Результаты поиска

GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2) # Exploit Title: GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2) # Original Exploit Author: Mehmet Ince # Vendor Homepage: https://getgrav.org # Version: 1.10.7 # Tested on: Debian 10 # Author: legend...

Rocket.Chat 3.12.1 - NoSQL Injection (Unauthenticated) # Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated) # Author: enox # Date: 06-06-2021 # Product: Rocket.Chat # Vendor: https://rocket.chat/ # Vulnerable Version(s): Rocket.Chat 3.12.1 # CVE: CVE-2021-22911 # Credits...

ManageEngine Exchange Reporter Plus < Build 5311 - Remote Code Execution # Exploit Title: ManageEngine Exchange Reporter Plus <= 5310 Unauthenticated RCE # Date: 28-06-2018 # Software Link: https://www.manageengine.com/products/exchange-reports/ # Exploit Author: Kacper Szurek # Contact...

CMS Made Simple 2.2.5 - (Authenticated) Remote Code Execution # Exploit Title: CMS Made Simple 2.2.5 authenticated Remote Code Execution # Date: 3rd of July, 2018 # Exploit Author: Mustafa Hasan (@strukt93) # Vendor Homepage: http://www.cmsmadesimple.org/ # Software Link...

PHPFusion 9.03.50 - Remote Code Execution # Exploit Title: PHPFusion 9.03.50 - Remote Code Execution # Date: 20/05/2021 # Exploit Author: g0ldm45k # Vendor Homepage: https://www.php-fusion.co.uk/home.php # Software Link...

PHP 8.1.0-dev - 'User-Agentt' Remote Code Execution # Exploit Title: PHP 8.1.0-dev - 'User-Agentt' Remote Code Execution # Date: 23 may 2021 # Exploit Author: flast101 # Vendor Homepage: https://www.php.net/ # Software Link: # - https://hub.docker.com/r/phpdaily/php # -...

Gitlab 13.9.3 - Remote Code Execution (Authenticated) # Exploit Title: Gitlab 13.9.3 - Remote Code Execution (Authenticated) # Date: 02/06/2021 # Exploit Author: enox # Vendor Homepage: https://about.gitlab.com/ # Software Link: https://gitlab.com/ # Version: < 13.9.4 # Tested On: Ubuntu 20.04...

Mozilla Firefox 88.0.1 - File Extension Execution of Arbitrary Code # Exploit Title: Mozilla Firefox 88.0.1 - File Extension Execution of Arbitrary Code # Date: 20/05/2021 # Exploit Authors: Carlo Di Dato and Michael Caruso from BestEffort Team (https://besteffortteam.it) # Vendor Homepage...

ProFTPd 1.3.5 - 'mod_copy' Remote Command Execution (2) # Exploit Title: ProFTPd 1.3.5 - 'mod_copy' Remote Command Execution (2) # Date: 25/05/2021 # Exploit Author: Shellbr3ak # Version: 1.3.5 # Tested on: Ubuntu 16.04.6 LTS # CVE : CVE-2015-3306 #!/usr/bin/env python3 import sys import...

Pluck CMS 4.7.13 - File Upload Remote Code Execution (Authenticated) # Exploit Title: Pluck CMS 4.7.13 - File Upload Remote Code Execution (Authenticated) # Date: 25.05.2021 # Exploit Author: Ron Jost (Hacker5preme) # Vendor Homepage: https://github.com/pluck-cms/pluck # Software Link...

HP VAN SDN Controller - Root Command Injection (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking # server...

HID discoveryd - 'command_blink_on' Remote Code Execution (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include...

GitList 0.6.0 - Argument Injection (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include...

Chamilo LMS 1.11.14 - Remote Code Execution (Authenticated) # Exploit Title: Chamilo LMS 1.11.14 - Remote Code Execution (Authenticated) # Date: 13/05/2021 # Exploit Author: M. Cory Billington (@_th3y) # Vendor Homepage: https://chamilo.org # Software Link...

Boxoft WAV to MP3 Converter 1.1 - Buffer Overflow (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking include...

vsftpd 2.3.4 - Backdoor Command Execution # Exploit Title: vsftpd 2.3.4 - Backdoor Command Execution # Date: 9-04-2021 # Exploit Author: HerculesRD # Software Link: http://www.linuxfromscratch.org/~thomasp/blfs-book-xsl/server/vsftpd.html # Version: vsftpd 2.3.4 # Tested on: debian # CVE ...

GravCMS 1.10.7 - Unauthenticated Arbitrary File Write (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking include...

ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (2) # Exploit Title: ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (2) # Date: 04/21 # Exploit Author: Fellipe Oliveira # Vendor Homepage: https://www.scadabr.com.br/ # Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for Linux #...

FTPShell Client 6.70 (Enterprise Edition) - Stack Buffer Overflow (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking...

Nagios XI 5.2.6-5.4.12 - Chained Remote Code Execution (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ManualRanking include...

HongCMS 3.0.0 - (Authenticated) SQL Injection # Exploit Title: HongCMS 3.0.0 - SQL Injection # Google Dork: [if applicable] # Date: 2018/06/26 # Exploit Author: Hzllaga # Vendor Homepage: https://github.com/Neeke/HongCMS/ # Software Link: https://github.com/Neeke/HongCMS/ # Version: 3.0.0 #...

vsftpd 3.0.3 - Remote Denial of Service # Exploit Title: vsftpd 3.0.3 - Remote Denial of Service # Date: 22-03-2021 # Exploit Author: xynmaps # Vendor Homepage: https://security.appspot.com/vsftpd.html # Software Link: https://security.appspot.com/downloads/vsftpd-3.0.3.tar.gz # Version: 3.0.3...

VMware NSX SD-WAN Edge < 3.1.2 - Command Injection #!/usr/bin/env python # Exploit Title: Unauthenticated Command Injection vulnerability in VMware NSX SD-WAN by VeloCloud # Date: 2018-06-29 # Exploit Author: paragonsec @ Critical Start # Credit: Brian Sullivan from Tevora and Section 8 @...

Quest KACE Systems Management - Command Injection (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include...

HPE VAN SDN 2.7.18.0503 - Remote Root ''' -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 KL-001-2018-008 : HPE VAN SDN Unauthenticated Remote Root Vulnerability Title: HPE VAN SDN Unauthenticated Remote Root Vulnerability Advisory ID: KL-001-2018-008 Publication Date: 2018.06.25 Publication...