Lucene search
K

32 matches found

GithubExploit
GithubExploit
added 2025/09/16 4:50 a.m.194 views

Exploit for Path Traversal in Atlassian Confluence_Server

CVE-2019-3396 CVE-2019-3396 confluence SSTI RCE 🔎 What is...

10CVSS7.6AI score0.99913EPSS
Exploits20
GithubExploit
GithubExploit
added 2021/05/01 2:10 a.m.179 views

Exploit for Path Traversal in Atlassian Confluence_Server

Confluence unauthorize template injection CVE-2019-3396...

10CVSS10AI score0.99913EPSS
Exploits20
GithubExploit
GithubExploit
added 2021/02/01 4:10 p.m.6 views

Exploit for Path Traversal in Atlassian Confluence_Server

cve-2019-3396 Unauthenticated Confluence RCE cve-2019-339...

10CVSS7.3AI score0.99913EPSS
Exploits20
GithubExploit
GithubExploit
added 2021/02/01 4:10 p.m.104 views

Exploit for Path Traversal in Atlassian Confluence_Server

cve-2019-3396 Unauthenticated Confluence RCE cve-2019-339...

10CVSS9.7AI score0.99913EPSS
Exploits20
Packet Storm
Packet Storm
added 2021/01/22 12:0 a.m.556 views

Atlassian Confluence 6.12.1 Template Injection

Exploit Title: Atlassian Confluence Widget Connector Macro - SSTI Date: 21-Jan-2021 Exploit Author: 46o60 Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://product-downloads.atlassian.com/software/confluence/downloads/atlassian-confluence-6.12.1-x64.bin Version...

10CVSS9.8AI score0.99913EPSS
Exploits20
Exploit DB
Exploit DB
added 2021/01/22 12:0 a.m.390 views

Atlassian Confluence Widget Connector Macro - SSTI

Exploit Title: Atlassian Confluence Widget Connector Macro - SSTI Date: 21-Jan-2021 Exploit Author: 46o60 Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://product-downloads.atlassian.com/software/confluence/downloads/atlassian-confluence-6.12.1-x64.bin Version...

10CVSS9.8AI score0.99913EPSS
Exploits20
ThreatPost
ThreatPost
added 2020/07/22 4:43 p.m.293 views

Lazarus Group Surfaces with Advanced Malware Framework

The North Korea-linked APT known as Lazarus Group has debuted an advanced, multipurpose malware framework, called MATA, to target Windows, Linux and macOS operating systems. Kaspersky researchers uncovered a series of attacks utilizing MATA so-called because the malware authors themselves call...

10CVSS9.4AI score0.99913EPSS
Exploits20References12
FireEye
FireEye
added 2019/08/19 12:0 a.m.254 views

GAME OVER: Detecting and Stopping an APT41 Operation

In August 2019, FireEye released the “Double Dragon” report on our newest graduated threat group, APT41. A China-nexus dual espionage and financially-focused group, APT41 targets industries such as gaming, healthcare, high-tech, higher education, telecommunications, and travel services. APT41 is...

10CVSS0.4AI score0.99913EPSS
Exploits20References9
Tenable Nessus
Tenable Nessus
added 2019/07/17 12:0 a.m.71 views

Atlassian Confluence 6.14.x < 6.14.2 Multiple Vulnerabilities

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 6.6.12, 6.7.x prior to 6.12.3, 6.13.x prior to 6.13.3, or 6.14.x prior to 6.14.2. It is, therefore, affected by the following vulnerabilities : - A server-side request forger...

10CVSS10AI score0.99913EPSS
Exploits20References3
Tenable Nessus
Tenable Nessus
added 2019/07/17 12:0 a.m.44 views

Atlassian Confluence < 6.6.12 Multiple Vulnerabilities

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 6.6.12, 6.7.x prior to 6.12.3, 6.13.x prior to 6.13.3, or 6.14.x prior to 6.14.2. It is, therefore, affected by the following vulnerabilities : - A server-side request forger...

