Lucene search
K

9792 matches found

0day.today
0day.today
added 2021/10/25 12:0 a.m.412 views

Apache HTTP Server 2.4.50 - Remote Code Execution Exploit (2)

Exploit: Apache HTTP Server 2.4.50 - Remote Code Execution RCE 2 Credits: Ash Daulton & cPanel Security Team Exploit Author: TheLastVvV.com Vendor Homepage: https://apache.org/ Version: Apache 2.4.50 with CGI enable Tested on : Debian 5.10.28 CVE : CVE-2021-42013 !/bin/bash echo 'PoC CVE-2021-420...

9.8CVSS0.99964EPSS
Exploits62
GithubExploit
GithubExploit
added 2021/10/24 12:57 p.m.381 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-42013Reverse-Shell PoC CVE-2021-42013 reverse shell...

9.8CVSS9.3AI score0.99964EPSS
Exploits62
Packet Storm
Packet Storm
added 2021/10/24 12:0 a.m.640 views

Apache HTTP Server 2.4.50 Remote Code Execution

Exploit: Apache HTTP Server 2.4.50 - Remote Code Execution RCE 2 Credits: Ash Daulton & cPanel Security Team Date: 24/07/2021 Exploit Author: TheLastVvV.com Vendor Homepage: https://apache.org/ Version: Apache 2.4.50 with CGI enable Tested on : Debian 5.10.28 CVE : CVE-2021-42013 !/bin/bash echo...

7.5CVSS0.1AI score0.99964EPSS
Exploits62
GithubExploit
GithubExploit
added 2021/10/23 9:37 p.m.304 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Poc CVE-2021-41773 - Apache 2.4.49...

7.5CVSS9.5AI score0.99992EPSS
Exploits148
GithubExploit
GithubExploit
added 2021/10/23 12:31 p.m.304 views

Exploit for Path Traversal in Apache Http_Server

Apache 2.4.49 - Path Traversal or Remote Code Execution cve-20...

7.5CVSS8.7AI score0.99992EPSS
Exploits148
OSV
OSV
added 2021/10/21 8:15 a.m.2 views

CVE-2021-23139

A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations...

7.5CVSS7.1AI score0.01074EPSS
Exploits0References2
Prion
Prion
added 2021/10/21 8:15 a.m.14 views

Null pointer dereference

A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations...

5CVSS7.4AI score0.01074EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2021/10/21 7:46 a.m.14 views

CVE-2021-23139

A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations...

7.6AI score0.01074EPSS
Exploits0References2
CVE
CVE
added 2021/10/21 7:46 a.m.52 views

CVE-2021-23139

The CVE-2021-23139 issue affects Trend Micro Apex One and Worry-Free Business Security 10.0 SP1. A null pointer dereference in the CGI interface can allow a remote attacker to crash the CGI process, resulting in a denial of service. Descriptions and connected documents confirm the vulnerability i...

7.5CVSS7.4AI score0.01074EPSS
Exploits0References2Affected Software3
Saint
Saint
added 2021/10/21 12:0 a.m.142 views

Apache HTTP Server path traversal

Added: 10/21/2021 Background Apache HTTP Server is an HTTP server implementation for Linux and Windows. Problem A path traversal vulnerability allows remote attackers to execute arbitrary commands in certain configurations if CGI scripts are enabled. Resolution Upgrade to Apache HTTP Server 2.4.5...

8.2AI score
Exploits0
Saint
Saint
added 2021/10/21 12:0 a.m.51 views

Apache HTTP Server path traversal

Added: 10/21/2021 Background Apache HTTP Server is an HTTP server implementation for Linux and Windows. Problem A path traversal vulnerability allows remote attackers to execute arbitrary commands in certain configurations if CGI scripts are enabled. Resolution Upgrade to Apache HTTP Server 2.4.5...

8.2AI score
Exploits0
Saint
Saint
added 2021/10/21 12:0 a.m.366 views

Apache HTTP Server path traversal

Added: 10/21/2021 Background Apache HTTP Server is an HTTP server implementation for Linux and Windows. Problem A path traversal vulnerability allows remote attackers to execute arbitrary commands in certain configurations if CGI scripts are enabled. Resolution Upgrade to Apache HTTP Server 2.4.5...

1.1AI score
Exploits0
CNVD
CNVD
added 2021/10/18 12:0 a.m.7 views

Trend Micro Worry-Free Business Security Code Issue Vulnerability

Trend Micro Worry-Free Business Security is a suite of enterprise-class information security protection solutions from Trend Micro. The product provides anti-spam, anti-virus, network security and e-mail protection. Trend Micro Worry-Free Business Security suffers from a code issue vulnerability...

7.5CVSS7.1AI score0.01074EPSS
Exploits0References1
CNVD
CNVD
added 2021/10/16 12:0 a.m.31 views

GoAhead file upload vulnerability

GoAhead is an open source small embedded web server from Embedthis Software, U.S. GoAhead is vulnerable to a file upload vulnerability that stems from incomplete filter processing in the file upload filter. An attacker could exploit this vulnerability to import untrusted environment variables int...

9.8CVSS1.5AI score0.5946EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2021/10/15 9:38 p.m.1154 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 🐛 Path traversal and file disclosure vulnera...

7.5CVSS8.5AI score0.99992EPSS
Exploits148
GithubExploit
GithubExploit
added 2021/10/14 6:0 p.m.734 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-42013 Introduction It was found that the fix for C...

9.8CVSS9.8AI score0.99992EPSS
Exploits173
NVD
NVD
added 2021/10/14 6:15 a.m.17 views

CVE-2021-42342

An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables into vulnerable CGI scripts...

9.8CVSS0.5946EPSS
Exploits2References1
Prion
Prion
added 2021/10/14 6:15 a.m.15 views

Design/Logic Flaw

An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables into vulnerable CGI scripts...

7.5CVSS9.3AI score0.5946EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2021/10/14 5:8 a.m.133 views

CVE-2021-42342

CVE-2021-42342 affects EmbedThis GoAhead Web Server (GoAhead) prior to 5.1.5. The issue is in the file upload filter: user form variables can reach CGI scripts without the CGI_ prefix, allowing untrusted environment variables to be passed and enabling remote code execution. Affected component: fi...

9.8CVSS9.3AI score0.5946EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2021/10/14 5:8 a.m.20 views

CVE-2021-42342

An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables into vulnerable CGI scripts...

9.6AI score0.5946EPSS
Exploits2References1
Rows per page
Query Builder