1614 matches found
Backdoor.Win32.Wollf.h Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d0fd60516d53b2ad602c460351dbaa85.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Wollf.h Vulnerability: Unauthenticated Remote Command Execution Description: The...
CVE-2021-34722 Cisco IOS XR Software Command Injection Vulnerabilities
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details sectio...
CVE-2020-18121
A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell...
Indexhibit 权限许可和访问控制问题漏洞
Indexhibit is a web-based content management system. indexhibit version 2.1.5 contains a misconfiguration vulnerability. An attacker could use this vulnerability to modify the .php file so that it can get a getshell...
CVE-2021-3459
A privilege escalation vulnerability was reported in the MM1000 device configuration web server, which could allow privileged shell access and/or arbitrary privileged commands to be executed on the adapter...
CVE-2021-3459
Technical details (affected software, exact root cause, versions, exploit methods) are not publicly provided in the supplied documents. Monitor for updates from official advisories and vendors.
Motorola MM1000 操作系统命令注入漏洞
The Motorola MM1000 is a network adapter from Motorola USA. A security vulnerability exists in the Motorola MM1000 that could allow privileged shell access and/or arbitrary privileged command execution on the adapter...
CVE-2021-36622
Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. The admin panel has an upload function of profile photo accessible at http://localhost/scheduler/admin/?page=user. An attacker could upload a malicious file such as shell.php with the...
CVE-2021-36622
Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. The admin panel has an upload function of profile photo accessible at http://localhost/scheduler/admin/?page=user. An attacker could upload a malicious file such as shell.php with the...
CVE-2021-36622
Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. The admin panel has an upload function of profile photo accessible at http://localhost/scheduler/admin/?page=user. An attacker could upload a malicious file such as shell.php with the...
S-CMS 输入验证错误漏洞
S-CMS is a product developed by Zibo Shining Network Technology Co., Ltd. that provides solutions for building enterprise websites. a remote code execution vulnerability exists in /1.com.php in S-CMS version 3.0 PHP version. An attacker can exploit the vulnerability by modifying PHP files to get ...
KUKA KR C4 信任管理问题漏洞
KUKA KR C4 is an industrial control device from KUKA, Germany. An automated control system. The KUKA KR C4 suffers from a trust management issue vulnerability that stems from hard-coded credentials, which could allow an attacker to gain access to the VxWorks Shell after logging in...
CVE-2021-37555
TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled...
Akkadian Provisioning Manager 信任管理问题漏洞
Akkadian Provisioning Manager is a provisioning solution from Akkadian USA for new integrations for more robust provisioning automation. A trust management issue vulnerability exists in Akkadian Provisioning Manager Engine PME that allows an unauthorized attacker to have root-level shell access t...
Akkadian Provisioning Manager 安全漏洞
Akkadian Provisioning Manager is a provisioning solution from Akkadian USA for new integrations for more robust provisioning automation. A security vulnerability exists in the Akkadian Provisioning Manager Engine PME that allows an unauthorized attacker to have root-level shell access to affected...
Command Execution Vulnerability in Xinhuo OA Office System
Xinhu OA office system is an open source online office system. A command execution vulnerability exists in Xinhuo OA Office System, which can be exploited by a remote attacker to submit a special request that can execute arbitrary commands and gain shell privileges on the host...
Online Covid Vaccination Scheduler System 1.0 Shell Upload
Exploit Title: Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution Unauthenticated Date: 2021-07-07 Exploit Author: faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
CVE-2021-33218
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access...
CVE-2021-33218
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access...
CVE-2021-33216
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account...