IncomCMS 2.0 – Insecure File Upload
January 10th, 2021 📆 | 7771 Views ⚑
# Exploit Title: IncomCMS 2.0 - Insecure File Upload # Google Dork: intext:"Incom CMS 2.0" # Date: 07.12.2020 # Exploit
Browsing the "insecure" Tag
Tagged with: CVE-2020-29597 • File • incomcms • insecure • multiple • upload • webapps
Fluentd TD-agent plugin 4.0.1 – Insecure Folder Permission
January 10th, 2021 📆 | 1766 Views ⚑
# Exploit Title: Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission # Date: 21.12.2020 # Exploit Author: Adrian Bondocea #
Tagged with: agent • CVE-2020-28169 • fluentd • folder • insecure • local • permission • plugin • TDagent • windows
WinAVR Version 20100110 – Insecure Folder Permissions
January 9th, 2021 📆 | 3483 Views ⚑
# Exploit Title: WinAVR Version 20100110 - Insecure Folder Permissions # Date: 2020-12-11 # Exploit Author: Mohammed Alshehri # Vendor
Tagged with: 20100110 • folder • insecure • local • permissions • version • winavr • windows
Backdoor.Win32.Agent.dcbh Insecure Permissions / Privilege Escalation ≈ Packet Storm
January 8th, 2021 📆 | 5704 Views ⚑
Discovery / credits: malvuln – Malvuln.com (c) 2021Original source: https://malvuln.com/advisory/bba63df41adcf2cf80c74e4a62539d44.txtContact: [email protected]: twitter.com/malvuln Threat: Backdoor.Win32.Agent.dcbhVulnerability: Insecure Permissions EoPDescription: Drops an executable
Tagged with: advisory • agent • backdoor • BackdoorWin32Agentdcbh • CSRF • escalation • exploit • insecure • overflow • packet • permissions • privilege • scanner • security • storm • vulnerability • whitepaper • win32 • XSS
Backdoor.Win32.Xtreme.yvp Insecure Permissions / Privilege Escalation ≈ Packet Storm
January 8th, 2021 📆 | 2208 Views ⚑
Discovery / credits: malvuln – Malvuln.com (c) 2021Original source: https://malvuln.com/advisory/7bd93c10c9373cfc2bcc8eff712631f1.txtContact: [email protected]: twitter.com/malvuln Threat: Backdoor.Win32.Xtreme.yvpVulnerability: Insecure Permissions EoPDescription: Change permissions are
Tagged with: advisory • backdoor • BackdoorWin32Xtremeyvp • CSRF • escalation • exploit • insecure • overflow • packet • permissions • privilege • scanner • security • storm • vulnerability • whitepaper • win32 • XSS • xtreme
Newgen Correspondence Management System eGov 12.0 Insecure Direct Object Reference ≈ Packet Storm
January 7th, 2021 📆 | 4812 Views ⚑
# Exploit Title: Newgen Correspondence Management System (corms) eGov 12.0 – IDOR# Date: 29 Dec 2020# Exploit Author: ALI AL
Tagged with: advisory • correspondence • CSRF • direct • eGov • exploit • insecure • management • newgen • object • overflow • packet • reference • scanner • security • storm • system • vulnerability • whitepaper • XSS
WinAVR 20100110 Insecure Folder Permissions ≈ Packet Storm
January 7th, 2021 📆 | 1527 Views ⚑
# Exploit Title: WinAVR Version 20100110 – Insecure Folder Permissions# Date: 2020-12-11# Exploit Author: Mohammed Alshehri# Vendor Homepage: https://sourceforge.net/projects/winavr/# Software
Tagged with: 20100110 • advisory • CSRF • exploit • folder • insecure • overflow • packet • permissions • scanner • security • storm • vulnerability • whitepaper • winavr • XSS
Fluentd TD-agent 4.0.1 Insecure Folder Permission ≈ Packet Storm
January 6th, 2021 📆 | 1766 Views ⚑
# Exploit Title: Fluentd TD-agent plugin 4.0.1 – Insecure Folder Permission# Date: 21.12.2020# Exploit Author: Adrian Bondocea# Vendor Homepage: https://www.fluentd.org/#
Tagged with: advisory • agent • CSRF • exploit • fluentd • folder • insecure • overflow • packet • permission • scanner • security • storm • TDagent • vulnerability • whitepaper • XSS
Trojan.Win32.Bayrob.cgau Insecure Permissions / Privilege Escalation ≈ Packet Storm
January 5th, 2021 📆 | 2493 Views ⚑
Discovery / credits: malvuln – Malvuln.com (c) 2021Original source: http://malvuln.com/advisory/099a169f81089dc493ea300ef0309f70.txtContact: [email protected]: twitter.com/malvuln Threat: Trojan.Win32.Bayrob.cgauVulnerability: Insecure Permissions EoP (SYSTEM)Description: Change permissions
Tagged with: advisory • bayrob • CSRF • escalation • exploit • insecure • overflow • packet • permissions • privilege • scanner • security • storm • trojan • TrojanWin32Bayrobcgau • vulnerability • whitepaper • win32 • XSS
BACKDOOR.WIN32.REMOTEMANIPULATOR Insecure Permissions ≈ Packet Storm
January 5th, 2021 📆 | 2496 Views ⚑
Discovery / credits: malvuln – Malvuln.com (c) 2021Original source: http://malvuln.com/advisory/82183b3d85311a39fb80ae07357594e5.txtContact: [email protected]: twitter.com/malvuln Threat: BACKDOOR.WIN32.REMOTEMANIPULATORVulnerability: Insecure PermissionsDescription: Creates a dir Folder139
Tagged with: advisory • backdoor • BACKDOORWIN32REMOTEMANIPULATOR • CSRF • exploit • insecure • overflow • packet • permissions • remotemanipulator • scanner • security • storm • vulnerability • whitepaper • win32 • XSS
Phorpiex Insecure Permissions / Privilege Escalation ≈ Packet Storm
January 4th, 2021 📆 | 7307 Views ⚑
Discovery / credits: malvuln – Malvuln.com (c) 2021Original source: http://malvuln.com/advisory/f4d7d721f68bc9a80aaf53bc184a3c58.txtContact: [email protected]: twitter.com/malvuln Threat: PhorpiexVulnerability: Insecure permissions EoPDescription: Change permissions are
Tagged with: advisory • CSRF • escalation • exploit • insecure • overflow • packet • permissions • phorpiex • privilege • scanner • security • storm • vulnerability • whitepaper • XSS
Programi Bilanc Build 007 Release 014 31.01.2020 Insecure Downloads ≈ Packet Storm
December 18th, 2020 📆 | 7293 Views ⚑
Programi Bilanc – Build 007 Release 014 31.01.2020 – Software-update packages are downloaded via unencrypted HTTP =============================================================================== Identifiers ————————————————- CVE-2020-11718
Tagged with: advisory • bilanc • build • CSRF • downloads • exploit • insecure • overflow • packet • programi • release • scanner • security • storm • vulnerability • whitepaper • XSS
OpenAsset Digital Asset Management Insecure Direct Object Reference ≈ Packet Storm
December 12th, 2020 📆 | 4899 Views ⚑
Title: Missing access controls Product: OpenAsset Digital Asset Management by OpenAsset Vendor Homepage: https://www.openasset.com/ Vulnerable Version: 12.0.19 (Cloud) 11.2.1 (On-premise)
Tagged with: advisory • asset • CSRF • digital • direct • exploit • insecure • management • object • openasset • overflow • packet • reference • scanner • security • storm • vulnerability • whitepaper • XSS
Employee Performance Evaluation System 1.0 Insecure Direct Object Reference ≈ Packet Storm
December 10th, 2020 📆 | 6244 Views ⚑
# Exploit Title: Employee Performance Evaluation System 1.0 – Able to delete Admin user from Local account Unauthenticated Insecure Direct
Tagged with: advisory • CSRF • direct • employee • evaluation • exploit • insecure • object • overflow • packet • performance • reference • scanner • security • storm • system • vulnerability • whitepaper • XSS
Sony BRAVIA Digital Signage 1.7.8 Insecure Direct Object Reference ≈ Packet Storm
December 3rd, 2020 📆 | 4609 Views ⚑
