PRINT
PRINT
SEND MAIL
SEND MAIL
EXPLOIT-COLLECTOR

DotNetNuke Events Calendar 1.x File Download

DotNetNuke Events Calendar module version 1.x suffers from a file download vulnerability.

EXPLOIT-COLLECTOR

Webmin 1.900 Remote Command Execution

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.900 and below. Any user authorized to the "Java file manager" and "Upload and Download" fields, to execute arbitrary commands with root privileges. In addition, "Running Processes" field must be authorized to discover the directory to be uploaded. A vulnerable file can be printed on the original files of the Webmin application. The vulnerable file we are uploading should be integrated with the application. Therefore, a ".cgi" file with the vulnerability belong…

Integrated Penetration-Test EnvironmentIPENEW TOOLSPenetration TestPenetration Test IDE

Faraday v3.5 – Collaborative Penetration Test and Vulnerability Management Platform

Here’s the main new features and improvements in Faraday v3.5:New vulnerability formWe are happy to introduce our new vulnerability form which makes the creation and editing of vulnerabilities easier.  The new form brings you tabs to make it smaller and group different fields.Custom fieldsAdd your own custom fields to your vulnerabilities. We currently support str, int and list types. You can also use these fields in your Executive Reports.2nd-factor authenticationWe added the optional feature for 2nd-factor authentication. You can use any mobile application to use…