This archive contains all of the 177 exploits added to Packet Storm in July, 2021.
1fdcdcb3bc9a8d854ad1cfa355d3b4aa25406c916a2b4fee1228b83fc44e31c7
Men Salon Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6db934493410936f3554d921a489b373ad2c02535b49dfdff290539e5ae56fe0
Pi-Hole versions 3.0 through 5.3 allows for command line input to the removecustomcname, removecustomdns, and removestaticdhcp functions without properly validating the parameters before passing to sed. When executed as the www-data user, this allows for a privilege escalation to root since www-data is in the sudoers.d/pihole file with no password.
7265358e3e4327bc951c92f719451fce4a2ce957a5c1a6bde9f57d3d6646ee0f
Panasonic Sanyo CCTV Network Camera version 2.03-0x allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. These actions can be exploited to perform authentication detriment and account password change with administrative privileges if a logged-in user visits a malicious web site.
99282d0ad093fb7f0b78aa1a3e353d972615b19e9b6715a70f10d0e4ebbfcf3c
ObjectPlanet Opinio version 7.13 suffers from a remote shell upload vulnerability.
6146594a8eedc5b48c3895039ed9ff9b2da349396d6a84e9003398290c0214e6
ObjectPlanet Opinio version 7.13 suffers from an expression language injection vulnerability.
a3eb218a2f08f0bd814466c67083d00a77e140446ee2dfeedea41ff480fbbb9f
ObjectPlanet Opinio versions 7.13 and 7.14 suffer from an XML external entity injection vulnerability.
af1eaef07e52be0596d75f8c870d0a1dc0e3ff1cc76c2eabee1d671f01d9c7f4
The msExchStorageGroup schema class added during Exchange installation can be used to create almost any AD object including users, groups or domain trusts leading to elevation of privilege.
627232e16239714ec375a9cfcdcb5ae5ed42b0f516a9d4728d978cfb3abf4962
Oracle Fatwire version 6.3 suffers from cross site scripting and remote SQL injection vulnerabilities.
38f80fca24b17f32a9e3da9f5471c31d26cc3bb1e197893519649f27a2ab75e3
Longjing Technology BEMS API version 1.21 suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.
ecde74e6d4e7cbe2d1a44b93eaae60686b9045e1ada24356e1f1263b9c767441
Denver IP Camera SHO-110 suffers from an unauthenticated disclosure of a snapshot.
7b7a36e0ae757da258c9cf9c116c4320968424f0cd6c800ff639f92f245a5ca8
ObjectPlanet Opinio version 7.12 suffers from reflective and persistent cross site scripting vulnerabilities.
f500e5fdb33867b5edf3170e3933efe781565d176bbb6a77f75941889807d9d6
CloverDX version 5.9.0 cross site request forgery to remote code execution exploit.
596b2eea2e27565ab3f218e20a495aaef02193748d901ef08464493dd7fc27d9
Care2x Integrated Hospital Info System version 2.7 suffers from multiple remote SQL injection vulnerabilities.
813565cbac4fa2b60990827c97c4b6014e8013852af0c5279d6bbe5c159039f1
IntelliChoice eFORCE Software Suite version 2.5.9 allows for username enumeration.
b4598723e07ce8a6c4f8a1ac2fbd7802bf319eccafe1b549bb7d97c72f235792
Backdoor.Win32.WinShell.40 malware suffers from a code execution vulnerability.
36bd0dcd70c37c0f6388382b04be4c7bcc24e363234f2224ab11193b7ad7cfba
Event Registration System with QR Code version 1.0 suffers from authentication bypass and shell upload vulnerabilities.
fc40291e7f367fc138282d091bd129a8e4f3f89060b16b7bf82ad2b4becc1492
Denver Smart Wifi Camera SHC-150 has a hardcoded backdoor login vulnerability available via telnet that gives a shell.
789b4b83a370842e480d42282232176547990a8306c7562bcb40708246fa13c9
eGain Chat version 15.5.5 suffers from a cross site scripting vulnerability.
86f82233af5a41046687330cd64e5466b63f4308ade16bd242d6db2f54261ee8
TripSpark VEO Transportation suffers from a remote blind SQL injection vulnerability.
ba67407364e373aec38862e6aebf93a49d2b7648ca3308acedd73cf52d3ddd30
PHP version 7.3.15-3 suffers from a PHP_SESSION_UPLOAD_PROGRESS session data injection vulnerability.
0d7b754de6ea28230085a820164b59d8636ad39721aaac177baa5ce7b9713c5d
WordPress Social Warfare plugin version 3.5.2 remote code execution exploit. This fully automated exploit is a variation of the original discovery made by Luka Sikic and hash3liZer in May of 2019.
b785ce9bbb7301394cd05d0cd3354c1e425e2b69c30d276978e785ec476f8252
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress SP Project and Document plugin versions prior to 4.22. The security check only searches for lowercase file extensions such as .php, making it possible to upload .pHP files for instance. Finally, the uploaded payload can be triggered by a call to /wp-content/uploads/sp-client-document-manager/<user_id>/<random_payload_name>.php.
7d2c3f217f9d96a1b8933d18886edae37099a342dcf9addd2e24438914311c20
Backdoor.Win32.Nbdd.bgz malware suffers from a buffer overflow vulnerability.
02a6e6b4e7f1ee2a3ee5d1ff17768628f0fd9a6cf9e2fe485ffa062e136c4971
Backdoor.Win32.Bifrose.acci malware suffers from a buffer overflow vulnerability that can allow for code execution.
e7ff7beba1447ac3d608179f7dbf177816f920b58076bfc625d74462128d57c3