2172 matches found
Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms
Chamilo-LMS-CVE-2023-4220-Exploit This is an Exploit for Unres...
Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms
Chamilo-LMS-CVE-2023-4220-Exploit This is an Exploit for Unres...
RedJuliett Cyber Espionage Campaign Hits 75 Taiwanese Organizations
A likely China-linked state-sponsored threat actor has been linked to a cyber espionage campaign targeting government, academic, technology, and diplomatic organizations in Taiwan between November 2023 and April 2024. Recorded Future's Insikt Group is tracking the activity under the name...
AEGON LIFE 1.0 Remote Code Execution
Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/...
AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)
Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/...
Backdrop CMS 1.27.1 - Remote Command Execution Exploit
Exploit Title: Backdrop CMS 1.27.1 - Remote Command Execution RCE Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.27.1/backdrop.zip Version: latest Tested on: MacOS import os import time import...
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion
The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now dates back to December 31, 2023. The attack, which came to light last month, singled out MITRE's Networked Experimentation, Research, and Virtualization...
Exploit for Deserialization of Untrusted Data in Fasterxml Jackson-Databind
hacktheboxoscp 介绍 准备oscp考试过程中做的hackthebox里的oscp向靶机 因为oscp考试内容改变,新增域渗透。所以还有红日出的vulnstack靶场 新增:endgame,fortresses,open beta season对应HTB相应的栏目。是oscp向靶机列表外练手打的 靶机摘要 hackthebox lame lame vsftpd笑脸漏洞烟雾弹,samba服务漏洞才是真凶 legacy ms08-067,但靶机有点问题,除了第一次,后面都连不上端口了 blue blue 神似 修改命名管道,手打ms17-010 Devel Devel 神似...
Exploit for Unrestricted Upload of File with Dangerous Type in Cubecart
Arbitrary File Upload Leads to RCE CVE-2024-33438 CubeCart &...
CVE-2023-31090
Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates allows Upload a Web Shell to a Web Server.This issue affects Unlimited Elements For Elementor Free Widgets, Addons, Templates: from n/a through 1.5....
CVE-2023-31090
Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates allows Upload a Web Shell to a Web Server.This issue affects Unlimited Elements For Elementor Free Widgets, Addons, Templates: from n/a through 1.5....
CVE-2023-31090 WordPress Unlimited Elements For Elementor plugin <= 1.5.60 - Unrestricted Zip Extraction vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates allows Upload a Web Shell to a Web Server.This issue affects Unlimited Elements For Elementor Free Widgets, Addons, Templates: from n/a through 1.5....
CVE-2023-31090
CVE-2023-31090 affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates) up to version 1.5.60. The issue is described as an Unrestricted Zip Extraction vulnerability, enabling potential code execution/unauthorized access via crafted ZIP handling. Patchstack notes fix in 1.5.61; P...
PT-2024-12261 · Elementor · Unlimited Elements For Elementor
Name of the Vulnerable Software and Affected Versions: Unlimited Elements For Elementor Free Widgets, Addons, Templates versions 1.5.60 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a...
FileCatalyst Workflow ftpservlet file upload
Added: 04/08/2024 Background FileCatalyst Workflow is a managed file transfer product. Problem The ftpservlet component in the FileCatalyst Workflow web portal is affected by a directory traversal vulnerability which could allow an anonymous user to upload files to arbitrary locations. This leads...
CVE-2024-27951
Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows Upload a Web Shell to a Web Server.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0...
CVE-2024-27951
Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows Upload a Web Shell to a Web Server.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0...
CVE-2024-27951 WordPress Multiple Page Generator Plugin <= 3.4.0 - Auth. Remote Code Execution (RCE) vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows Upload a Web Shell to a Web Server.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0...
CVE-2024-27951 WordPress Multiple Page Generator Plugin <= 3.4.0 - Auth. Remote Code Execution (RCE) vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows Upload a Web Shell to a Web Server.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0...
PT-2024-22158 · WordPress · Multiple Page Generator Plugin
Name of the Vulnerable Software and Affected Versions: Multiple Page Generator Plugin – MPG versions 3.4.0 and earlier Description: The issue allows an unrestricted upload of a file with a dangerous type, enabling the upload of a web shell to a web server. This can lead to potential security risk...