Command injection

In Hunesion i-oneNet version 3.0.7 3.0.53 and 4.0.4 4.0.16, the specific upload web module doesn't verify the file extension and type, and an attacker can upload a webshell. After the webshell upload, an attacker can use the webshell to perform remote code exection such as running a system comman...

CVE-2019-12803 Hunesion i-oneNet unrestricted file upload vulnerability

In Hunesion i-oneNet version 3.0.7 3.0.53 and 4.0.4 4.0.16, the specific upload web module doesn't verify the file extension and type, and an attacker can upload a webshell. After the webshell upload, an attacker can use the webshell to perform remote code exection such as running a system comman...

CVE-2019-12803

CVE-2019-12803 affects Hunesion i-oneNet, versions 3.0.7–3.0.53 and 4.0.4–4.0.16. The root cause is a vulnerable upload web module that does not properly verify the file extension and type, enabling an attacker to upload a webshell. The webshell can then be used for remote code execution, includi...

PT-2019-12953 · Hunesion · Hunesion I-Onenet

Name of the Vulnerable Software and Affected Versions: Hunesion i-oneNet versions 3.0.7 through 3.0.53 Hunesion i-oneNet versions 4.0.4 through 4.0.16 Description: The issue arises from the specific upload web module not verifying the file extension and type, allowing an attacker to upload a...

File Upload Vulnerability in MetInfo Version 6.2.0

MetInfo adopts PHP + Mysql architecture, which is a cms building system for enterprise website construction. A file upload vulnerability exists in MetInfo version 6.2.0. It allows attackers to upload webshell and gain server privileges...

SeedDMS versions < 5.1.11 - Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit Title: Remote Command Execution through Unvalidated File Upload in SeedDMS versions "; $cmd = $REQUEST'cmd'; system$cmd; echo ""; die; ? Step 3: Now after uploading the file check the document id corresponding to the document. Step 4:...

Exploit for Cross-site Scripting in Netgate Pfsense

CVE-2019-12949 From Cross Site Scripting Vulnerability to Re...

Exploit for Injection in Oracle Agile_Plm

WebLogic CVE-2019-2725, CVE-2019-2729 – POC Execute comman...

SeedDMS Remote Command Execution

Exploit Title: Remote Command Execution through Unvalidated File Upload in SeedDMS versions "; $cmd = $REQUEST'cmd'; system$cmd; echo ""; die; ? Step 3: Now after uploading the file check the document id corresponding to the document. Step 4: Now go to...

File Upload Vulnerability in Waychar 120 Emergency Command Center Web Services System

120 Emergency Command Center Web Service System is a set of web application services for 120 Emergency Command Center, including internal training, learning and assessment functions. A file upload vulnerability exists in the waychar 120 Emergency Command Center Web Service System. The vulnerabili...

WordPress Plugin Insert or Embed Articulate Content into WordPress - Remote Code Execution

Exploit Title: Authenticated code execution in insert-or-embed-articulate-content-into-wordpress Wordpress plugin Description: It is possible to upload and execute a PHP file using the plugin option to upload a zip archive Date: june 2019 Exploit Author: xulchibalraa Vendor Homepage:...

File Upload Vulnerability in Tpshop v3.5 Ue***.php Page

Tpshop is a set of multi-merchant mode developed by Shenzhen Soleil Networks Limited mall system. A file upload vulnerability exists in the Tpshop v3.5 Ue.php page. It allows an attacker to upload a webshell and gain server privileges...

Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Shopware createInstanceFromNamedArguments PHP Object Instantiation RCE", 'Description' = %q This module exploits a php object instantiation...

Shopware createInstanceFromNamedArguments PHP Object Instantiation Exploit

This Metasploit module exploits a php object instantiation vulnerability that can lead to remote code execution in Shopware. An authenticated backend user could exploit the vulnerability. The vulnerability exists in the createInstanceFromNamedArguments function, where the code insufficiently...

Shopware createInstanceFromNamedArguments PHP Object Instantiation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Shopware createInstanceFromNamedArguments PHP Object Instantiation RCE", 'Description' = %q This module exploits a php object instantiation...

Using SMB to bypass PHP Remote File Inclusion limit-vulnerability warning-the black bar safety net

In this article, I share a little bit of PHP Program in a remote file inclusion vulnerability, it will often be in the file contains is use. Although the PHP environment has been configured to prohibit from the remote HTTP/FTP URL contains the file, but I will share how to bypass Remote File...

Shopware createInstanceFromNamedArguments PHP Object Instantiation RCE

This module exploits a php object instantiation vulnerability that can lead to RCE in Shopware. An authenticated backend user could exploit the vulnerability. The vulnerability exists in the createInstanceFromNamedArguments function, where the code insufficiently performs whitelist check which ca...

Scanners-Box

This is a collection of open-source scanning tools and wordlists for web application security testing. The repository, Scanners-Box, is a collection of tools from various contributors, including lijiejie, ringzero, and others. The tools are categorized into subdomains, database vulnerability...

File upload vulnerability in the up***.php file of Pangu's backend management system

Pangu Network is a regional service operator authorized by Baidu, a group of companies providing integrated network marketing services to customers in the region with Baidu's business as the core. A file upload vulnerability exists in the up.php file of Pangu's backend management system. An...

File upload vulnerability in the vi***_ed***.php file of the backend management system of Acme CMS

Acme CMS is a CMS builder using PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction. There is a file upload vulnerability in the vied.php file in the background management system of Acme CMS. Attackers can use the vulnerability to upload webshe...