[FD] Backdoor.Win32.Avstral.e / Unauthenticated Remote Command Execution

2022-03-28 Thread malvuln
Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/35f0d754f161af35241cb081c73ea6dd.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Backdoor.Win32.Avstral.e Vulnerability: Unauthenticated Remote Command Execution Family: Avstral Ty

[FD] Backdoor.Win32.Chubo.c / Cross Site Scripting (XSS)

2022-03-28 Thread malvuln
Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/c16b04a9879896ef453a6deb13528087_B.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Backdoor.Win32.Chubo.c Vulnerability: Cross Site Scripting (XSS) Family: Chubo Type: Web Panel MD

[FD] Backdoor.Win32.Chubo.c / Unauthenticated Remote Command Execution

2022-03-28 Thread malvuln
Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/c16b04a9879896ef453a6deb13528087.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Backdoor.Win32.Chubo.c Vulnerability: Unauthenticated Remote Command Execution Family: Chubo Type:

[FD] Backdoor.Win32.Cafeini.b / Weak Hardcoded Credentials

2022-03-28 Thread malvuln
Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/b24c56abb4bde960c2d51d4e509d2c68_B.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Backdoor.Win32.Cafeini.b Vulnerability: Weak Hardcoded Credentials Family: Cafeini Type: PE32 MD5

[FD] Backdoor.Win32.Cafeini.b / Denial of Service

2022-03-28 Thread malvuln
Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/b24c56abb4bde960c2d51d4e509d2c68.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Backdoor.Win32.Cafeini.b Vulnerability: Denial of Service Family: Cafeini Type: PE32 MD5: b24c56abb

[FD] Backdoor.Win32.Cyn.20 / Insecure Permissions

2022-03-28 Thread malvuln
Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/3dd1da64e306cae0409e154e15dd1b80.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Backdoor.Win32.Cyn.20 Vulnerability: Insecure Permissions Description: The malware writes a ".EXE"

Re: [FD] ImpressCMS: from unauthenticated SQL injection to RCE

2022-03-28 Thread Egidio Romano
Hello again, Just wanted to let you know I updated the blog post with some more details: apparently, this technique could be abused to bypass WAFs such as OWASP ModSecurity CRS (Paranoia Level 1) and Cloudflare, check it out! /EgiX On Wed, Mar 23, 2022 at 3:07 PM Egidio Romano wrote: > Hello l

[FD] PHP filter_var vulnerability

2022-03-28 Thread Jordy Zomer
Hello! When the filter_var function is used in conjunction with the flags FILTER_VALIDATE_DOMAIN and FILTER_FLAG_HOSTNAME, there is a vulnerability in PHP that allows the filter to be bypassed. This vulnerability could be used to introduce vulnerabilities into code that would otherwise be safe