Результаты поиска

Gila CMS 2.0.0 - Remote Code Execution (Unauthenticated) # Exploit Title: Gila CMS 2.0.0 - Remote Code Execution (Unauthenticated) # Date: 1.12.2021 # Exploit Author: Enesdex # Vendor Homepage: https://gilacms.com/ # Software Link: https://github.com/GilaCMS/gila/releases/tag/2.0.0 # Version...

WebKit - not_number defineProperties UAF (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ManualRanking include...

Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core/exploit/exe' require 'msf/core/exploit/powershell'...

WordPress Plugin Custom Global Variables 1.0.5 - 'name' Stored Cross-Site Scripting (XSS) # Exploit Title: WordPress Plugin Custom Global Variables 1.0.5 - 'name' Stored Cross-Site Scripting (XSS) # Google Dork: NA # Date: 09/01/2021 # Exploit Author: Swapnil Subhash Bodekar # Vendor...

MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting # Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting # Date: 6/2/2018 # Author: 0xB9 # Twitter: @0xB9Sec # Contact: 0xB9[at]pm.me # Software Link: https://community.mybb.com/mods.php?action=view&pid=842 # Version: 1.0 #...

Sonatype Nexus 3.21.1 - Remote Code Execution (Authenticated) # Exploit Title: Sonatype Nexus 3.21.1 - Remote Code Execution (Authenticated) # Exploit Author: 1F98D # Original Author: Alvaro Muñoz # Date: 27 May 2020 # Vendor Hompage: https://www.sonatype.com/ # CVE: CVE-2020-10199 # Tested...

Apache Flink 1.11.0 - Unauthenticated Arbitrary File Read (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Auxiliary include Msf::Exploit::Remote::HttpClient...

WordPress Plugin Autoptimize 2.7.6 - Authenticated Arbitrary File Upload (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank =...

Wordpress Plugin wpDiscuz 7.0.4 - Unauthenticated Arbitrary File Upload (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank =...

PaperStream IP (TWAIN) 1.42.0.5685 - Local Privilege Escalation # Exploit Title: PaperStream IP (TWAIN) 1.42.0.5685 - Local Privilege Escalation # Exploit Author: 1F98D # Original Author: securifera # Date: 12 May 2020 # Vendor Hompage...

Gitea 1.7.5 - Remote Code Execution # Exploit Title: Gitea 1.7.5 - Remote Code Execution # Date: 2020-05-11 # Exploit Author: 1F98D # Original Author: LoRexxar # Software Link: https://gitea.io/en-us/ # Version: Gitea before 1.7.6 and 1.8.x before 1.8-RC3 # Tested on: Debian 9.11 (x64) # CVE...

H2 Database 1.4.199 - JNI Code Execution # Exploit Title: H2 Database 1.4.199 - JNI Code Execution # Exploit Author: 1F98D # Original Author: Markus Wulftange # Date: 28 April 2020 # Vendor Hompage: https://www.h2database.com/ # Tested on: Windows 10 x64, Java 1.8, H2 1.4.199 # References...

sar2html 3.2.1 - 'plot' Remote Code Execution # Exploit Title: sar2html 3.2.1 - 'plot' Remote Code Execution # Date: 27-12-2020 # Exploit Author: Musyoka Ian # Vendor Homepage:https://github.com/cemtan/sar2html # Software Link: https://sourceforge.net/projects/sar2html/ # Version: 3.2.1 #...

Klog Server 2.4.1 - Command Injection (Unauthenticated) # Exploit Title: Klog Server 2.4.1 - Command Injection (Unauthenticated) # Date: 22.12.2020 # Exploit Author: b3kc4t (Mustafa GUNDOGDU) # Vendor Homepage: https://www.klogserver.com/ # Version: 2.4.1 # Tested On: Ubuntu 18.04 # CVE...

Microsoft Edge Chakra - EntrySimpleObjectSlotGetter Type Confusion /* function opt(w, arr) { arr[0] = 1.1; let res = w.event; arr[0] = 2.3023e-320; return res; } let arr = [1.1]; for (let i = 0; i < 10000; i++) { opt(window, arr); } The above code will be compiled as...

Webmin 1.962 - 'Package Updates' Escape Bypass RCE (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include...

MachForm < 4.2.3 - SQL Injection / Path Traversal / Upload Bypass Vendor: Appnitro Product webpage: https://www.machform.com/ Full-Disclose: https://metalamin.github.io/MachForm-not-0-day-EN/ Fix: https://www.machform.com/blog-machform-423-security-release/ Author: Amine Taouirsa Twitter...

Dolibarr ERP/CRM 7.0.0 - (Authenticated) SQL Injection # [CVE-2018-10094] Dolibarr SQL Injection vulnerability ## Description Dolibarr is an "Open Source ERP & CRM for Business" used by many companies worldwide. It is available through [GitHub](https://github.com/Dolibarr/dolibarr) or as...

Symfony 2.7.0 < 4.0.10 - Denial of Service The PDOSessionHandler class allows to store sessions on a PDO connection. Under some configurations (see below) and with a well-crafted payload, it was possible to do a denial of service on a Symfony application without too much resources. An...

Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Auxiliary include...