Subscribe via feed.
Archive for July, 2019

Apache Tomcat CGIServlet enableCmdLineArguments Remote Code Execution

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits a vulnerability in Apache Tomcat’s CGIServlet component. When the enableCmdLineArguments setting is set to true, a remote user can abuse this to execute system commands, and gain remote code execution.

[local] Serv-U FTP Server – prepareinstallation Privilege Escalation (Metasploit)

Posted by deepcore under Security (No Respond)

Serv-U FTP Server – prepareinstallation Privilege Escalation (Metasploit)

Tags: ,

[webapps] Symantec DLP 15.5 MP1 – Cross-Site Scripting

Posted by deepcore under Security (No Respond)

Symantec DLP 15.5 MP1 – Cross-Site Scripting

Tags: ,

Linux Mint 19.1 yelp Command Injection

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits a vulnerability within the “ghelp”, “help” and “man” URI handlers within Linux Mint’s “ubuntu-system-adjustments” package. Invoking any one the URI handlers will call the python script “/usr/local/bin/yelp” with the contents of the supplied URI handler as its argument. The script will then search for the strings “gnome-help” or “ubuntu-help” and if […]

FaceSentry Access Control System 6.4.8 Remote Root

Posted by deepcore under exploit (No Respond)

FaceSentry Access Control System version 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the ‘strInIP’ POST parameter in pingTest PHP script.

CyberPanel 1.8.4 Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

CyberPanel version 1.8.4 suffers from a cross site request forgery vulnerability.

FaceSentry Access Control System 6.4.8 Remote SSH Root Access

Posted by deepcore under exploit (No Respond)

FaceSentry Access Control System version 6.4.8 facial biometric access control appliance ships with hard-coded and weak credentials for SSH access on port 23445 using the credentials wwwuser:123456. The root privilege escalation is done by abusing the insecure sudoers entry file.

FaceSentry Access Control System 6.4.8 Reflected Cross Site Scripting

Posted by deepcore under exploit (No Respond)

FaceSentry Access Control System version 6.4.8 is vulnerable to multiple cross site scripting vulnerabilities. This issue is due to the application’s failure to properly sanitize user-supplied input thru the ‘msg’ parameter (GET) in pluginInstall.php script. An attacker may leverage any of the cross-site scripting issues to have arbitrary script code executed in the browser of […]

SquirrelMail 1.4.22 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

SquirrelMail version 1.4.22 suffers from a cross site scripting vulnerability.

FaceSentry Access Control System 6.4.8 Authentication Credential Disclosure

Posted by deepcore under exploit (No Respond)

FaceSentry Access Control System version 6.4.8 suffers from a cleartext transmission of sensitive information. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack.