1337day-Exploits

LvL-23
  • Content Count

    10,155
  • Avg. Content Per Day

    3
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by 1337day-Exploits

  1. Backdoor.Win32.NetBull.11.a malware suffers from a remote buffer overflow vulnerability. View the full article
  2. Email-Worm.Win32.Agent.gi malware suffers from a remote stack buffer overflow vulnerability. View the full article
  3. Constructor.Win32.SMWG.c malware suffers from an insecure permissions vulnerability. View the full article
  4. Constructor.Win32.SMWG.a suffers from an insecure permissions vulnerability. View the full article
  5. Newfuture Trojan V.1.0 BETA 1 malware suffers from an insecure permissions vulnerability. View the full article
  6. osTicket 1.14.2 suffers from a server-side request forgery vulnerability. View the full article
  7. This exploit leverages a file write vulnerability in the print spooler service which will restart if stopped. Because the service cannot be stopped long enough to remove the dll, there is no way to remove the dll once it is loaded by the service. Essentially, on default settings, this module adds a permanent elevated backdoor. View the full article
  8. Cisco UCS Manager version 2.2(1d) remote command execution exploit. An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and 3.0 before 3.0(2e) allows remote attackers to execute arbitrary shell commands via a crafted HTTP request, aka Bug ID CSCur90888. View the full article
  9. Inteno IOPSYS version 3.16.4 suffers from a newline injection issue with samba share options that allows an attacker root access to the filesystem. View the full article
  10. Backdoor.Win32.Mnets malware suffers from a remote stack buffer overflow vulnerability. View the full article
  11. Backdoor.Win32.Whgrx malware suffers from a remote host header stack buffer overflow vulnerability. View the full article
  12. Life Insurance Management System version 1.0 suffers from a remote shell upload vulnerability. View the full article
  13. Life Insurance Management System version 1.0 suffers from a remote SQL injection vulnerability. View the full article
  14. Backdoor.Win32.Latinus.b malware suffers from a remote buffer overflow vulnerability. View the full article
  15. MaskPE by yzkzero is a tool for implanting backdoors in existing PE files. The backdoor tool does not properly check the files it loads and falls victim to a file based local buffer overflow. View the full article
  16. Xwiki CMS version 12.10.2 suffers from a cross site scripting vulnerability. View the full article
  17. MaskPE by yzkzero is a tool for implanting backdoors in existing PE files. The backdoor tool does not properly check the files it loads and falls victim to a file based local buffer overflow. View the full article
  18. 1337day-Exploits

    ExploitsZynOS rom-0 Flaw Scanner

    ZynOS scanning script that exploits an unauthenticated rom-o file disclosure containing the router password. View the full article
  19. This Metasploit module exploits an authentication bypass in Netsia SEBA+ versions 0.16.1 and below to add a root user. View the full article
  20. Alumni Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of cross scripting vulnerability in this version is attributed to Valerio Alessandroni in December of 2020. View the full article
  21. E-Learning System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass and also suffers from remote code execution via file upload functionality. View the full article
  22. Backdoor.Win32.Ncx.bt malware suffers from a remote stack buffer overflow vulnerability. View the full article
  23. EyesOfNetwork version 5.3 suffers from a remote code execution vulnerability that leverages file upload. Original discovery of remote code execution in this version is attributed to Clement Billac in February of 2020. View the full article
  24. Online Hotel Reservation System version 1.0 suffers from a cross site request forgery vulnerability. View the full article
  25. Online Hotel Reservation System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version was discovered by Richard Jones in January of 2021. View the full article