Lucene search
K

25 matches found

Nuclei
Nuclei
added 2026/06/26 6:13 p.m.42 views

HTTP File Server <2.3c - Remote Command Execution

HTTP File Server before 2.3c is susceptible to remote command execution. The findMacroMarker function in parserLib.pas allows an attacker to execute arbitrary programs via a %00 sequence in a search action. Therefore, an attacker can obtain sensitive information, modify data, and/or gain full...

10CVSS7.7AI score0.99323EPSS
Exploits23References5
GithubExploit
GithubExploit
added 2026/03/10 3:31 p.m.183 views

Exploit for Code Injection in Rejetto Http_File_Server

Optimum --- Optimum – Hack The Box Writeup Overview I...

10CVSS6AI score0.99323EPSS
Exploits23
Nuclei
Nuclei
added 2023/04/01 6:50 p.m.11 views

HTTP File Server <2.3c - Remote Command Execution

HTTP File Server before 2.3c is susceptible to remote command execution. The findMacroMarker function in parserLib.pas allows an attacker to execute arbitrary programs via a %00 sequence in a search action. Therefore, an attacker can obtain sensitive information, modify data, and/or gain full...

10CVSS9.8AI score0.99323EPSS
Exploits23References5
0day.today
0day.today
added 2021/02/23 12:0 a.m.272 views

HFS Http File Server 2.3.x - Remote Command Execution Exploit (3)

Exploit Title: HFS HTTP File Server 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Exploit Author: Pergyz Vendor Homepage: http://www.rejetto.com/hfs/ Software Link: https://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Microsoft Windows Server 2012 R2...

9.8CVSS9.8AI score0.99323EPSS
Exploits23
Packet Storm
Packet Storm
added 2021/02/23 12:0 a.m.816 views

HFS (HTTP File Server) 2.3.x Remote Code Execution

Exploit Title: HFS HTTP File Server 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 20/02/2021 Exploit Author: Pergyz Vendor Homepage: http://www.rejetto.com/hfs/ Software Link: https://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Microsoft Windows...

7.5CVSS9.5AI score0.99323EPSS
Exploits23
Exploit DB
Exploit DB
added 2021/02/23 12:0 a.m.1488 views

HFS (HTTP File Server) 2.3.x - Remote Command Execution (3)

Exploit Title: HFS HTTP File Server 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 20/02/2021 Exploit Author: Pergyz Vendor Homepage: http://www.rejetto.com/hfs/ Software Link: https://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Microsoft Windows...

10CVSS9.5AI score0.99323EPSS
Exploits23
Exploit DB
Exploit DB
added 2020/11/30 12:0 a.m.1136 views

Rejetto HttpFileServer 2.3.x - Remote Command Execution (3)

Exploit Title: Rejetto HttpFileServer 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 28-11-2020 Remote: Yes Exploit Author: Óscar Andreu Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Windows...

10CVSS9.5AI score0.99323EPSS
Exploits23
Packet Storm
Packet Storm
added 2020/11/29 12:0 a.m.2070 views

Rejetto HttpFileServer 2.3.x Remote Command Execution

Exploit Title: Rejetto HttpFileServer 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 28-11-2020 Remote: Yes Exploit Author: Óscar Andreu Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Windows...

7.5CVSS0.1AI score0.99323EPSS
Exploits23
0day.today
0day.today
added 2016/01/04 12:0 a.m.380 views

Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (2)

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 04-01-2016 Remote: Yes Exploit Author: Avinash Kumar Thapa aka "-Acid" Vendor Homepage: http://rejetto.com/ Softwar...

7.5CVSS0.99323EPSS
Exploits23
Packet Storm
Packet Storm
added 2016/01/04 12:0 a.m.104 views

Rejetto HTTP File Server 2.3.x Remote Code Execution

!/usr/bin/python Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 04-01-2016 Remote: Yes Exploit Author: Avinash Kumar Thapa aka "-Acid" Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3...

7.5CVSS0.99323EPSS
Exploits23
Exploit DB
Exploit DB
added 2016/01/04 12:0 a.m.1325 views

Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (2)

!/usr/bin/python Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 04-01-2016 Remote: Yes Exploit Author: Avinash Kumar Thapa aka "-Acid" Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3...

10CVSS9.5AI score0.99323EPSS
Exploits23
ThreatPost
ThreatPost
added 2015/02/26 10:1 a.m.36 views

DDoS Exploit Targets Open Source Rejetto HFS

Apparently no vulnerability is too small, no application too obscure, to escape a hacker’s notice. A honeypot run by Trustwave’s SpiderLabs research team recently snared an automated attack targeting users of the open source Rejetto HTTP File Server Rejetto HFS. Someone was trying to exploit a...

7.5CVSS9.4AI score0.99323EPSS
Exploits23References3
seebug.org
seebug.org
added 2014/10/10 12:0 a.m.30 views

Rejetto HttpFileServer Remote Command Execution

No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Rejetto HttpFileServer Remote Command Execution", 'Description' = %q Rejetto HttpFileServer HFS i...

7.1AI score0.99323EPSS
Exploits23
Metasploit
Metasploit
added 2014/10/08 4:55 p.m.64 views

Rejetto HttpFileServer Remote Command Execution

Rejetto HttpFileServer HFS is vulnerable to remote command execution attack due to a poor regex in the file ParserLib.pas. This module exploits the HFS scripting commands by using '%00' to bypass the filtering. This module has been tested successfully on HFS 2.3b over Windows XP SP3, Windows 7 SP...

9.8CVSS0.1AI score0.99323EPSS
Exploits23
Packet Storm
Packet Storm
added 2014/10/08 12:0 a.m.84 views

Rejetto HttpFileServer Remote Command Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Rejetto HttpFileServer Remote Command Execution", 'Description' = %q Rejetto HttpFileServer HFS is vulnerable to remote command...

7.5CVSS0.1AI score0.99323EPSS
Exploits23
NVD
NVD
added 2014/10/07 10:55 a.m.33 views

CVE-2014-6287

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server aks HFS or HttpFileServer 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action...

10CVSS9.6AI score0.99323EPSS
Exploits23References8
Vulnrichment
Vulnrichment
added 2014/10/07 10:0 a.m.8 views

CVE-2014-6287

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server aks HFS or HttpFileServer 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action...

9.6AI score0.99323EPSS
Exploits23References7
Cvelist
Cvelist
added 2014/10/07 10:0 a.m.38 views

CVE-2014-6287

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server aks HFS or HttpFileServer 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action...

9.6AI score0.99323EPSS
Exploits23References7
CVE
CVE
added 2014/10/07 10:0 a.m.1458 views

CVE-2014-6287

The vulnerability CVE-2014-6287 affects Rejetto HTTP File Server (HFS) 2.3x prior to 2.3c. It stems from the findMacroMarker function in parserLib.pas, where a null-byte sequence (%00) in a search action allows remote attackers to execute arbitrary code. Public exploits and Metasploit modules exi...

10CVSS9.4AI score0.99323EPSS
In wildExploits23References8Affected Software1
CERT
CERT
added 2014/10/06 12:0 a.m.108 views

Rejetto HTTP File Server (HFS) search feature fails to handle null bytes

Overview Rejetto HTTP File Server HFS search feature in versions 2.3, 2.3a, and 2.3b fails to handle null bytes. Description CWE-158: Improper Neutralization of Null Byte or NUL Character - CVE-2014-6287Rejetto HFS versions 2.3, 2.3a, and 2.3b are vulnerable to remote command execution due to a...

10CVSS9.6AI score0.99323EPSS
Exploits23References5
Rows per page
Query Builder