BuilderRevengeRAT – (Revenge-RAT v0.3) / XML External Entity Injection
Posted by malvuln on Mar 20 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/531d8b4ac8f7eb827d62424169321b2b.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
BuilderTorCTPHPRAT.b / Remote Persistent XSS
Posted by malvuln on Mar 20 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/838f67d7a4b6824ec59892057aab3bb7_C.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
BuilderTorCTPHPRAT.b / Arbitrary File Upload – RCE
Posted by malvuln on Mar 20 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/838f67d7a4b6824ec59892057aab3bb7_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
BuilderTorCTPHPRAT.b / Insecure Credential Storage
Posted by malvuln on Mar 20 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/838f67d7a4b6824ec59892057aab3bb7.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
BuilderPandoraRat.b – (Pandora Rat 2.2 [Beta].exe) / Insecure Credential Storage
Posted by malvuln on Mar 20 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/ae4a409d217bbd538009fbbb5457e754.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
BuilderOrcus (Orcus.Administration-cracked.exe) / Insecure Credential Storage
Posted by malvuln on Mar 20 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/cc3670f1b3e60e00b43c86d787563a44_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
BuilderOrcus (Orcus.Administration-cracked.exe) / Insecure Permissions
Posted by malvuln on Mar 20 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/cc3670f1b3e60e00b43c86d787563a44.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
[CVE-2021-42063] SAP Knowledge Warehouse <= 7.50 "SAPIrExtHelp" Reflected XSS
Posted by Julien Ahrens (RCE Security) on Mar 20 RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SAP Knowledge Warehouse Vendor URL: https://help.sap.com/viewer/816f1f952d244bbf9dd5063e2a0e66b0/7.5.21/en-US/4dc9605e4a9d6522e10000000a15822b.html Type:...
CVE-2021-45491: Exportable Cleartext Passwords in the 3CX Phone System
Posted by Emanuel DUSS on Mar 20 ############################################################# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # ############################################################# # # Product: 3CX Phone System # Vendor:...
CVE-2021-45490: Missing Certificate Verification in 3CX Client for Windows (legacy), Android & iOS
Posted by Emanuel DUSS on Mar 20 ############################################################# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # ############################################################# # # Product: 3CX Client for Windows (legacy),...