This archive contains all of the 314 exploits added to Packet Storm in July, 2023.
191302f3c23f0570167c8994830ff34d1956d34e1b44695873e223f86dcdd584This Metasploit module exploits a SQL injection vulnerability in RudderStack's rudder-server, an open source Customer Data Platform (CDP). The vulnerability exists in versions of rudder-server prior to 1.3.0-rc.1. By exploiting this flaw, an attacker can execute arbitrary SQL commands, which may lead to remote code execution due to the rudder role in PostgreSQL having superuser permissions by default.
4a7457a1bba3ccf6db3434ee961f2c065cceb465b7e915484a770c32bf4d7babJoomla iProperty Real Estate extension version 4.1.1 suffers from a cross site scripting vulnerability.
b7b595b1ea5b9b2b8a96ad0e456a15b78b97aa366d383d880aee7ab6081a5cb3Codecanyon Bitcoin Tools Suite version 1.0 suffers from a local file inclusion vulnerability.
3f0b3f215e70dcb7b41afe2d7e625c808a42e076d6e7a88bfa606f27d166e4d7CMVC SHOP LMS version 2.1.0 suffers from a remote SQL injection vulnerability.
3f3080fb67d3a39a60fd548707202e7665e3a163c78d50f4b113c8a9f256111cmRemoteNG version 1.77.3.1784-NB exploit that extracts sensitive information that is stored in memory in the clear but encrypted at rest.
317d7c61096327e5b26547dc45e1871ea228f9b129d6c588a6ad96a624ad6231GreenShot version 1.2.10 suffers from an insecure deserialization arbitrary code execution vulnerability.
b26edbfe421934dee223c0345040828fff445263bcf0bca848f9ee4110b474efCMSshop version 1 suffers from a cross site scripting vulnerability.
987e4a7e0d2984ae1bf6c18eb68c0343d8d4d8903869ab00d311e71710917c70Copyparty version 1.8.2 suffers from a directory traversal vulnerability.
10dea046e820f717f8c60041a06363b7caa55cc55a7d734ee9c1a90c67a24bf5Copyparty version 1.8.6 suffers from a cross site scripting vulnerability.
de5e7bb15ea61e7046b163e6ca02eb273949a641b477e87ab36bbc4fab72aec3CMSninesol version 1.0 suffers from a cross site scripting vulnerability.
cc24590ed15ae36995cd07ce7d11d89d10fea2105fa99e86e76dd6c1fdfbd54fCMSdosma version 5.0 suffers from an insecure direct object reference vulnerability.
fbc286820adb3d7a60386aae9d392a9d75cc8045a54a8ac2650e030e11a9c93aWordPress AN_Gradebook plugin version 5.0.1 suffers from a remote SQL injection vulnerability.
f3f2c32d42ba9714cc476beac96be2915435a62f9fb51056b6cc33c01f91919fCMSJerusalem Weather Forecast version 1.3 suffers from a directory traversal vulnerability.
6a30edb7e87c542eafbdf52106a2abc66acb85ff395b20e46eabc304ff02c1e1October CMS version 3.4.4 suffers from a persistent cross site scripting vulnerability.
2a6cf254ba269a88aeaf0ea65b1a5330b5a6a87f4df89efa2421d3ebf8f202a0Yourdoctor CMS version 1.4 suffers from an insecure direct object reference vulnerability.
2ba746a4f2586f03fa47ed5715658a0b5baf4b1fef5ed3add9e648bd87841747An issue was discovered in Keeper Password Manager for Desktop version 16.10.2, and the KeeperFill Browser Extensions version 16.5.4, that allows local attackers to gain sensitive information via plaintext password storage in memory after the user is already logged in, and may persist after logout. Note that the vendor disputes this for two reasons - the information is inherently available during a logged-in session when the attacker can read from arbitrary memory locations, and information only remains available after logout because of memory-management limitations of web browsers (not because the Keeper technology itself is retaining the information).
8228457f02b7ab0fd7e392ec8e339789b9e311c048473f4d48761d9c915a58c0Buzzy News Viral Lists Polls and Videos version 2.5.2 appears to leave default credentials installed after installation.
3f71a1c11cb9e2314ecdb050a7f0a203a6a41ac0b23d07cba1a83ab7e3d39eabZomplog version 3.9 suffers from a persistent cross site scripting vulnerability.
cc0db0fb1a7ccd03846c0f382b23f5fea312a865dc95bc131ad8d9890766594cZomplog version 3.9 suffers from a remote code execution vulnerability.
f77a6a7c48327449348da78de2f6c3b1ec62333a61c8477f0e71d7985b38fdf1DBD E-Commerce version 2.0.6 suffers from a remote SQL injection vulnerability.
7e266b432c4a53c2aa3c0144285e0731a483b8a5a8115d7ba8cdbd41c09cd4bdRosarioSIS version 10.8.4 suffers from a CSV injection vulnerability.
5e3aa88d6214a4039f4fedd12a76c2566ad3ff48564037a0bd0c9b5f4529a180AMSS++ version 5.16 suffers from a remote SQL injection vulnerability.
1212c954ad1324a2a174b6322ee5ac02e83e8230e1e308d9682b9cb947e27490This Metasploit module exploits authentication bypass (CVE-2018-17153) and command injection (CVE-2016-10108) vulnerabilities in Western Digital MyCloud before 2.30.196 in order to achieve unauthenticated remote code execution as the root user. The module first performs a check to see if the target is WD MyCloud. If so, it attempts to trigger an authentication bypass (CVE-2018-17153) via a crafted GET request to /cgi-bin/network_mgr.cgi. If the server responds as expected, the module assesses the vulnerability status by attempting to exploit a commend injection vulnerability (CVE-2016-10108) in order to print a random string via the echo command. This is done via a crafted POST request to /web/google_analytics.php. If the server is vulnerable, the same command injection vector is leveraged to execute the payload. This module has been successfully tested against Western Digital MyCloud version 2.30.183.
0ce2f1497429d5e02113422d33a5d38d119e0b68b4af0aa04d5b4189b6ef07f8Joomla Solidres extension version 2.13.3 suffers from a cross site scripting vulnerability.
2ae48996993894a633fb76e87ae7d464ab6ad9123dbbc06bb9f5bb3f85a13dc9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed