This Metasploit module exploits a authenticated directory traversal vulnerability in Zen Load Balancer v3.10.1. The flaw exists in index.cgi not properly handling filelog= parameter which allows a malicious actor to load arbitrary file path.
011af6df07f2ee11564536666bb82966d29715170c3c7d030a6d4aaa8987376bThis Metasploit module exploits an unauthenticated directory traversal vulnerability which exists in Spring Cloud Config versions 2.2.x prior to 2.2.3 and 2.1.x prior to 2.1.9, and older unsupported versions. Spring Cloud Config listens by default on port 8888.
c0632079991a549f014b4b533f835e3975c886fad191537a15152eb6339f1452This Metasploit module scans for an unauthenticated RCE vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands (Remote Command Execution). This vulnerability has been reintroduced in Apache 2.4.50 fix (CVE-2021-42013).
8661970ef7fbc7bc8a93b978a820b094101fa41f1545520eb469ee134ef69aa9This Metasploit module exploits an unauthenticated directory traversal vulnerability which exists in Spring Cloud Config versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6. Spring Cloud Config listens by default on port 8888.
6bd637d02aacba32c0ff161011770e08920983fc2c9a71b3c8c1465687b5fae2This Metasploit module exploits an unauthenticated directory traversal vulnerability which exists in TVT network surveillance management software-1000 version 3.4.1. NVMS listens by default on port 80.
d3404986603602d4077e3d8aaa33e60ff8d0b2719ff6ca6dd8886495eda22f7dThis Metasploit module exploits an unauthenticated remote file inclusion which exists in Supra Smart Cloud TV. The media control for the device doesnt have any session management or authentication. Leveraging this, an attacker on the local network can send a crafted request to broadcast a fake video.
4f628334a1d4a905d86ed3e418a091bc45e99144a8e83f1ac6d4d534bdfe0adfThis Metasploit module takes advantage of a Same-Origin Policy (SOP) bypass vulnerability in the Samsung Internet Browser, a popular mobile browser shipping with Samsung Android devices. By default, it initiates a redirect to a child tab, and rewrites the innerHTML to gather credentials via a fake pop-up.
d84c00616d548716b9414d5a60ebf17fd0c1065bb413ce49d1a747e954c01fc0This Metasploit module retrieves a browsers network interface IP addresses using WebRTC.
fdcd935a99b660501276182f4081b6eee9379a2d963db22a93be803e5ae26a01This Metasploit module exploits a vulnerability in the native browser that comes with IBM Lotus Notes. If successful, the browser will crash after viewing the webpage.
b27c0807b52c8cfbbf8b98fb0fe801d4a3796a313adf331f62c07526143665c0This Metasploit module exploits a vulnerability in the native browser that comes with IBM Lotus Notes. If successful, it could cause the Notes client to hang and have to be restarted.
33adc6f0907494d9e9e3086e654c7134d56d8ef84862db01869e030a8e94be8dThis is a Metasploit module for the argument processing bug in the polkit pkexec binary. If the binary is provided with no arguments, it will continue to process environment variables as argument variables, but without any security checking. By using the execve call we can specify a null argument list and populate the proper environment variables. This exploit is architecture independent.
45168e34096e858ea0c2f1c2c12695c4121ec633a36c09aef6de9a8d95de3371This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands. This vulnerability has been reintroduced in the Apache 2.4.50 fix (CVE-2021-42013).
a75779abdd3a9f2a319a34c0efbba4f95b420f39624081c3a13752641b7c8d6dThis Metasploit module exploits an authenticated directory traversal vulnerability in Zen Load Balancer version 3.10.1. The flaw exists in index.cgi not properly handling the filelog= parameter which allows a malicious actor to load arbitrary file path.
235cfaea63888533e4913051ad738896e2564cdbfb458391c3f2c2d2c0432e38VLC for iOS was vulnerable to an unauthenticated insecure direct object reference vulnerability allowing for an attacker to compromise media. This issue was patched in the March, 2020 release.
659914d9efc7ff4458622d27c5cf28ce29be80b5ebb58157129b4c7297c0d139Wing FTP Server version 2.3 suffers from a cross site request forgery vulnerability.
124fca20874002626f2d8946acbd25924520c3250f40f9e33e051e1f1bc5a1bfThis is a brief whitepaper that discusses fuzzing the VIM editor.
b961ee5f08adf14aeb3683b15f97a4a747d4d428142b2f7ac487d4c97fc8d786VIM version 8.2 suffers from a denial of service vulnerability.
a3c8101320cac1a692fc67929911f629814fff48f2fc8ab1066f6343826be239This is an nmap nse script to test for the path traversal vulnerability in Citrix Application Delivery Controller (ADC) and Gateway.
078997b326852f40549231510ea278d6e98e39608b88703f2a45f6a9734b1d28VIM version 8.1.2135 suffers from a heap use-after-free vulnerability using freed memory with autocmd.
4c96c1b707150c62f170d081c709f5113fd68839f8775298501fd594a3ebb4d2In libyal libfwsi versions prior to 20191006, libfwsi_extension_block_copy_from_byte_stream in libfwsi_extension_block.c has a heap-based buffer over-read because rejection of an unsupported size only considers values less than 6, even though values of 6 and 7 are also unsupported.
46e852d4c7c1971b5e6984b6483409bbb11e258031a5a6fb7803147f5c7a344dXpdf version 4.02 suffers from a null pointer dereference vulnerability.
714323324124447a3720e4acecefa4a5621bc11ef45ca9e104d7bc6b946bbdddSupra Smart Cloud TV suffers from an openLiveURL() remote file inclusion vulnerability.
36d9b0b5cd1b087e4e8ad3e10950200b370a681e06ac888c6f0a7087cf752c68Typora version 0.9.9.24.6 suffers from a directory traversal vulnerability.
d701e0872d46eff9fc856c8428a213430d7d1c726d700916ecbb1772e5e4f60eThis Metasploit module exploits an unauthenticated directory traversal vulnerability which exists in Spring Cloud Config versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6. Spring Cloud Config listens by default on port 8888.
39f19c1a165c51512a1ca99f92c17456b0d2f8470dbf6c008d92f912f1f1c01cApache Pluto versions 3.0.0 and 3.0.1 suffer from a persistent cross site scripting vulnerability.
bc0a3e0163f2496ba695cd031c4936411fb61ecb6d3dd26b359fcdc291d07788
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed