ECommerce Multi-Vendor Software - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Vulnerability:Profile Arbitrary Shell Upload Google Dork: ECommerce-TIBSECART Date:11.01.2017 Vendor Homepage: http://www.tibsolutions.com/tibs-ecart/ Script Name: ECommerce-TIBSECART Script Buy Now: http://www.tibsolutions.com/tibs-ecart/...

Penny Auction Script - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Vulnerability:Profile Arbitrary Shell Upload Google Dork: Penny Auction Script Date:11.01.2017 Vendor Homepage: http://www.tibsolutions.com/tibs-eauction/ Script Name: Penny Auction Script Script Buy Now:...

ECommerce-Multi-Vendor Software - Arbitrary File Upload

ECommerce-Multi-Vendor Software - Arbitrary File Upload Vulnerability:Profile Arbitrary Shell Upload Google Dork: ECommerce-Multi-Vendor Software Date:11.01.2017 Vendor Homepage: http://www.tibsolutions.com/multi-vendor/ Script Name: ECommerce-Multi-Vendor Software Script Buy Now:...

Airbnb Clone Script - Arbitrary File Upload

Airbnb Clone Script - Arbitrary File Upload Vulnerability:Profile Arbitrary Shell Upload Google Dork: Airbnb Clone Script Date:11.01.2017 Vendor Homepage: http://www.tibsolutions.com/airbnb-clone/ Script Name: Airbnb Clone Script Script Buy Now:...

Shell Injection

rack-perftoolsprofiler is vulnerable to shell injection attacks. A malicious user can inject and execute arbitrary shell code when passing arguments to the profiler...

Less.js Untrusted File Compilation / Code Execution

Advisory: Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler RedTeam Pentesting discovered behaviour in the Less.js compiler, which allows execution of arbitrary code if an untrusted LESS file is compiled. Details ======= Product: Less...

Command injection

git-fastclone before 1.0.1 permits arbitrary shell command execution from .gitmodules. If an attacker can instruct a user to run a recursive clone from a repository they control, they can get a client to run an arbitrary shell command. Alternately, if an attacker can MITM an unencrypted git clone...

CVE-2015-8968

git-fastclone before 1.0.1 permits arbitrary shell command execution from .gitmodules. If an attacker can instruct a user to run a recursive clone from a repository they control, they can get a client to run an arbitrary shell command. Alternately, if an attacker can MITM an unencrypted git clone...

CVE-2015-8968

git-fastclone before 1.0.1 permits arbitrary shell command execution from .gitmodules. If an attacker can instruct a user to run a recursive clone from a repository they control, they can get a client to run an arbitrary shell command. Alternately, if an attacker can MITM an unencrypted git clone...

CVE-2016-7040

Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter collections...

CVE-2016-7040

Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter collections...

Design/Logic Flaw

Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter collections...

CVE-2016-7040

Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter collections...

Bezaat Script 2 Shell Upload

Exploit Title : Bezaat Script V2 Arbitrary Shell Upload Vulnerability Exploit Author : xBADGIRL21 Dork 1 : index of /SystemImagesads/ Dork 2 : Powed by Greenit Egypt for Information Technology Vendor Homepage : http://greenitegypt.net/products.php?catid=1 Tested on: BACKBOX MyBlog :...

Command injection

MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted 1 Disaster Recovery or 2 High Availability command...

CVE-2016-5879

MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted 1 Disaster Recovery or 2 High Availability command...

WordPress Tevolution 2.3.1 Shell Upload

Exploit Title : Wordpress Tevolution Plugin 2.3.1 Arbitrary Shell Upload Vulnerability Exploit Author : xBADGIRL21 Dork : inurl:/wp-content/plugins/Tevolution/tmplconnector Vendor Homepage : https://templatic.com/ version : 2.3.1 Tested on: BackBox skype:xbadgirl21 Date: 15/08/2016 video Proof :...

Command injection

The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161, and CSCux73567...

CVE-2015-6396

The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161, and CSCux73567...

CVE-2015-6396

CVE-2015-6396 affects Cisco RV110W, RV130W, and RV215W routers. The issue stems from the CLI command parser, where insufficient input validation allows an authenticated, local attacker to inject and execute arbitrary shell commands with administrator privileges. This vulnerability could enable fu...