Lucene search
K

11 matches found

GithubExploit
GithubExploit
added 2026/04/29 9:13 a.m.101 views

Exploit for CVE-2024-8503

vicidial-cve-2024-8503-blind-sqli-p...

9.8CVSS8.8AI score0.80023EPSS
Exploits10
VulnCheck KEV
VulnCheck KEV
added 2025/03/19 12:0 a.m.9 views

VulnCheck KEV: CVE-2024-8503

An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial stores plaintext credentials within the database...

9.8CVSS5.9AI score0.80023EPSS
Exploits10References1
Metasploit
Metasploit
added 2024/10/01 6:55 p.m.335 views

VICIdial Authenticated Remote Code Execution

An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell commands as the "root" user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. Module Options msf use...

9.8CVSS8.9AI score0.80023EPSS
Exploits10
0day.today
0day.today
added 2024/10/01 12:0 a.m.197 views

VICIdial Authenticated Remote Code Execution Exploit

metasploit.com This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VICIdial Authenticated Remote Code Execution', 'Description' = %q An attacker with authenticated access to VICIdial as an "agent"...

9.8CVSS7AI score0.80023EPSS
Exploits12
Packet Storm
Packet Storm
added 2024/10/01 12:0 a.m.484 views

VICIdial Authenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VICIdial Authenticated Remote Code Execution', 'Description' = %q An attacker with authenticated access to VICIdial as an "agent" can execute...

9.8CVSS7AI score0.80023EPSS
Exploits12
Metasploit
Metasploit
added 2024/09/26 6:53 p.m.329 views

Vicidial SQL Injection Time-based Admin Credentials Enumeration

This module exploits a time-based SQL injection vulnerability in VICIdial, allowing attackers to dump admin credentials usernames and passwords via SQL injection. Module Options msf use auxiliary/scanner/http/vicidialsqlenumuserspass msf auxiliaryvicidialsqlenumuserspass show actions ...actions...

9.8CVSS9.6AI score0.80023EPSS
Exploits10
GithubExploit
GithubExploit
added 2024/09/14 6:27 a.m.615 views

Exploit for CVE-2024-8504

⚡️ Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE ⚡️...

9.8CVSS10AI score0.80023EPSS
Exploits12
0day.today
0day.today
added 2024/09/11 12:0 a.m.342 views

VICIdial 2.14-917a SQL Injection Vulnerability

An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial version 2.14-917a to enumerate database records. By default, VICIdial stores plaintext credentials within the database. Title: VICIdial Unauthenticated SQL Injection Publication URL:...

9.8CVSS7.9AI score0.80023EPSS
Exploits10
Circl
Circl
added 2024/09/10 10:37 p.m.11 views

CVE-2024-8503

creationtimestamp| type| source ---|---|--- 2024-09-10 22:37:05+00:00| seen| https://t.me/cvedetector/5298 2024-09-10 22:37:06+00:00| seen| https://t.me/cvedetector/5299 2024-09-14 06:31:55+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8527 2024-09-15 08:46:36+00:00| seen|...

9.8CVSS8.3AI score0.80023EPSS
Exploits10References27
CVE
CVE
added 2024/09/10 7:22 p.m.154 views

CVE-2024-8503

CVE-2024-8503 (SQL Injection) in VICIdial: an unauthenticated attacker can trigger a time-based SQL injection to enumerate database records and expose plaintext credentials stored in VICIdial. Connected documents corroborate a critical impact (C<H/I<H/A

9.8CVSS9.4AI score0.80023EPSS
Exploits10References4
KoreLogic Security
KoreLogic Security
added 2024/09/10 12:0 a.m.38 views

VICIdial Unauthenticated SQL Injection

Vulnerability Details Affected Vendor: VICIdial Affected Product: VICIdial Affected Version: 2.14-917a Platform: GNU/Linux CWE Classification: CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' CVE ID: CVE-2024-8503 2. Vulnerability Description An...

9.8CVSS9.8AI score0.80023EPSS
Exploits10Affected Software1
Rows per page
Query Builder