This archive contains all of the 177 exploits added to Packet Storm in July, 2021.
1fdcdcb3bc9a8d854ad1cfa355d3b4aa25406c916a2b4fee1228b83fc44e31c7Men Salon Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6db934493410936f3554d921a489b373ad2c02535b49dfdff290539e5ae56fe0Pi-Hole versions 3.0 through 5.3 allows for command line input to the removecustomcname, removecustomdns, and removestaticdhcp functions without properly validating the parameters before passing to sed. When executed as the www-data user, this allows for a privilege escalation to root since www-data is in the sudoers.d/pihole file with no password.
7265358e3e4327bc951c92f719451fce4a2ce957a5c1a6bde9f57d3d6646ee0fPanasonic Sanyo CCTV Network Camera version 2.03-0x allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. These actions can be exploited to perform authentication detriment and account password change with administrative privileges if a logged-in user visits a malicious web site.
99282d0ad093fb7f0b78aa1a3e353d972615b19e9b6715a70f10d0e4ebbfcf3cObjectPlanet Opinio version 7.13 suffers from a remote shell upload vulnerability.
6146594a8eedc5b48c3895039ed9ff9b2da349396d6a84e9003398290c0214e6ObjectPlanet Opinio version 7.13 suffers from an expression language injection vulnerability.
a3eb218a2f08f0bd814466c67083d00a77e140446ee2dfeedea41ff480fbbb9fObjectPlanet Opinio versions 7.13 and 7.14 suffer from an XML external entity injection vulnerability.
af1eaef07e52be0596d75f8c870d0a1dc0e3ff1cc76c2eabee1d671f01d9c7f4The msExchStorageGroup schema class added during Exchange installation can be used to create almost any AD object including users, groups or domain trusts leading to elevation of privilege.
627232e16239714ec375a9cfcdcb5ae5ed42b0f516a9d4728d978cfb3abf4962Oracle Fatwire version 6.3 suffers from cross site scripting and remote SQL injection vulnerabilities.
38f80fca24b17f32a9e3da9f5471c31d26cc3bb1e197893519649f27a2ab75e3Longjing Technology BEMS API version 1.21 suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.
ecde74e6d4e7cbe2d1a44b93eaae60686b9045e1ada24356e1f1263b9c767441Denver IP Camera SHO-110 suffers from an unauthenticated disclosure of a snapshot.
7b7a36e0ae757da258c9cf9c116c4320968424f0cd6c800ff639f92f245a5ca8ObjectPlanet Opinio version 7.12 suffers from reflective and persistent cross site scripting vulnerabilities.
f500e5fdb33867b5edf3170e3933efe781565d176bbb6a77f75941889807d9d6CloverDX version 5.9.0 cross site request forgery to remote code execution exploit.
596b2eea2e27565ab3f218e20a495aaef02193748d901ef08464493dd7fc27d9Care2x Integrated Hospital Info System version 2.7 suffers from multiple remote SQL injection vulnerabilities.
813565cbac4fa2b60990827c97c4b6014e8013852af0c5279d6bbe5c159039f1IntelliChoice eFORCE Software Suite version 2.5.9 allows for username enumeration.
b4598723e07ce8a6c4f8a1ac2fbd7802bf319eccafe1b549bb7d97c72f235792Backdoor.Win32.WinShell.40 malware suffers from a code execution vulnerability.
36bd0dcd70c37c0f6388382b04be4c7bcc24e363234f2224ab11193b7ad7cfbaEvent Registration System with QR Code version 1.0 suffers from authentication bypass and shell upload vulnerabilities.
fc40291e7f367fc138282d091bd129a8e4f3f89060b16b7bf82ad2b4becc1492Denver Smart Wifi Camera SHC-150 has a hardcoded backdoor login vulnerability available via telnet that gives a shell.
789b4b83a370842e480d42282232176547990a8306c7562bcb40708246fa13c9eGain Chat version 15.5.5 suffers from a cross site scripting vulnerability.
86f82233af5a41046687330cd64e5466b63f4308ade16bd242d6db2f54261ee8TripSpark VEO Transportation suffers from a remote blind SQL injection vulnerability.
ba67407364e373aec38862e6aebf93a49d2b7648ca3308acedd73cf52d3ddd30PHP version 7.3.15-3 suffers from a PHP_SESSION_UPLOAD_PROGRESS session data injection vulnerability.
0d7b754de6ea28230085a820164b59d8636ad39721aaac177baa5ce7b9713c5dWordPress Social Warfare plugin version 3.5.2 remote code execution exploit. This fully automated exploit is a variation of the original discovery made by Luka Sikic and hash3liZer in May of 2019.
b785ce9bbb7301394cd05d0cd3354c1e425e2b69c30d276978e785ec476f8252This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress SP Project and Document plugin versions prior to 4.22. The security check only searches for lowercase file extensions such as .php, making it possible to upload .pHP files for instance. Finally, the uploaded payload can be triggered by a call to /wp-content/uploads/sp-client-document-manager/<user_id>/<random_payload_name>.php.
7d2c3f217f9d96a1b8933d18886edae37099a342dcf9addd2e24438914311c20Backdoor.Win32.Nbdd.bgz malware suffers from a buffer overflow vulnerability.
02a6e6b4e7f1ee2a3ee5d1ff17768628f0fd9a6cf9e2fe485ffa062e136c4971Backdoor.Win32.Bifrose.acci malware suffers from a buffer overflow vulnerability that can allow for code execution.
e7ff7beba1447ac3d608179f7dbf177816f920b58076bfc625d74462128d57c3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed