Share
## https://sploitus.com/exploit?id=PACKETSTORM:176956
# Exploit Title: 7 Sticky Notes v1.9 - OS Command Injection  
# Discovered by: Ahmet รœmit BAYRAM  
# Discovered Date: 12.09.2023  
# Vendor Homepage: http://www.7stickynotes.com  
# Software Link:  
http://www.7stickynotes.com/download/Setup7StickyNotesv19.exe  
# Tested Version: 1.9 (latest)  
# Tested on: Windows 2019 Server 64bit  
  
# # # Steps to Reproduce # # #  
  
# Open the program.  
# Click on "New Note".  
# Navigate to the "Alarms" tab.  
# Click on either of the two buttons.  
# From the "For" field, select "1" and "seconds" (to obtain the shell  
within 1 second).  
# From the "Action" dropdown, select "command".  
# In the activated box, enter the reverse shell command and click the "Set"  
button to set the alarm.  
# Finally, click on the checkmark to save the alarm.  
# Reverse shell obtained!