Sony BRAVIA Digital Signage 1.7.8 Client-Side Protection Bypass / IDOR Vendor: Sony Electronics Inc.Product web page: https://pro-bravia.sony.nethttps://pro-bravia.sony.net/resources/software/bravia-signage/https://pro.sony/ue_US/products/display-softwareAffected version: < =1.7.8
Tagged with: advisory • bravia • CSRF • digital • direct • exploit • insecure • object • overflow • packet • reference • scanner • security • signage • Sony • storm • vulnerability • whitepaper • XSS
Crypto-mining malware fiends exploit insecure Docker installations with botnet
December 2nd, 2020 📆 | 2888 Views ⚑
John Leyden 02 December 2020 at 16:50 UTC Updated: 02 December 2020 at 17:19 UTC There’s something nasty in that
Tagged with: botnet • crypto • cryptomining • docker • exploit • fiends • insecure • installations • malware • mining
Crypto-mining malware fiends exploit insecure Docker installs with botnet
December 2nd, 2020 📆 | 1788 Views ⚑
There’s something nasty in that container Cybercriminals have been caught exploiting misconfigured Docker installations to spread crypto-mining malware. Researchers at
Tagged with: botnet • crypto • cryptomining • docker • exploit • fiends • insecure • installs • malware • mining
Barco wePresent Insecure Firmware Image ≈ Packet Storm
November 20th, 2020 📆 | 3684 Views ⚑
KL-001-2020-009 : Barco wePresent Insecure Firmware Image Title: Barco wePresent Insecure Firmware ImageAdvisory ID: KL-001-2020-009Publication Date: 2020.11.20Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-009.txt 1.
Tagged with: advisory • barco • CSRF • exploit • firmware • image • insecure • overflow • packet • scanner • security • storm • vulnerability • wepresent • whitepaper • XSS
TDM Digital Signage PC Player 4.1 Insecure File Permissions ≈ Packet Storm
October 28th, 2020 📆 | 4586 Views ⚑
TDM Digital Signage PC Player 4.1 Insecure File Permissions Vendor: TDM Trending Digital Marketing]Product web page: https://www.tdmsignage.comhttps://pro.sony/en_NL/products/display-software/tdm-ds1y-tdm-ds3yAffected version: 4.1.0.4 Summary:
Tagged with: advisory • CSRF • digital • exploit • File • insecure • overflow • packet • permissions • player • scanner • security • signage • storm • TDM • vulnerability • whitepaper • XSS
TDM Digital Signage PC Player 4.1 – Insecure File Permissions
October 27th, 2020 📆 | 4132 Views ⚑
# Exploit Title: TDM Digital Signage PC Player 4.1 - Insecure File Permissions # Date: 2020-09-23 # Exploit Author: LiquidWorm
Tagged with: digital • File • insecure • local • permissions • player • signage • TDM • windows
Popular
The best security conferences of 2021 December 21, 2020 The COVID-19 pandemic certainly threw a monkey wrench into the…
Windows 10 bug corrupts your hard drive on seeing… January 15, 2021 An unpatched zero-day in Microsoft Windows 10 allows attackers to…
WordPress Contact Form 7 5.3.1 Shell Upload ≈ Packet Storm December 22, 2020 # Exploit Title: Wordpress Plugin Contact Form 7 5.3.1 -…
A second hacking group has targeted SolarWinds systems December 21, 2020 As forensic evidence is slowly being unearthed in the aftermath…
Rioters Open Capitol’s Doors to Potential Cyberthreats January 7, 2021 Business Continuity Management / Disaster Recovery , Critical Infrastructure Security…![[webapps] Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)](https://www.digitalmunition.me/wp-content/uploads/spider-orange.png "[webapps] Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)")
[webapps] Sony Playstation 4 (PS4) < 7.02 -… December 26, 2020 Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit…
Samsung Galaxy Buds Pro: Review and Buying Guide January 16, 2021 Samsung is clearly aiming for the accessories markets too, with…
Members
Comments