor Homepage: https://glftpd.io/ Software Link: https://glftpd.io/files/glftpd-LNX-2.11a1.1.1kx64.tgz Version: 2.11a Tested on: Parrot Security OS 5.9.0 ------------------------------- encoding=utf8...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/15 12:0 a.m.•525 views

Horde Groupware Webmail 5.2.22 Cross Site Scripting

Exploit Title: Horde Groupware Webmail 5.2.22 - Stored XSS Author: Alex Birnberg Testing and Debugging: Ventsislav Varbanovski @nu11secur1ty Date: 04.14.2021 Vendor: https://www.horde.org/apps/webmail Link: https://github.com/horde/webmail/releases CVE: CVE-2021-26929 + Exploit Source:...

4.3CVSS6.2AI score0.04944EPSS
Exploits7
Packet Storm
Packet Storm
•added 2021/04/15 12:0 a.m.•241 views

Tileserver-gl 3.0.0 Cross Site Scripting

Exploit Title: Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting XSS Date: 15/04/2021 Exploit Author: Akash Chathoth Vendor Homepage: http://tileserver.org/ Software Link: https://github.com/maptiler/tileserver-gl Version: versions alertdocument.domain...

4.3CVSS0.12224EPSS
Exploits3
Packet Storm
Packet Storm
•added 2021/04/15 12:0 a.m.•715 views

Backdoor.Win32.Zombam.h Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/55feab480a43727c8a08feb7344afb4a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.h Vulnerability: Remote Stack Buffer Overflow Description: Zombam.h HTTP RAT...

0.7AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/15 12:0 a.m.•279 views

htmly 2.8.0 Cross Site Scripting

Exploit Title: htmly 2.8.0 allows stored XSS Authors: @nu11secur1ty & G.Dzhankushev Date: 04.15.2021 Vendor: htmly Link: https://github.com/danpros/htmly CVE: CVE-2021-30637 + Exploit Source: https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-26929 Exploit Program Code !/usr/bin/python3...

4.3CVSS5.8AI score0.04944EPSS
Exploits9
Packet Storm
Packet Storm
•added 2021/04/15 12:0 a.m.•429 views

Nagios XI Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI Prior to 5.8.0 - Plugins Filename Authenticated Remote Code Exection', 'Description' = %q This module exploits a command injection...

9CVSS0.1AI score0.81915EPSS
Exploits7
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•350 views

Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Remote Command Execution

Exploit Title: Genexis PLATINUM 4410 2.1 P4410-V2-1.28 - RCE Date: 12-4-2021 Exploit Author: Jay Sharma Version: Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Tested on: V2.1 CVE : CVE-2021-29003 steps to reproduce Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute...

0.3AI score0.45417EPSS
Exploits5
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•300 views

CITSmart ITSM 9.1.2.27 SQL Injection

Exploit Title: CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection Authenticated Google Dork: "citsmart.local" Date: 11/03/2021 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.2...

0.2AI score0.05767EPSS
Exploits3
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•436 views

Digital Crime Report Management System 1.0 SQL Injection

Exploit Title: Digital Crime Report Management System 1.0 - SQL Injection Authentication Bypass Date: 13 April 2021 Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://iwantsourcecodes.com/digital-crime-report-management-system-in-php-with-source-code/ Software Link:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•426 views

HEUR.Hoax.Win32.FrauDrop.gen Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1d40e72fb8cf300298df4b828b48ec29.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Hoax.Win32.FrauDrop.gen Vulnerability: Insecure Permissions Description: FrauDrop.gen creates a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•515 views

Nagios XI getprofile.sh Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI Prior to 5.6.6 getprofile.sh Authenticated Remote Command Execution', 'Description' = %q This module exploits a vulnerability in the...

9CVSS0.4AI score0.77741EPSS
Exploits13
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•685 views

Microsoft Azure DevOps Server 2020.0.1 Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Reflected cross-site scripting product: Microsoft Azure DevOps Server vulnerable version: 2020.0.1 fixed version: 2020.0.1 Patch 2 CVE number: CVE-2021-28459 impact: medi...

6.6AI score0.02317EPSS
Exploits3
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•5108 views

jQuery 1.2 Cross Site Scripting

Exploit Title: jQuery 1.2 - Cross-Site Scripting XSS Date: 04/29/2020 Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.2 and before 3.5.0 CVE : CVE-2020-11022 Proof of Concept 1:...

4.3CVSS0.1AI score0.99019EPSS
Exploits7
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•228 views

CITSmart ITSM 9.1.2.22 LDAP Injection

Exploit Title: CITSmart ITSM 9.1.2.22 - LDAP Injection Google Dork: "citsmart.local" Date: 29/12/2020 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.23 Using this LDAP query in the usernam...

7.5CVSS9.7AI score0.13309EPSS
Exploits3
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•424 views

Trojan.Win32.Agent.zfgh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a2017b547da2f06c6d7c02398cc481f6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agent.zfgh Vulnerability: Insecure Permissions Description: Agent.zfgh creates an hidde...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•728 views

Trojan.Win32.Jorik.qje Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/982479ad10ff048d566516254051e17e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Jorik.qje Vulnerability: Insecure Permissions Description: Jorik.qje creates an insecur...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•504 views

Webmail Edition 5.2.22 XSS / Remote Code Execution

Exploit Title: Remote code execution XSS HordeTextFilter library Webmail Edition through 5.2.22 Author: Alex Birnberg Testing and Debugging: Ventsislav Varbanovski @nu11secur1ty System Administrator - Infrastructure Engineer Date: 04.14.2021 Vendor: webmail Link:...

4.3CVSS6.2AI score0.04944EPSS
Exploits7
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•908 views

MariaDB 10.2 Command Execution

Exploit Title: MariaDB 10.2 /MySQL - 'wsrepprovider' OS Command Execution Date: 03/18/2021 Exploit Author: Central InfoSec Version: MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through...

9CVSS0.6AI score0.38179EPSS
Exploits9
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•5068 views

jQuery 1.0.3 Cross Site Scripting

Exploit Title: jQuery 1.0.3 - Cross-Site Scripting XSS Date: 04/29/2020 Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.0.3 and before 3.5.0 CVE : CVE-2020-11023 Proof of Concept 1: Proof of Concept 2 Only jQuery 3.x affected: "...

4.3CVSS0.1AI score0.8383EPSS
Exploits6
Packet Storm
Packet Storm
•added 2021/04/13 12:0 a.m.•254 views

Native Church Website 1.0 Shell Upload

Exploit Title: Native Church Website - Arbitrary File Upload Authenticated Date: 04/21 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11764/native-church-website-phpmysql.html Version: 1.0 Tested on: Windows 10 build 19041 + xampp 3.2.4 /usr/bin/python3 import...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/13 12:0 a.m.•456 views

Blitar Tourism 1.0 SQL Injection

Exploit Title: Blitar Tourism 1.0 - Authentication Bypass SQLi Date: 13 April 2021 Exploit Author: sigeri94 Vendor Homepage: https://sourcecodeaplikasi.info/source-code-aplikasi-biro-travel-berbasis-web/ Software Link: https://codeload.github.com/satndy/Aplikasi-Biro-Travel/zip/master Version: 1....

0.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/13 12:0 a.m.•658 views

ExpressVPN VPN Router 1.0 Integer Overflow

Exploit Title: ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow Date: 09-04-2021 Exploit Author: Jai Kumar Sharma Vendor Homepage: https://www.expressvpn.com/ Software Link: https://www.expressvpn.com/vpn-software/vpn-router Version: version 1 Tested on: Windows/Ubuntu/MacOS CVE ...

5CVSS0.9AI score0.16652EPSS
Exploits3
Packet Storm
Packet Storm
•added 2021/04/13 12:0 a.m.•663 views

Chrome V8 JavaScript Engine Remote Code Execution

/ BSD 2-Clause License Copyright c 2021, rajvardhan agarwal All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice,...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/13 12:0 a.m.•528 views

Simple Student Information System 1.0 SQL Injection

Exploit Title: Simple Student Information System 1.0 - SQL Injection Authentication Bypass Date: 13 April 2021 Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://www.sourcecodester.com/php/11400/simple-student-information-system-ajax-live-search.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/12 12:0 a.m.•3247 views

vsftpd 2.3.4 Backdoor Command Execution

Exploit Title: vsftpd 2.3.4 - Backdoor Command Execution Date: 9-04-2021 Exploit Author: HerculesRD Software Link: http://www.linuxfromscratch.org/thomasp/blfs-book-xsl/server/vsftpd.html Version: vsftpd 2.3.4 Tested on: debian CVE : CVE-2011-2523 !/usr/bin/python3 from telnetlib import Telnet...

10CVSS0.2AI score0.96184EPSS
Exploits32
Packet Storm
Packet Storm
•added 2021/04/09 12:0 a.m.•597 views

PrestaShop 1.7.6.7 SQL Injection

Exploit Title: PrestaShop 1.7.6.7 - 'location' Blind Sql Injection Date: 2021-04-08 Exploit Author: Vanshal Gaur Vendor Homepage: https://www.prestashop.com/ Version: 1.7.5.x 1.7.6.8 Tested on: Debian 10 buster CVE : CVE-2020-15160 !/usr/bin/python3 ''' Setup Vulnerable Docker on "localhost:8080"...

7.5CVSS0.3AI score0.10807EPSS
Exploits3
Packet Storm
Packet Storm
•added 2021/04/09 12:0 a.m.•1050 views

Google Chrome SimplfiedLowering Integer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome versions before 87.0.4280.88 integer overflow during SimplfiedLowering phase', 'Description' = %q This module exploits an issue in...

4.3CVSS0.9AI score0.99595EPSS
Exploits14
Packet Storm
Packet Storm
•added 2021/04/08 12:0 a.m.•431 views

Trojan-Downloader.Win32.Genome.qiw Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5cddc4647fb1c59f5dc7f414ada7fad4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Genome.qiw Vulnerability: Insecure Permissions Description: Genome.qiw creat...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/08 12:0 a.m.•474 views

Backdoor.Win32.Small.n Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/fb24c3509180f463c9deaf2ee6705062.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Small.n Vulnerability: Unauthenticated Remote Command Execution SYSTEM Description: T...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/08 12:0 a.m.•275 views

D-Link DSL-320B-D1 Pre-Authentication Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Multiple Pre-Auth Stack Buffer Overflow in D-Link DSL-320B-D1 ADSL Modem ======== ========================================= 0. Overview 1. Details 2. Solution 3. Disclosure Timeline 4. Thanks & Acknowledgements 5. References 6. Credits 7. Legal...

0.5AI score0.40081EPSS
Exploits3
Packet Storm
Packet Storm
•added 2021/04/08 12:0 a.m.•441 views

Trojan.Win32.Hosts2.yqf Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/274a6e846c5a4a2b3281198556e5568b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Hosts2.yqf Vulnerability: Insecure Permissions Description: Hosts2.yqf creates an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/08 12:0 a.m.•471 views

Backdoor.Win32.Hupigon.das Unauthenticated Open Proxy

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/7afe56286039faf56d4184c476683340.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.das Vulnerability: Unauthenticated Open Proxy Description: The malware drops ...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/08 12:0 a.m.•563 views

Check Point Identity Agent Arbitrary File Write

Advisory: Privileged File Write Description =========== The Check Point Identity Agent allows low privileged users to write files to protected locations of the file system. Details ======= Advisory ID: usd-2021-0005 Product: Check Point Identity Agent Affected Version: R81.018.0000 Vulnerability...

0.3AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/08 12:0 a.m.•514 views

DMA Radius Manager 4.4.0 Cross Site Request Forgery

Exploit Title: DMA Radius Manager 4.4.0 - Cross-Site Request Forgery CSRF Date: April 8, 2021 04/08/2021 Exploit Author: Issac Briones Vendor Homepage: http://www.dmasoftlab.com/ Software Download: https://sourceforge.net/projects/radiusmanager/ Version: 4.4.0 CVE: CVE-2021-30147...

0.4AI score0.0352EPSS
Exploits4
Total number of security vulnerabilities50786