85 matches found
MyBB < 1.8.21 - Remote Code Execution
/ Exploit Title: MyBB 1.8.21 Authenticated RCE Date: July 24, 2019 Exploit Author: Giovanni Chhatta https://www.linkedin.com/in/giovannichhatta/ Vendor Homepage: https://mybb.com/ Software Link: https://resources.mybb.com/downloads/mybb1820.zip Version: 1.8.20 Tested on: Windows 10 Blog:...
SPIP 3.1.x/3.2.x Authenticated RCE Vulnerability
SPIP allows authenticated visitors to execute arbitrary code on the host server because varmemotri is mishandled. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
Alcatel-Lucent Nokia GPON I-240W-Q - Buffer Overflow !/usr/bin/python3 import argparse import requests import urllib.parse import binascii import re def runtarget: """ Execute exploitation """ We're using CVE-2018-10561 and/or it's extension in order to exploit this Authenticated RCE in usbForm...
Western Digital My Cloud Pro Series PR2100 Authenticated RCE
Vulnerability Summary A vulnerability in the Western Digital My Cloud Pro Series PR2100 allows authenticated users to execute commands arbitrary commands. Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor...
Cobbler 2.8.0 - (Authenticated) Remote Code Execution
Cobbler 2.8.0 - Authenticated Remote Code Execution !/usr/bin/python """ Exploit title: Cobbler 2.8.x Authenticated RCE. Author: Dolev Farhi Contact: dolevf at protonmail.com @hack6tence Date: 03-16-2017 Vendor homepage: cobbler.github.io Software version: v.2.5.160805 Software Description...