PT-2022-23268 · Unknown · Siteserver Cms

Name of the Vulnerable Software and Affected Versions: SiteServerCMS versions 5.X Description: The issue is related to a Remote-download-Getshell-vulnerability. This vulnerability can be exploited via the "/SiteServer/Ajax/ajaxOtherService.aspx" API endpoint. Recommendations: For SiteServerCMS...

SiteServerCMS 安全漏洞

SSCMS SiteServerCMS SSCMS is an open source, cross-platform, enterprise-level content management system from China's SSCMS Corporation. A security vulnerability exists in SiteServerCMS version 5.X. The vulnerability stems from a remote download Getshell vulnerability via...

Goldshell ASIC Miners 信任管理问题漏洞

Goldshell ASIC Miners is a mining host from Goldshell China. A security vulnerability exists in Goldshell ASIC Miners version v2.1.x, which stems from the discovery of hard-coded credentials included that allow an attacker to connect remotely via SSH protocol port 22...

Hackers Exploiting Follina Bug to Deploy Rozena Backdoor

A newly observed phishing campaign is leveraging the recently disclosed Follina security vulnerability to distribute a previously undocumented backdoor on Windows systems. "Rozena is a backdoor malware that is capable of injecting a remote shell connection back to the attacker's machine," Fortine...

JUNG Smart Visu Server 安全漏洞

JUNG Smart Visu Server is a Smart Visu Server from JUNG. A security vulnerability exists in JUNG Smart Visu Server versions 1.0.804, 1.0.830, and 1.0.832, which stems from the presence of two undocumented operating system user accounts on the device that can be used to access the Smart Visu Serve...

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software relates to a flaw in the data protection mechanism, allowing an attacker to execute arbitrary shell commands.

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software is related to a breach in data protection mechanisms. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary shell commands by replacing the hostname with a specially...

PT-2022-3473 · Bosch · Bosch Pra-Es8P2S

Name of the Vulnerable Software and Affected Versions: Bosch PRA-ES8P2S versions 1.01.05 and earlier Description: The issue is related to insufficient input validation in the diagnostics web interface of the Bosch PRA-ES8P2S Ethernet switch. This allows a remote attacker to execute arbitrary...

Notionterm - Embed Reverse Shell In Notion Pages

Embedreverse shell in Notion pages. Hack while taking notes FOR: Hiding attacker IP in reverse shell No direct interaction between attacker and target machine. Notion is used as a proxy hosting the reverse shell Demo/Quick proof insertion within report High available and shareable reverse shell...

Fedora: Security Advisory for et (FEDORA-2022-e3a794b591)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 35 Update: et-6.2.1-2.fc35

Eternal Terminal ET is a remote shell that automatically reconnects without interrupting the session...

[SECURITY] Fedora 36 Update: et-6.2.1-2.fc36

Eternal Terminal ET is a remote shell that automatically reconnects without interrupting the session...

GHSA-W94P-6MHW-4QXW Improper Access Control in Elasticsearch

The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script...

WordPress Advanced Uploader plugin arbitrary file upload vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Advanced Uploader plugin 4.2 and previous versions have a file upload vulnerability, which can be...

PHPOK 代码问题漏洞

PHPOK is an enterprise website builder with extended support. A security vulnerability exists in PHPOK v6.1, which originates from a deserialization vulnerability in the updatef function of logincontrol.php in Phpok v6.1, which can be exploited by an attacker to write to an arbitrary file and...

WordPress Plugin Advanced Uploader 4.2 - Arbitrary File Upload (Authenticated)

Exploit Title: WordPress Plugin Advanced Uploader 4.2 - Arbitrary File Upload Authenticated Google Dork: - Date: 2022-03-13 Exploit Author: Roel van Beurden Vendor Homepage: - Software Link: https://downloads.wordpress.org/plugin/advanced-uploader.4.2.zip Version: =4.2 Tested on: WordPress 5.9 on...

WordPress plugin Advanced Uploader 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Advanced Uploader plugin 4.2 and previous versions have a file upload vulnerability, which can be...

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

Victorian Machinery Victorian Machinery is a proof of concept...

CVE-2022-28560

There is a stack overflow vulnerability in the goform/fastsettingwifiset function in the httpd service of Tenda ac9 15.03.2.21cn router. An attacker can obtain a stable shell through a carefully constructed payload...

CVE-2022-28561

There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21cn router. An attacker can obtain a stable shell through a carefully constructed payload...

CVE-2022-28560

There is a stack overflow vulnerability in the goform/fastsettingwifiset function in the httpd service of Tenda ac9 15.03.2.21cn router. An attacker can obtain a stable shell through a carefully constructed payload...