Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) contains a design gap that allows authenticated user to download arbitrary content files regardless of the attacker’s repository permissions. Source: Opentext Documentum Content Server File Download
The post Opentext Documentum Content Server File Download appeared first on MondoUnix.
E-Sic Software livre CMS version 1.0 suffers from authentication bypass, cross site scripting, and remote SQL injection vulnerabilities.
Source: E-Sic Software livre CMS 1.0 Cross Site Scripting / SQL Injection
The post E-Sic Software livre CMS 1.0 Cro…
There exists an unauthenticated SEH based vulnerability in the HTTP server of Sync Breeze Enterprise version 10.1.16, when sending a GET request with an excessive length it is possible for a malicious user to overwrite the SEH record and execute a payload that would run under the Windows NT AUTHORITYSYSTEM account. The SEH record is […]
The post SyncBreeze 10.1.16 SEH GET Overflow appeared first on MondoUnix.
Typo3 Restler extension version 1.7.0 suffers from a local file disclosure vulnerability.
Source: Typo3 Restler 1.7.0 Local File Disclosure
The post Typo3 Restler 1.7.0 Local File Disclosure appeared first on MondoUnix.
This Metasploit module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off by abusing the way “WinSxS” works in Windows systems. This Metasploit module uses the Reflective DLL Injection technique to drop only the DLL payload binary instead […]
The post Windows Escalate UAC Protection Bypass (In Memory Injection) Abusing WinSXS appeared first on MondoUnix.
This Metasploit module exploits the authentication bypass and command injection vulnerability together. Unauthenticated users can execute a terminal command under the context of the web server user. The specific flaw exists within the management interface, which listens on TCP port 443 by default. Trend Micro IMSVA product have widget feature which is implemented with PHP. […]
The post Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution appeared first on MondoUnix.
This Metasploit module uploads a jsp payload and executes it.
Source: Tomcat JSP Upload Bypass Remote Code Execution
The post Tomcat JSP Upload Bypass Remote Code Execution appeared first on MondoUnix.
X-Cart versions 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 suffer from a PHP code injection vulnerability.
Source: X-Cart 5.2.23 / 5.3.1.9 / 5.3.2.13 / 5.3.3 PHP Code Injection
The post X-Cart 5.2.23 / 5.3.1.9 / 5.3.2.13 / 5.3.3 PHP Code Injection appeared f…
OctoberCMS version 1.0.425 suffers from a stored cross site scripting vulnerability.
Source: OctoberCMS 1.0.425 Cross Site Scripting
The post OctoberCMS 1.0.425 Cross Site Scripting appeared first on MondoUnix.
WordPress PopCash.Net Publisher Code Integration plugin version 1.0 suffers from a cross site scripting vulnerability.
Source: WordPress PopCash.Net Publisher Code Integration 1.0 Cross Site Scripting
The post WordPress PopCash.Net Publisher Code Integ…
