Exploit for Missing Authentication for Critical Function in Terra-Master Terramaster_Operating_System

terraMaster-CVE-2022-24990 Tool Introduction A quick-use...

pfSense pfBlockerNG 2.1.4_26 Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pfSense plugin pfBlockerNG unauthenticated RCE as root', 'Description' = %q pfBlockerNG is a popular pfSense plugin that is not installed by...

Exploit for Unrestricted Upload of File with Dangerous Type in Oretnom23 Clinic\'S_Patient_Management_System

CVE-2022-40471 Remote code execution via unrestricted file up...

Exploit for Path Traversal in Vmware Cloud_Foundation

! vckillerhttps://socialify.git.ci/Schira4396/VcenterKiller/i...

DeftTorero: tactics, techniques and procedures of intrusions revealed

Earlier this year, we started hunting for possible new DeftTorero aka Lebanese Cedar, Volatile Cedar artifacts. This threat actor is believed to originate from the Middle East and was publicly disclosed to the cybersecurity community as early as 2015. Notably, no other intelligence was shared unt...

BoxBilling <=4.22.1.5 - Authenticated Unrestricted File Upload - RCE

Description BoxBilling was vulnerable to Unrestricted File Upload. In order to exploit the vulnerability, an attacker must have a valid authenticated session as admin on the CMS. With at least 1 order of product an attacker can upload malicious file to hidden API endpoint that contain a webshell...

Exploit for OS Command Injection in Netgate Pfblockerng

SenselessViolence CVE-2022-31814 pfSense pfBlockerNG = 2.1.4...

AeroCMS 代码问题漏洞

AeroCMS is a content management system from AeroCMS Inc. in the United States. A security vulnerability exists in AeroCMS version v0.0.1. An attacker exploited the vulnerability to upload a webshell and take control of the web server...

Academy Learning Management System 5.7 Shell Upload

Exploit Title: Academy Learning Management System 5.7 Shell Upload Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/academy-course-based-learning-management-system/22703468 Version: 5.7 Tested on Ubuntu 18.04 Totally wrong architecture f...

Library Management System With QR Code 1.0 Shell Upload

Title: Library Management System with QR code AttendanceFile Upload RCE Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Date: 27.06.2022 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...

Library Management System With QR Code 1.0 Shell Upload Vulnerability

Title: Library Management System with QR code AttendanceFile Upload RCE Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...

MAL-2022-3382 Malicious code in gitrepandwebshell (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1e18cb98a2102f4f0f935b117ae48c3fd63742e1a4eeacef38db5a76ae71f2c1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2021-41661

Church Management System version 1.0 is affected by a SQL anjection vulnerability through creating a user with a PHP file as an avatar image, which is accessible through the /uploads directory. This can lead to RCE on the web server by uploading a PHP webshell...

CVE-2021-41661

Church Management System version 1.0 is affected by a SQL anjection vulnerability through creating a user with a PHP file as an avatar image, which is accessible through the /uploads directory. This can lead to RCE on the web server by uploading a PHP webshell...

Exploit for Injection in Thedaylightstudio Fuel_Cms

CVE-2018-16763 - FuelCMS Exploit to trigger RCE for CVE-2...

Exploit for Improper Handling of Case Sensitivity in Vmware Spring_Framework

spring-rce-poc Testing CVE-2022-22968 Simple app vulnerable...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

CVE-2022-1388-EXP This is CVE-2022-1388-EXP Author: Caps@B...

Exploit for CVE-2022-28590

CVE-2022-28590 The original discovery and manual PoC is from...

Exploit for Path Traversal in Wso2 Api_Manager

CVE-2022-29464 CVE-2022-29464 POC exploit https://github.com/...

Exploit for Path Traversal in Wso2 Api_Manager

CVE-2022-29464 CVE-2022-29464 POC exploit Usage shell us...