15 matches found
WordPress Plainview Activity Monitor 20161228 Remote Code Execution
Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Date: 07.07.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...
WordPress Plainview Activity Monitor 20161228 Plugin - Remote Code Execution (Authenticated) Exploit
Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...
WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution (RCE) (Authenticated) (2)
Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Date: 07.07.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...
canadasoccer.com Cross Site Scripting vulnerability OBB-1381616
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
WordPress Plainview Activity Monitor 20161228 Remote Command Execution Exploit
WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on the underlying system. Application passes unsafe user supplied data to ip parameter into activitiesoverview.php. Privileges are required in order to exploit...
WordPress Plainview Activity Monitor 20161228 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Plainview Activity Monitor RCE', 'Description' = %q Plainview Activity Monitor Wordpress plugin is vulnerable to OS command injection...
Wordpress Plainview Activity Monitor RCE
Plainview Activity Monitor Wordpress plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on underlying system. Application passes unsafe user supplied data to ip parameter into activitiesoverview.php. Privileges are required in order to exploit this...
WordPress Plainview Activity Monitor Plugin Command Injection (CVE-2018-15877)
A command injection vulnerability exists in WordPress Plainview Activity Monitor plugin. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary OS commands in the affected system...
WordPress Plainview Activity Monitor 20161228 Plugin - Command Injection Exploit
Exploit for php platform in category web applications !-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877...
CVE-2018-15877
creationtimestamp| type| source ---|---|--- 2018-08-27 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/45274 2019-11-29 10:20:46+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wpplainviewactivitymonitorrce.rb 2025-02-06...
WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection
WordPress Plugin Plainview Activity Monitor 20161228 - Authenticated Command Injection !-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877 +...
WordPress Plainview Activity Monitor 20161228 Command Injection
About: =========== Component: Plainview Activity Monitor Wordpress plugin Vulnerable version: 20161228 and possibly prior Fixed version: 20180826 CVE-ID: CVE-2018-15877 CWE-ID: CWE-78 Author: - LydAcric Lefebvre https://www.linkedin.com/in/lydericlefebvre Timeline: =========== - 2018/08/25:...
WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection
!-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877 + Usage: Replace 127.0.0.1 & 9999 with you ip...
CVE-2018-15877
WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection via the ip parameter in the activities_overview.php flow (and via the wp-admin/admin.php?action path noted in sources). Root cause: unsafe handling of user-supplied data leading to remote command execution. Affected...
KingMedia 4.1 - File Upload
KingMedia 4.1 - File Upload Exploit Title: KingMedia 4.1 - Remote Code Execution Author: Efren Diaz Exploit Date: 2018-08-15 Software: KingMedia Version: 1.x, 2.x, 3.x, 4.1 Link: https://codecanyon.net/item/king-media-video-image-upload-and-share/7877877 CVE: N/A \n\n"; echo " -target:...