CVE-2021-28969

eMPS 9.0.1.923211 on FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sort_by parameter to the email search feature.

https://cve.reconshell.com/cve/CVE-2021-28969

CVE-2021-31607

In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion.

https://cve.reconshell.com/cve/CVE-2021-31607

CVE-2019-25013

The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.

https://cve.reconshell.com/cve/CVE-2019-25013

Overlord - Red Teaming Infrastructure Automation

#RedTeaming #Overlord #C2 #Phishing

https://reconshell.com/overlord-red-teaming-infrastructure-automation/

fav-up IP lookup by favicon using Shodan

#Shodan #IPLookup #CloudFlare

https://reconshell.com/fav-up-ip-lookup-by-favicon-using-shodan/

CVE-2021-2202

Vulnerability in the MySQL Server product of Oracle MySQL Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.

https://cve.reconshell.com/cve/CVE-2021-2202

CVE-2021-22204

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

https://cve.reconshell.com/cve/CVE-2021-22204

POC

CVE-2021-21643

#CVE

Jenkins Config File Provider Plugin 3.7.0 and earlier allowing attackers with global Job/Configure permission to enumerate system-scoped credentials IDs of credentials stored in Jenkins.

https://cve.reconshell.com/cve/CVE-2021-21643

CVE-2021-2157

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability

https://cve.reconshell.com/cve/CVE-2021-2157

CVE-2021-2161

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).

https://cve.reconshell.com/cve/CVE-2021-2161

JHipster - A Full Stack Web Development Platform for the Modern Developer

#JHipster #MVVMFramework #FullStackWebDevelopment #FullStackDeveloper

https://reconshell.com/jhipster-a-full-stack-web-development-platform-for-the-modern-developer/

Best Node.Js Books For Beginner and Expert Developers

#NodeJS #JavaScript #NodeJSBooks #NodeCookbook #JS

https://reconshell.com/best-node-js-books-for-beginner-and-expert-developers/

CVE-2020-17523

Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass.

https://cve.reconshell.com/cve/CVE-2020-17523

CrossLinked - LinkedIn Enumeration Tool

#LinkedInEnumerationTool #Enumeration #CrossLinked #LinkedIn

https://reconshell.com/crosslinked-linkedin-enumeration-tool/

DNSpeep - Spy On The DNS Queries

#DNS #Spy #DNSQueries #DNSpeep #MITM

https://reconshell.com/dnspeep-spy-on-the-dns-queries/

CVE-2021-2163

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).

https://cve.reconshell.com/cve/CVE-2021-2163

CVE-2021-20693

Improper access control vulnerability in Gurunavi App for Android ver.10.0.10 and earlier and for iOS ver.11.1.2 and earlier allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App.

https://cve.reconshell.com/cve/CVE-2021-20693

Linux enumeration tool for pentesting

#Linux #Pentesting #LinuxEnumeration #CTFs #LinEnum

https://reconshell.com/linux-enumeration-tool-for-pentesting/

FinDOM-XSS – a fast DOM based XSS vulnerability scanner

#XSS #DOMbasedXSS #vulnerability #scanner

https://reconshell.com/findom-xss-a-fast-dom-based-xss-vulnerability-scanner/