This Metasploit module exploits an improper input validation vulnerability in MyBB versions prior to 1.8.30 to execute arbitrary code in the context of the user running the application. The MyBB Admin Control setting page calls the PHP eval function with unsanitized user input. The exploit adds a new setting, injecting the payload in the vulnerable field, and triggers its execution with a second request. Finally, it takes care of cleaning up and removes the setting. Note that authentication is required for this exploit to work and the account must have rights to add or update settings (typically, the myBB administrator role).
b59589e32d8e76fd8a874fc6ea8f9b40d067ee43017c9072165e2a8ca889d7de
Ubuntu Security Notice 5454-1 - Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly use this issue to open a session as an administrator and execute arbitrary code. It was discovered that CUPS incorrectly handled certain memory operations when handling IPP printing. A remote attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
a249405b5165a2372ebd7fe96d1ea75f86c214212f1fdb4f65cd57f2f2386409
Red Hat Security Advisory 2022-4824-01 - Fapolicyd implements application whitelisting to decide file access rights. Applications that are known via a reputation source are allowed access while unknown applications are not. The daemon makes use of the kernel's fanotify interface to determine file access rights.
63f46eb34147998a70eee563433b103d5b44d940adefab4f8053c0cbb6a7f417
Red Hat Security Advisory 2022-4814-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include denial of service and memory exhaustion vulnerabilities.
de3fa8ee040cf6c28c1affa37a50086f48d77a4fce95eaf6d26445098ef47a20
Red Hat Security Advisory 2022-4818-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Issues addressed include an integer overflow vulnerability.
0ab816c0409818c434abf2a05a67d1962bc7a39d504eccbe13d907a00d8000f6
Red Hat Security Advisory 2022-4808-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. The rsyslog7 packages provide an enhanced, multi-threaded syslog daemon. It supports on-demand disk buffering, reliable syslog over TCP, SSL, TLS and RELP, writing to databases, email alerting, fully configurable output formats, the ability to filter on any part of the syslog message, on-the-wire message compression, and the ability to convert text files to syslog. Issues addressed include a heap overflow vulnerability.
68173f6ada716e1aea998606f5823f010cefd5e6a1390ad47852b4863f5f9e4a
Red Hat Security Advisory 2022-2281-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 3.11.705.
dcbf14fb19ab25d7f2d075610b14da178e9c1cebabd792bb117f04a6ed6e7627
Red Hat Security Advisory 2022-4835-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a buffer overflow vulnerability.
95e6988a22aa68f0965fe8c0ed0beb190a989b46f0cb37acca9c9c1cbf977f6e
Red Hat Security Advisory 2022-4807-01 - PostgreSQL is an advanced object-relational database management system.
1524b4c65ae52a34aba64e454679b7f54723c6a0a1f56a84917242dede9728c9
Red Hat Security Advisory 2022-4816-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a privilege escalation vulnerability.
9fa88e188095882b2a08b4bee02c459a7526543f826e9e99ebc12455fe29ab6b
Red Hat Security Advisory 2022-4829-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
ad0fd43064be22bb37ddd07867ae9d80aa8c4098cb6cb7b6d692807f50259921
Red Hat Security Advisory 2022-4809-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a buffer overflow vulnerability.
6c9fa73b99bf34dd383cf4aa43127c6c10d0793e5572f9b761e720b73cfb583f
Red Hat Security Advisory 2022-4834-01 - Expat is a C library for parsing XML documents. Issues addressed include an integer overflow vulnerability.
a92e3678495a4091a54c3b74932f7bb9617ab5fca4675c0b227fffa974d7d3fc
Red Hat Security Advisory 2022-2280-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.705. Issues addressed include cross site scripting and denial of service vulnerabilities.
2aaf580732c87ac7f6d5949297f4c4b4678bfd74c475f94aed437aad9388280d
Ubuntu Security Notice 5446-2 - USN-5446-1 fixed a vulnerability in dpkg. This update provides the corresponding update for Ubuntu 16.04 ESM. Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system.
09e0a2a5f3f508ae625251c9b9a3fed6af290d242230a27742b820979dde90ea
Red Hat Security Advisory 2022-4798-01 - The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Issues addressed include a code execution vulnerability.
1309389c0ebcfedcfe0cf3e2036ef5cec3b385ffa6c7f63fb2ee62b0c52e20f8
Proof of concept for the remote code execution vulnerability in MSDT known as Follina.
53ac1f74816b206d64cdb03e581a54d26e7aad446de7be2e6ecd1af77d47ebc2
Ubuntu Security Notice 5453-1 - It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to cause a denial of service.
56883280f88cec7accde50a1ed1210ebfcb156e7c5b2de7b72e48c1a713cb1be
Red Hat Security Advisory 2022-4805-01 - PostgreSQL is an advanced object-relational database management system.
19e113c062e6d076e82801a44fc7c5a93c5bae4f5e50097cfe260fcc563d2a5f
Red Hat Security Advisory 2022-4771-01 - PostgreSQL is an advanced object-relational database management system.
f7bcaff63d1c0119178a96096d52f878afa95365ed319f815c8210aee497b542
Proof of concept exploit for the Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution vulnerability dubbed Follina.
21dda01f8e88aa4687f62848057799f68aeaf508af81b73f3368b5656c8f92fe
Red Hat Security Advisory 2022-4795-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a heap overflow vulnerability.
85c6d5e5f18689658a3feba8334a5ca9f5ee4025d096c7ff8ad2c06bf04ba9df
Red Hat Security Advisory 2022-4803-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a heap overflow vulnerability.
caa995502c0716dd3e0b4c8882ef4649db32bbd054c2d5347d136d6f14f1019c
Red Hat Security Advisory 2022-4797-01 - The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Issues addressed include a code execution vulnerability.
9c64a3ea568a1fafef9d50e3f7ba25a5f9bf6596c3a4390eccf7feae5c3823f0
Fast Food Ordering System version 1.0 suffers from a persistent cross site scripting vulnerability.
f7e3bfe2b6055902c2854c036cbb8c36e7bf630d5e1d2ceaaf2629e5cb4d4c8d