Wordpress SQLi — PoC

In order to understand the writing here, you need to read the previous explanation https://medium.com/websec/wordpress-sqli-bbb2afcc8e94. If you got it, then we can jump to the part and solve the question e.g. how to update / insert our sql payload into thumbnailid post meta. PoC start - Login to...

Wordpress <= 4.8.2 SQL Injection POC

Author: Ambulong@vulspy I found this vulnerability after reading slavco’s post, and reported it to Wordpress Team via Hackerone on Sep. 2nd, 2017. But, unfortunately, WordPress team didn’t pay attention to this report too. SQL Injection Details Wordpress SQLi by slavco Wordpress SQLi — PoC by...

CVE-2016-5002

XML external entity XXE vulnerability in the Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery SSRF attacks via a crafted DTD...

CVE-2016-5003

A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a element. Mitigation Setting...

CVE-2016-5002

XML external entity XXE vulnerability in the Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery SSRF attacks via a crafted DTD...

CVE-2016-5003

The Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an element...

Server side request forgery (ssrf)

XML external entity XXE vulnerability in the Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery SSRF attacks via a crafted DTD...

Code injection

The Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an element...

CVE-2016-5003

The Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an element...

CVE-2016-5002

XML external entity XXE vulnerability in the Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery SSRF attacks via a crafted DTD...

CVE-2016-5003

The Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an element...

CVE-2016-5003

The CVE-2016-5003 issue affects Apache XML-RPC (ws-xmlrpc) v3.1.3 as used in Apache Archiva. It enables remote code execution via deserialization of untrusted Java objects in an ex:serializable element. Public docs (NVD) cite a high/critical impact with network access and no authentication, and m...

CVE-2016-5002

CVE-2016-5002 concerns the Apache XML-RPC (ws-xmlrpc) library 3.1.3 as used by Apache Archiva. The vulnerability is an XML external entity (XXE) issue that allows a remote attacker to trigger server-side request forgery (SSRF) via a crafted DTD. The connected Nessus/Gentoo advisories corroborate ...

supervisor: Command injection via malicious XML-RPC request

A vulnerability was found in the XML-RPC interface in supervisord. When processing malformed commands, an attacker can cause arbitrary shell commands to be executed on the server as the same user as supervisord. Exploitation requires the attacker to first be authenticated to the supervisord servi...

CVE-2014-0030

The XML-RPC protocol support in Apache Roller before 5.0.3 allows attackers to conduct XML External Entity XXE attacks via unspecified vectors...

Xxe

The XML-RPC protocol support in Apache Roller before 5.0.3 allows attackers to conduct XML External Entity XXE attacks via unspecified vectors...

CVE-2014-0030

Apache Roller prior to 5.0.3 is vulnerable to XML External Entity (XXE) attacks via its XML-RPC protocol support. The issue allows an attacker to trigger XXE and read sensitive files (File Disclosure). Affected component: XML-RPC/XML processing in Roller; root cause: XXE in XML parsing. Exploitat...

CVE-2014-0030

The XML-RPC protocol support in Apache Roller before 5.0.3 allows attackers to conduct XML External Entity XXE attacks via unspecified vectors...

Supervisor XML-RPC Authenticated Remote Code Execution Exploit

This Metasploit module exploits a vulnerability in the Supervisor process control software, where an authenticated client can send a malicious XML-RPC request to supervisord that will run arbitrary shell commands on the server. The commands will be run as the same user as supervisord. Depending o...

Supervisor 3.0a1 &lt; 3.3.2 - XML-RPC (Authenticated) Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Supervisor XML-RPC Authenticated Remote Code Execution", 'Description' = %q This module exploits a vulnerability in the Supervisor process control...