Nagios Xi 5.6.6 - Authenticated Remote Code Execution (RCE)

Exploit Title: Nagiosxi authenticated Remote Code Execution Date: 17/02/2024 Exploit Author: Calil Khalil Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Version: Nagios Xi 5.6.6 Tested on: Ubuntu CVE : CVE-2019-15949 python3 exp.py -t https:/// -b // -u user -p 'password' -lh -lp -k...

WBCE CMS 1.6.3 - Authenticated Remote Code Execution (RCE)

Exploit Title: WBCE CMS " exit 1 fi if -z "$which nc" ; then echo "! Netcat is not installed." exit 1 fi ip=$1 port=$2 rm -rf shellModule.zip rm -rf shellModule mkdir shellModule echo Crafting Payload cat shellModule/info.php ?php / @category modules @package Reverse Shell @author Swammers8 @link...

X2CRM 8.5 - Stored Cross-Site Scripting (XSS)

Exploit Title: X2CRM 8.5 - Stored Cross-Site Scripting XSS Date: 12 September 2024 Exploit Author: Okan Kurtulus Vendor Homepage: https://x2engine.com/ Software Link: https://github.com/X2Engine/X2CRM Version: X2CRM v8.5 Tested on: Ubuntu 22.04 CVE : CVE-2024-48120 1- Log in to the system with an...

WordPress URL Media Uploader plugin <= 1.0.0 - Authenticated (Author+) Server-Side Request Forgery via DNS Rebinding vulnerability

Authenticated Author+ Server-Side Request Forgery via DNS Rebinding vulnerability discovered by ch4r0n in WordPress Plugin URL Media Uploader versions = 1.0.0...

WordPress One Click Upsell Funnel for WooCommerce plugin <= 3.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via wps_wocuf_pro_yes Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via wpswocufproyes Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin One Click Upsell Funnel for WooCommerce versions = 3.4.9...

CVE-2024-12832

Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files and disclose sensitive information on affected installations of Arista NG Firewall. Authentication is required to exploit this...

PT-2024-7920 · Glpi +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.17 Description: The issue is related to a lack of protection against SQL injection attacks in the GLPI system, which manages IT assets and incidents. An authenticated user can exploit multiple SQL injection...

WordPress Betheme | Responsive Multipurpose WordPress & WooCommerce theme <= 27.5.5 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File vulnerability discovered by wesley wcraft in WordPress Theme Betheme versions = 27.5.5...

PT-2024-36588 · Allegra · Allegra

Name of the Vulnerable Software and Affected Versions: Allegra affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this issue. The specific flaw exists within the...

WordPress Plugin Salient Shortcodes 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2023-42123

Control Web Panel mysqlmanager Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Control Web Panel. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

CVE-2023-41225

D-Link DIR-3040 prog.cgi SetIPv6PppoeSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...

CVE-2023-7064

The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.15.2 via deserialization of untrusted input from the vulnerable 'id' parameter in the 'auxintemplatecontrolimporter' function. This makes it possibl...

CVE-2024-1425

The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Calendar Widget Link in all versions up to, and including, 3.9.8 due to insufficient input...

Vulnerability fixed in Atlassian Confluence

Atlassian has fixed a vulnerability in Confluence. A authenticated malicious party could exploit the vulnerability to perform execute a stored cross-site scripting attack. Such an attack can lead to execution of arbitrary code in the browser of the victim, or access sensitive information in the...

Cross site scripting

Reflected cross-site scripting XSS vulnerabilities in Trend Micro Mobile Security Enterprise could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41177...

CVE-2024-0381

The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of the 'tag' attribute in the wprm-recipe-name, wprm-recipe-date, and wprm-recipe-counter shortcodes in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers wi...

CVE-2023-20258

A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. This vulnerability is due to improper processing of serialized Java objects by the affected...

Vulnerability fixed in Fortinet FortiOS and FortiProxy

Fortinet has fixed a vulnerability in FortiOS and FortiProxy. An authenticated malicious party can exploit the vulnerability to execute commands on the system that it is initially is not authorized to do. Fortinet has released an update to fix the vulnerability fix in FortiOS and FortiProxy. For...

CVE-2023-25643

There is a command injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands...