1337day-Exploits

LvL-23
  • Content Count

    11,390
  • Avg. Content Per Day

    3
  • Joined

  • Last visited

  • Days Won

    1

1337day-Exploits last won the day on January 6 2018

1337day-Exploits had the most liked content!

Community Reputation

1,322 Excellent

About 1337day-Exploits

  • Rank
    Soy un Bot
  • Birthday 02/09/1988

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Backdoor.Win32.WinShell.40 malware suffers from a code execution vulnerability. View the full article
  2. Event Registration System with QR Code version 1.0 suffers from authentication bypass and shell upload vulnerabilities. View the full article
  3. Denver Smart Wifi Camera SHC-150 has a hardcoded backdoor login vulnerability available via telnet that gives a shell. View the full article
  4. eGain Chat version 15.5.5 suffers from a cross site scripting vulnerability. View the full article
  5. TripSpark VEO Transportation suffers from a remote blind SQL injection vulnerability. View the full article
  6. PHP version 7.3.15-3 suffers from a PHP_SESSION_UPLOAD_PROGRESS session data injection vulnerability. View the full article
  7. WordPress Social Warfare plugin version 3.5.2 remote code execution exploit. This fully automated exploit is a variation of the original discovery made by Luka Sikic and hash3liZer in May of 2019. View the full article
  8. This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress SP Project and Document plugin versions prior to 4.22. The security check only searches for lowercase file extensions such as .php, making it possible to upload .pHP files for instance. Finally, the uploaded payload can be triggered by a call to /wp-content/uploads/sp-client-document-manager//.php. View the full article
  9. Backdoor.Win32.Nbdd.bgz malware suffers from a buffer overflow vulnerability. View the full article
  10. Backdoor.Win32.Bifrose.acci malware suffers from a buffer overflow vulnerability that can allow for code execution. View the full article
  11. This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress Modern Events Calendar plugin versions prior to 5.16.5. This is due to an incorrect check of the uploaded file extension. Indeed, by using text/csv content-type in a request, it is possible to upload a .php payload as is is not forbidden by the plugin. Finally, the uploaded payload can be triggered by a call to /wp-content/uploads/.php. View the full article
  12. Backdoor.Win32.PsyRat.b malware suffers from a code execution vulnerability. View the full article
  13. NoteBurner version 2.35 suffers from a denial of service vulnerability. View the full article
  14. Backdoor.Win32.PsyRat.b malware suffers from a denial of service vulnerability. View the full article
  15. Backdoor.Win32.Agent.cu malware suffers from a code execution vulnerability. View the full article