Kafka UI 0.7.1 Code Injection

============================================================================================================================================= | Title : Kafka UI 0.7.1 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits |...

Chamilo 1.11.18 Code Injection

============================================================================================================================================= | Title : Chamilo 1.11.18 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits ...

TerraMaster TOS 4.2.29 Code Injection / Local File Inclusion

============================================================================================================================================= | Title : TerraMaster TOS 4.2.29 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 6...

MagnusBilling 6.x Code Injection

============================================================================================================================================= | Title : MagnusBilling 6.x Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bit...

Craft CMS 4.4.14 Code Injection

============================================================================================================================================= | Title : Craft CMS 4.4.14 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits...

GL.iNet 4.4.3 Code Injection

============================================================================================================================================= | Title : GL.iNet network 4.4.3 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64...

Artica Proxy 4.40 Code Injection

============================================================================================================================================= | Title : Artica Proxy appliance 4.40 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

Openfire 4.8.0 Code Injection

============================================================================================================================================= | Title : Openfire release 4.8.0 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 6...

CVE-2024-9793

A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This vulnerability affects the function ateiwprivset/ateifconfigset of the file /goform/ate. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the...

The vulnerability of the MongoDB Rust Driver’s database management system driver lies in its improper handling of syntactically incorrect structures, allowing attackers to execute arbitrary commands.

The vulnerability of the MongoDB Rust Driver driver is related to the improper handling of syntaxically incorrect structures. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

Cisco Small Business WEB Interface Remote Command Execution Vulnerability

Cisco Small Business Routers is a router device from Cisco. A security vulnerability exists in the Cisco Small Business WEB interface, which can be exploited by an authenticated remote attacker with WEB administrative privileges to submit a special request that can be used in a root context to...

PT-2024-7255 · Abb · Abb Ac 800M

Name of the Vulnerable Software and Affected Versions: ABB AC 800M affected versions not specified Description: The issue is related to errors in processing input data in the ABB AC 800M controller firmware. It allows a remote attacker to execute arbitrary commands by sending specially crafted MM...

The vulnerability of the sub47A60C function in the upgrade_filter.asp file of the D-Link DI-8100G network device allows a hacker to execute arbitrary commands.

The vulnerability of the sub47A60C function in the upgradefilter.asp file of the D-Link DI-8100G network device is related to the lack of measures taken to neutralize special elements used in operating systems commands. Exploiting this vulnerability can allow a remote attacker to execute arbitrar...

Exploit for Deserialization of Untrusted Data in Clear Clearml

ClearML Exploit This repository contains a proof-of-concept e...

Gambio Online Webshop 4.9.2.0 Code Injection

============================================================================================================================================= | Title : Gambio Online Webshop 4.9.2.0 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

Cacti 代码注入漏洞

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. A code injection vulnerability exists in Cacti version 1.2.27, which stems...

Netis MW5360 Code Injection

============================================================================================================================================= | Title : Netis MW5360 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits | |...

GeoServer 2.25.1 Code Injection

============================================================================================================================================= | Title : GeoServer 2.25.1 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits...

The vulnerability of the setTracerouteCfg() function in the TOTOLINK T10 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the setTracerouteCfg function in the TOTOLINK T10 router microprogramming software exists because measures to neutralize specific elements have not been taken. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands on the underlying operatin...

The vulnerability in the script /view/DBManage/Backup_Server_commit.php of the D-Link DAR-7000 and DAR-8000 router microprogramming software allows a attacker to execute arbitrary commands.

The vulnerability of the /view/DBManage/BackupServercommit.php script of the D-Link DAR-7000 and DAR-8000 router microprogramming systems exists due to the failure to address the need to neutralize certain special elements used in the operating system commands. Exploiting this vulnerability allow...