17053 matches found
The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager lies in the lack of a mechanism for verifying input data during backup scenarios. This allows a malicious actor to execute arbitrary code with SYSTEM privileges.
The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager is related to deficiencies in the mechanism for verifying input data during backup scenario execution. Exploiting this vulnerability could allow an attacker, operating...
FTP Fetch, Windows x86 Bind Named Pipe Stager
Fetch and execute an x86 payload from an FTP server. Listen for a pipe connection Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/dllinject/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf payloadbindnamedpipe show options...
FTP Fetch, Bind TCP Stager (Windows x86)
Fetch and execute an x86 payload from an FTP server. Listen for a connection Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/meterpreter/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and set options... ms...
FTP Fetch, Windows x64 Pingback, Reverse TCP Inline
Fetch and execute an x64 payload from an FTP server. Connect back to attacker and report UUID Windows x64 Module Options msf use payload/cmd/windows/ftp/x64/pingbackreversetcp msf payloadpingbackreversetcp show actions ...actions... msf payloadpingbackreversetcp set ACTION msf...
FTP Fetch, Reverse TCP Stager (No NX or Win7)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/ftp/x86/peinject/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION msf payloadreversenonxtcp show options ...sh...
FTP Fetch, Windows x64 Command Shell, Bind TCP Inline
Fetch and execute an x64 payload from an FTP server. Listen for a connection and spawn a command shell Windows x64 Module Options msf use payload/cmd/windows/ftp/x64/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...
FTP Fetch, Linux Command Shell, Find Port Inline
Fetch and execute an x64 payload from an FTP server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/ftp/x64/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options ...show and...
FTP Fetch, Linux Command Shell, Bind TCP Inline (IPv6)
Fetch and execute a x86 payload from an FTP server. Listen for a connection over IPv6 and spawn a command shell Module Options msf use payload/cmd/linux/ftp/x86/shellbindipv6tcp msf payloadshellbindipv6tcp show actions ...actions... msf payloadshellbindipv6tcp set ACTION msf payloadshellbindipv6t...
FTP Fetch, Linux Command Shell, Reverse TCP Stager
Fetch and execute an MIPSLE payload from an FTP server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/ftp/mipsle/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show...
FTP Fetch, Bind TCP Stager (Linux x86)
Fetch and execute a x86 payload from an FTP server. Listen for a connection Linux x86 Module Options msf use payload/cmd/linux/ftp/x86/meterpreter/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and set options... msf...
FTP Fetch, Linux Chmod
Fetch and execute an RISC-V 32-bit payload from an FTP server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/ftp/riscv32le/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set...
FTP Fetch
Fetch and execute an MIPSLE payload from an FTP server. Module Options msf use payload/cmd/linux/ftp/mipsle/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...
DELMIA Apriso - Command Injection
An Improper Control of Generation of Code code injection / file upload → RCE vulnerability affecting DELMIA Apriso Release 2020 → Release 2025. When an authenticated user can upload files and the upload handler fails to canonicalize filenames or enforce storage restrictions, an attacker may place...
MajorDoMo thumb.php - OS Command Injection
MajorDoMo aka Major Domestic Module before 0662e5e allows command execution via thumb.php shell metacharacters. NOTE: this is unrelated to the Majordomo mailing-list manager. id: CVE-2023-50917 info: name: MajorDoMo thumb.php - OS Command Injection author: DhiyaneshDK severity: critical...
Apache Unomi <1.5.2 - Remote Code Execution
Apache Unomi allows conditions to use OGNL and MVEL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process. This vulnerability affects all versions of Apache Unomi prior to 1.5.2. id:...
Spring Cloud Gateway Code Injection
Applications using Spring Cloud Gateway prior to 3.1.1+ and 3.0.7+ are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote...
Cuppa CMS v1.0 - Authenticated Local File Inclusion
The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using function parameter value as LFI payload. id: CVE-2022-37191 info: name: Cuppa CMS v1.0 - Authenticated Local File Inclusion author: theamanrawat...
Advantech R-SeeNet 2.4.12 - OS Command Injection
Advantech R-SeeNet 2.4.12 is susceptible to remote OS command execution via the ping.php script functionality. An attacker, via a specially crafted HTTP request, can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering...
Evertz SDVN 3080ipx-10G - Unauthenticated Arbitrary Command Injection
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...