Expoit Files ≈ Packet Storm

Packet Storm – Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

This Metasploit module exploits a command injection vulnerability in Grandstream GXV3175 IP multimedia phones. The settimezone action does not validate input in the timezone parameter allowing injection of arbitrary commands. A buffer overflow in the phonecookie cookie parsing allows authentication to be bypassed by providing an alphanumeric cookie 93 characters in length. This module was tested successfully on Grandstream GXV3175v2 hardware revision V2.6A with firmware version 1.0.1.19.
VMware vCenter Server is affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server that will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the root user in the case of the Linux virtual appliance and SYSTEM on Windows. This Metasploit module will start an LDAP server that the target will need to connect to. This exploit uses the logon page vector.
Ransomware Builder Babuk malware suffers from an insecure permissions vulnerability.
Backdoor.Win32.Wisell malware suffers from a remote command execution vulnerability.
The panel for Collector Stealer malware version 2.0.0 suffers from a man-in-the-middle vulnerability.
The panel for Collector Stealer malware version 2.0.0 stores the login credentials in plaintext in its MySQL database. Third-party attackers who gain access to the system can read the database username passwords without having to crack them offline.
VulturiBuilder malware suffers from an insecure permissions vulnerability.
WordPress Email Template Designer – WP HTML Mail plugin versions 3.0.9 and below suffer from a cross site scripting vulnerability.

Archeevo 5.0 Local File Inclusion

18 January 2022, 4:45 pm

Archeevo version 5.0 suffers from a local file inclusion vulnerability.
Landa Driving School Management System version 2.0.1 suffers from an arbitrary file upload vulnerability.
Online Resort Management System version 1.0 suffer from remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to nu11secur1ty on January 10, 2022.
Simple Chatbot Application version 1.0 suffers from a remote shell upload vulnerability.
Simple Chatbot Application version 1.0 suffers from a remote blind SQL injection vulnerability.

Nyron 1.0 SQL Injection

18 January 2022, 4:32 pm

Nyron version 1.0 suffers from a remote SQL injection vulnerability.

OpenBMCS 2.4 Secret Disclosure

17 January 2022, 4:52 pm

OpenBMCS version 2.4 suffers from a secret disclosure vulnerability.
OpenBMCS version 2.4 suffers from remote file inclusion and server-side request forgery vulnerabilities.
AgentTesla Builder Web Panel malware suffers from a remote SQL injection vulnerability.
AgentTesla Builder Web Panel malware suffers from a cross site scripting vulnerability.
OpenBMCS version 2.4 create administrator proof of concept exploit that leverages a remote privilege escalation vulnerability.

OpenBMCS 2.4 SQL Injection

17 January 2022, 4:46 pm

OpenBMCS version 2.4 suffers from an authenticated remote SQL injection vulnerability.
Chaos Ransomware Builder version 4 malware suffers from an insecure permissions vulnerability.
OpenBMCS version 2.4 suffers from a cross site request forgery vulnerability.
Win32.MarsStealer Web Panel malware suffers from an unauthenticated remote data deletion vulnerability.
Win32.MarsStealer Web Panel malware suffers from a cross site scripting vulnerability.
SB Admin suffers from cross site request forgery and remote SQL injection vulnerabilities.