2170 matches found
CVE-2023-25828
Pluck CMS is vulnerable to an authenticated remote code execution RCE vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization process...
CVE-2023-25828
Pluck CMS is vulnerable to an authenticated remote code execution RCE vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization process...
CVE-2023-25828 Authenticate Remote Code Execution in Pluck CMS
Pluck CMS is vulnerable to an authenticated remote code execution RCE vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization process...
CVE-2023-25828
Pluck CMS (authenticated) is vulnerable to remote code execution via the albums module. A lack of file extension validation allows uploading a crafted JPEG payload containing an embedded PHP web-shell, which an authenticated admin can access to achieve RCE on the web server. Affected: Pluck CMS a...
CVE-2023-25828 Authenticate Remote Code Execution in Pluck CMS
Pluck CMS is vulnerable to an authenticated remote code execution RCE vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization process...
SimpleMachinesForum 2.1.1 Remote Code Execution
Exploit Title: SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 7th March 2022 CVE ID: CVE-2022-26982 Confirmed on release 2.1.1 Vendor: https://download.simplemachines.org/ Note- Once we insert the vulnerabl...
SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution Vulnerability
Exploit Title: SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane CVE ID: CVE-2022-26982 Confirmed on release 2.1.1 Vendor: https://download.simplemachines.org/ Note- Once we insert the vulnerable php code, we can ev...
Abantecart 1.3.2 Remote Code Execution
Exploit Title: Abantecart v1.3.2 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 3rd Mar'2022 CVE ID: CVE-2022-26521 Confirmed on release 1.3.2 Vendor: https://www.abantecart.com/download Step1- Login with Admin Credentials Step2-...
Abantecart v1.3.2 - Authenticated Remote Code Execution Vulnerability
Exploit Title: Abantecart v1.3.2 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane CVE ID: CVE-2022-26521 Confirmed on release 1.3.2 Vendor: https://www.abantecart.com/download Step1- Login with Admin Credentials Step2- Uploading .php files i...
PT-2023-20333 · Pluck Cms · Pluck Cms
Name of the Vulnerable Software and Affected Versions: Pluck CMS affected versions not specified Description: The issue concerns an authenticated remote code execution RCE vulnerability through the "albums" module. This module allows the creation of image collections that can be inserted into web...
Abantecart v1.3.2 - Authenticated Remote Code Execution
Exploit Title: Abantecart v1.3.2 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 3rd Mar'2022 CVE ID: CVE-2022-26521 Confirmed on release 1.3.2 Vendor: https://www.abantecart.com/download Step1- Login with Admin Credentials Step2-...
SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution
Exploit Title: SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 7th March 2022 CVE ID: CVE-2022-26982 Confirmed on release 2.1.1 Vendor: https://download.simplemachines.org/ Note- Once we insert the vulnerabl...
GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks
A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet. "GoBruteforcer chose a Classless Inter-Domain Routing CIDR block for scanning the network during the attack, and it targeted all I...
GoBruteforcer: New Golang-Based Malware Breaches Web Servers via Brute-Force Attacks
A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet. "GoBruteforcer chose a Classless Inter-Domain Routing CIDR block for scanning the network during the attack, and it targeted all I...
Authentication Remote Code Execution
Description Found authenticated Remote Code Execution RCE on pluck 4.7.15 While reading the source code found blacklisted extension are mentioned in the file data/inc/files.php at line 44 and 45. File upload function validating the file extension is match any one of the following extension .php,...
Malware targeting SonicWall devices could survive firmware updates
Researchers at Mandiant have identified a malware campaign targeting SonicWall SMA 100 Series appliances, thought to be of Chinese origin. The malware was likely deployed in 2021, and was able to persist on the appliances tenaciously, even surviving firmware upgrades. The malware was able to stea...
New Version of Prometei Botnet Infects Over 10,000 Systems Worldwide
An updated version of a botnet malware called Prometei has infected more than 10,000 systems worldwide since November 2022. The infections are both geographically indiscriminate and opportunistic, with a majority of the victims reported in Brazil, Indonesia, and Turkey. Prometei, first observed i...
CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation. Tracked as CVE-2022-36537 CVSS score: 7.5, the issue impacts ZK Framework versions...
SQL Injection leads to code execution
Description This vulnerability allows the attacker to leverage a SQL injection attack in the database backup functionality to write arbitrary data to an arbitrary file on disk anywhere where the user can write. This includes the webroot in a default installation allowing the attack to place a web...
CVE-2022-47769
An arbitrary file write vulnerability in Serenissima Informatica Fast Checkin v1.0 allows unauthenticated attackers to upload malicious files in the web root of the application to gain access to the server via the web shell...