Browsing the "File" Tag

BigBlueButton 2.2.25 File Disclosure / Server-Side Request Forgery ≈ Packet Storm

October 22nd, 2020 📆 | 3694 Views ⚑

Advisory: Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton RedTeam Pentesting discovered a vulnerability in the BigBlueButton webconferencing system

Tagged with:




HiSilicon Video Encoder 1.97 File Disclosure / Path Traversal ≈ Packet Storm

October 20th, 2020 📆 | 4093 Views ⚑

#!/usr/bin/env bash # Exploit Title: HiSilicon video encoders – unauthenticated file disclosure via path traversal# Date: 2020-09-20# Exploit Author: Alexei

Tagged with:




ReQuest Serious Play Media Player 3.0 File Disclosure / Path Traversal ≈ Packet Storm

October 20th, 2020 📆 | 5531 Views ⚑

ReQuest Serious Play Media Player 3.0 Directory Traversal File Disclosure Vulnerability Vendor: ReQuest Serious Play LLCProduct web page: http://www.request.comAffected version:

Tagged with:




Battle.Net 1.27.1.12428 Insecure File Permissions ≈ Packet Storm

October 14th, 2020 📆 | 8452 Views ⚑

# Exploit Title: Battle.Net 1.27.1.12428 – Insecure File Permissions# Date: 2020-10-09# Exploit Author: George Tsimpidas# Software Link : https://www.blizzard.com/en-gb/download/ (

Tagged with:




Sage DPW 2020_06_000 / 2020_06_001 XSS / File Upload ≈ Packet Storm

October 12th, 2020 📆 | 2978 Views ⚑

SEC Consult Vulnerability Lab Security Advisory < 20201012-0 >=======================================================================title: Reflected Cross-Site Scripting and UnauthenticatedMalicious File Uploadproduct: Sage DPWvulnerable version: 2020_06_000

Tagged with:




MonoCMS Blog 1.0 File Deletion / CSRF / Hardcoded Credentials ≈ Packet Storm

October 2nd, 2020 📆 | 6064 Views ⚑

# Exploit Title: MonoCMS Blog 1.0 – Arbitrary File Deletion (Authenticated)# Date: 2020-09-20# Exploit Author: Shahrukh Iqbal Mirza (@shahrukhiqbal24)# Vendor

Tagged with:




Hyland OnBase Arbitrary File Upload ≈ Packet Storm

September 11th, 2020 📆 | 7949 Views ⚑

CVSSv3.1 Score ————————————————- AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N Vendor ————————————————- Hyland Software – (https://www.hyland.com/en/andhttps://www.onbase.com/en/) Product ————————————————- Hyland OnBase All derivatives based on OnBase Versions

Tagged with:




Joomla GMapFP J3.5 / J3.5F Arbitrary File Upload ≈ Packet Storm

September 8th, 2020 📆 | 4483 Views ⚑

# Exploit Title: Joomla! Component GMapFP J3.5/J3.5F – Unauthenticated Arbitrary File Upload# Google Dork: inurl:”com_gmapfp”# Date: 2020-03-27# Exploit Author: ThelastVvV#

Tagged with:




macOS cfprefsd Arbitrary File Write / Local Privilege Escalation ≈ Packet Storm

September 8th, 2020 📆 | 4748 Views ⚑

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::LocalRank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheckinclude Msf::Post::Fileinclude Msf::Post::OSX::Privinclude Msf::Post::OSX::Systeminclude

Tagged with: