OS Command Exec, Unix Command Shell, Bind TCP (via Zsh)

Execute an OS command from PHP. Listen for a connection and spawn a command shell via Zsh. Note: Although Zsh is often available, please be aware it isn't usually installed by default. Module Options msf use payload/php/unix/cmd/bindzsh msf payloadbindzsh show actions ...actions... msf...

OS Command Exec, Unix Command Shell, Double Reverse TCP (telnet)

Execute an OS command from PHP. Creates an interactive shell through two inbound connections Module Options msf use payload/php/unix/cmd/reverse msf payloadreverse show actions ...actions... msf payloadreverse set ACTION msf payloadreverse show options ...show and set options... msf payloadrevers...

Virus.Win32.Shodi.e Remote Command Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/37d4a5ba123dd32f1e2c4ba0be14e77cB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Virus.Win32.Shodi.e Vulnerability: Unauthenticated Remote Command Execution Description: The virus...

WordPress Advanced Uploader 2.10 Shell Upload

----------------------------------------- 0-DAY Aint DIE | No Priv8 | KedAns-Dz ----------------------------------------- ---------------------------- K |................| . h |.......................| A a |.......................| N l |.....................| S E |.......................| e D...

sNews <= 1.5.30 Remote Reset Admin Pass / Command Exec Exploit

No description provided by source. ?php printr' --------------------------------------------------------------------------- sNews = 1.5.30 unauthorized access / reset admin pass / cmd exec exploit by rgod dork: Barbecued by sNews mail: retrog at alice dot it site: http://retrogod.altervista.org...

Barracuda Load Balancer‘/cgi-mod/index.cgi’远程命令注入漏洞

BUGTRAQ ID: 65508 Barracuda Load Balancer是美国梭子鱼（Barracuda Networks）公司的一款应用交付控制器。该控制器提供对入侵和攻击事件的防护功能，并同时优化应用负载和提供强大的性能支持。 Barracuda Load Balancer中存在远程命令注入漏洞。攻击者可利用该漏洞在受影响应用程序上下文中执行任意命令。Barracuda Load Balancer 340 4.2.2.007版本中存在漏洞，其他版本也可能受到影响。 0 Barracuda Load Balancer 340 4.2.2.007...

AlegroCart FredCK-Editor (ASPELL for WinSRV) Remote Command Exec

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Cisco IOS Command EXEC Unspecified Vulnerability

An unspecified vulnerability in Command EXEC allows local users to bypass command restrictions and obtain sensitive information via an unspecified 'variation of an IOS command'. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17775; scriptversion"1.5";...

Micronation Banking System Command Execution

!/usr/bin/perl MiNBank 1.5.0 Remote Command Execution Exploit download: http://downloads.sourceforge.net/minbank/ Author: Jose Luis Gongora Fernandez 'aka' JosS mail: sys-projectathotmaildotcom site: http://www.hack0wn.com/ team: Spanish Hackers Team - SHT Hack0wn Security Project!! This was...

Hipergate v4.0.12 Multiple Vulnerabilities

Exploit for jsp platform in category web applications ========================================== Hipergate v4.0.12 Multiple Vulnerabilities ========================================== Permanent XSS: Advisory Name: Permanent Cross-Site Scripting XSS in Hipergate 4.0.12 Vulnerability Class: Permanen...

Hipergate 4.0.12 - Multiple Vulnerabilities

Permanent XSS: Advisory Name: Permanent Cross-Site Scripting XSS in Hipergate 4.0.12 Vulnerability Class: Permanent Cross-Site Scripting XSS Release Date: 2010-02-02 Affected Applications: Confirmed in Hipergate 4.0.12. Other versions may also be affected Affected Platforms: Multiple Local /...

CVE-2007-5549

Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only disclosure is a vague...

Stack overflow

Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka 1 PSIRT-0474975756 and 2 PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is fr...

CVE-2007-5549

Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only disclosure is a vague...

CVE-2007-5548

Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka 1 PSIRT-0474975756 and 2 PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is fr...

CVE-2007-5549

Cisco IOS: vulnerable component is Command EXEC that allows local users to bypass command restrictions and access sensitive information via an unspecified variation of an IOS command (two disclosed methods, CSCsk16129). The exact root cause, affected IOS versions, and remediation are not provided...

MkPortal - Multiple SQL Injection Vulnerabilities

We tried very hard to find wslabis mkportal SQL Injection but after ten minutes of "research" we decided that it is hopeless to find exactly the same bug and therefore we release a compilation of mkportal sql injections for the interested reader. Some of them are junk because you need a moderator...

LS simple guestbook &#40;v1&#41; Remote Code Execution Vulnerability

Special Greetings To - Timq,Warpboy,The-Maggot File: index.php Affects: LS simple guestbook v1 Date: 15th April 2007 Issue Description: =========================================================================== LS simple guestbook fails to sanitize user input that it writes to the posts.txt file...

sNews <= 1.5.30 Remote Reset Admin Pass / Command Exec Exploit

Exploit for unknown platform in category web applications ============================================================== sNews = 1.5.30 Remote Reset Admin Pass / Command Exec Exploit ============================================================== ?php printr'...

[Full-disclosure] [SECURITY] [DSA 1090-1] New spamassassin packages fix remote command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1090-1 [email protected] http://www.debian.org/security/ Martin Schulze June 6th, 2006 http://www.debian.org/security/faq -...