10CVSS10AI score0.99913EPSS
Exploits20References3
Tenable Nessus
Tenable Nessus
added 2019/07/17 12:0 a.m.72 views

Atlassian Confluence 6.13.x < 6.13.3 Multiple Vulnerabilities

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 6.6.12, 6.7.x prior to 6.12.3, 6.13.x prior to 6.13.3, or 6.14.x prior to 6.14.2. It is, therefore, affected by the following vulnerabilities : - A server-side request forger...

10CVSS10AI score0.99913EPSS
Exploits20References3
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.38 views

Atlassian Confluence < 6.6.12 / 6.7.x < 6.12.3 / 6.13.x < 6.13.3 / 6.14.x < 6.14.2 Multiple Vulnerabilities

Binary data 700661.prm...

10CVSS9.8AI score0.99913EPSS
Exploits20References3
Exploit DB
Exploit DB
added 2019/04/19 12:0 a.m.64 views

Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Atlassian Confluence Widget Connector Macro Velocity Template Injection", 'Description' = %q Widget Connector Macro is part of Atlassian Confluen...

10CVSS7AI score0.99913EPSS
Exploits20
Hacker One
Hacker One
added 2019/04/18 8:32 a.m.311 views

Mail.ru: [geekbrains.ru] CVE-2019-5418 Ruby on Rails File Content Disclosure

Unpatched CVE-2019-3396 in geekbrains.ru...

10CVSS0.9AI score0.99913EPSS
Exploits38
Packet Storm
Packet Storm
added 2019/04/18 12:0 a.m.441 views

Atlassian Confluence Widget Connector Macro Velocity Template Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Atlassian Confluence Widget Connector Macro Velocity Template Injection", 'Description' = %q Widget Connector Macro is part of Atlassian Confluen...

10CVSS0.99913EPSS
Exploits20
Hacker One
Hacker One
added 2019/04/15 7:6 p.m.139 views

U.S. Dept Of Defense: LFI with potential to RCE on ██████ using CVE-2019-3396

POC POST /rest/tinymce/1/macro/preview HTTP/1.1 Host: ██████ Content-Type: application/json Content-Length: 174 "contentId":"12345","macro":"name":"widget","body":"","params":"url":"https://www.youtube.com/watch?v=wHEHYJpCkpg","width":"300","height":"200","template":"file://../" Thanks, Ben Impac...

10CVSS9.5AI score0.99913EPSS
Exploits20
Check Point Advisories
Check Point Advisories
added 2019/04/14 12:0 a.m.5 views

Atlassian Confluence and Data Center Remote Code Execution (CVE-2019-3396)

A remote code execution vulnerability exists in the Widget Connector component of Atlassian Confluence and Data Center. A remote attacker can exploit this issue by sending a specially crafted packet to the target server. Successful exploitation could result in execution of arbitrary code on the...

10CVSS5.6AI score0.99913EPSS
Exploits20
Circl
Circl
added 2019/04/13 1:20 p.m.9 views

CVE-2019-3396

creationtimestamp| type| source ---|---|--- 2019-04-13 13:20:12+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/atlassian-confluence-ohjelmiston-haavoittuvuutta-hyvaksikaytetaan-tietomurroissa 2019-04-19 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46731...

10CVSS7.4AI score0.99913EPSS
In wildExploits20References25
Hacker One
Hacker One
added 2019/04/11 8:10 p.m.605 views

Mail.ru: Path traversal, SSTI and RCE on a MailRu acquisition

Unpatched CVE-2019-3396 and few more in publicly accessible Atlassian Confluence instance in ESForce domain...

10CVSS4.1AI score0.99913EPSS
Exploits20
Tenable Nessus
Tenable Nessus
added 2019/04/11 12:0 a.m.76 views

Atlassian Confluence < 6.6.12 / 6.7.x < 6.12.3 / 6.13.x < 6.13.3 / 6.14.x < 6.14.2 Template Injection

According to the tests performed by Nessus, the remote host is affected by the following vulnerability: - A server-side template injection exists in the Widget Connector due to improper input validation. An attacker can exploit this, via unspecified vectors, to traverse directories or execute...

10CVSS9.1AI score0.99913EPSS
Exploits20References2
Rows per page
Query Builder