none

AV Evasion Improvements v2

This update updates AV evasion for agents generated using the binary wrapper, which is used by Package and Register, Serve Agent in Web Server, and similar executable generating modules.

AV Shell improvement

This update is to increase the realiability of AV shell module.

Trojan Agents Enhancements Rev 02

This update improves the reliability and AV Evasion of Agents generated with modules: . Package and Register Agent . Send Agent by E-Mail . Serve Agent in Web Server

Magento eCommerce Web Sites RetrieveImage.php Arbitrary File Upload Exploit

This module uses an arbitrary file upload vulnerability in Magento eCommerce Web Sites to gain arbitrary code execution on the affected system. Authentication is required to access the administrative panel.

Nuxeo Platform CMS Directory Traversal Vulnerability JSP File Upload Exploit

This module uses a directory traversal vulnerability in the file import feature in Nuxeo Platform CMS to upload a JSP to gain arbitrary code execution on the affected system.

Boonex Dolphin PHP File Upload Remote Code Execution Exploit

Authentication bypass and upload of file with dangerous type in Boonex Dolphin <= 7.3.2 allows to remote unauthenticated attackers to affect integrity and availability via PHP remote file inclusion.

PowerShell Update v1

This update resolves an issue in the PowerShell feature.

Avtech DVR Camera Authentication Bypass and Command Execution Exploit

Several firmware versions of Avtech devices are vulnerable to Authentication bypass by requesting a .cab file and also vulnerable to Authenticated command injection in PwdGrp.cgi on the user creation or modification request