Rejetto HTTP File Server - Template injection

This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. id: CVE-2024-23692 info: name: Rejetto HTTP File Server - Template injection author: johnk3r severity: critical description: | This...

kernel: net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, fix memory leak in mlx5drcmdcreatereformatctx when mlx5cmdexec failed in mlx5drcmdcreatereformatctx, the memory pointed by 'in' is not released, which will cause memory leak. Move memory release after mlx5cmdexec...

Command injection

OS command injection vulnerability in PIX-RT100 versions RT100TEQ2.1.1EQ101 and RT100TEQ2.1.2EQ101 allows a network-adjacent attacker who can access product settings to execute an arbitrary OS command...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4034 this tool use for pkexec single command execut...

CVE-2020-7356 Cayin xPost SQL Injection

CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter 'wayfinderseqid' in wayfindermeetinginput.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injectin...

Online Discussion Forum Site 1.0 - Remote Code Execution

Exploit Title: Online Discussion Forum Site 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-05-24 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://www.sourcecodester.com/php/14233/online-discussion-forum-site.html Software Link:...

CVE-2018-1391

IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could cause a denial of service. IBM X-Force ID: 138376...

Oracle WebLogic Server 10.3.6.0.0 12.x - Remote Command Execution

Oracle WebLogic Server 10.3.6.0.0 12.x - Remote Command Execution import requests import sys urlin = sys.argv1 payloadurl = urlin + "/wls-wsat/CoordinatorPortType" payloadheader = 'content-type': 'text/xml' def payloadcommand commandin: htmlescapetable = "&": "&", '"': """, "'": "'", "": "",...

WebKit Editor::Command::execute Universal Cross Site Scripting

WebKit: UXSS via Editor::Command::execute CVE-2017-2504 Here's a snippet of Editor::Command::execute used to handle |document.execCommand|. bool Editor::Command::executeconst String& parameter, Event triggeringEvent const if !isEnabledtriggeringEvent // Let certain commands be executed when...

Apple WebKit Safari 10.0.3(12602.4.8) - Editor::Command::execute Universal Cross-Site Scripting

Apple WebKit Safari 10.0.312602.4.8 - Editor::Command::execute Universal Cross-Site Scripting document-updateLayoutIgnorePendingStylesheets; return mcommand-executemframe, triggeringEvent, msource, parameter; This method is invoked under an |EventQueueScope|. But...

Apple WebKit / Safari 10.0.3(12602.4.8) - 'Editor::Command::execute' Universal Cross-Site Scripting

document-updateLayoutIgnorePendingStylesheets; return mcommand-executemframe, triggeringEvent, msource, parameter; This method is invoked under an |EventQueueScope|. But |updateLayoutIgnorePendingStylesheets| invokes |MediaQueryMatcher::styleResolverChanged| that directly calls |handleEvent| not...

Redis Command Execute Scanner

This module locates Redis endpoints by attempting to run a specified Redis command. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Redis Command Execute Scanner', 'Description' = %q This modul...

Zenphoto - Config Update and Command Execute Vulnerability

No description provided by source. ?php / | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-26-zenphoto-config-update-and-command-execute-vulnerability/ Abysssec Inc Public Advisory Title :...

telepark wiki 2.4.23 - Multiple Vulnerabilities

No description provided by source. Abysssec Inc Public Advisory Title : Telepark Wiki Multiple Remote Vulnerabilities Affected Version : = v2.4.23 Vendor Site : www.teamtodo.com Discovery : www.Abysssec.com Vendor contact : 8 november Vendor response : 9 november patch is available in vendor...

xmlrpc.php Library <= 1.3.0 - Remote Command Execute Exploit (2)

No description provided by source. ------------------------------------------------------- /| | | | | /\ | | / \ \ / / |\ | | / /\ \ \ | | / | | | || \ || | | | / /\ | \ || | / | | | ||/ || | || / \ | || || | / | | | || \ || | | / / \ \ | || || | / | | ||| || | | / |/ | || || | | | | || /| |...

Avaya WinPDM UniteHostRouter <= 3.8.2 - Remote Pre-Auth Command Execute

No description provided by source. Abysssec Public Exploit more info www.abysssec.com Avaya WinPDM UniteHostRouter = 3.8.2 Remote Pre-Auth Command Execute A boundary error in the Unite Host Router service UniteHostRouter.exe when processing certain requests can be exploited to cause a stack-based...

apphp Micro Cms 1.0.1 Remote Command Execute

Exploit for php platform in category web applications ----------exploit Debut Remote Command Execute ----------Author Info Name : JIKO ----------Script Info Site : http://www.apphp.com Download : http://www.apphp.com/downloadsfree/phpmicrocms101.zip Name : Micro Cms Version : 1.0.1...

Avaya WinPDM UniteHostRouter 3.8.2 Buffer Overflow

Abysssec Public Exploit more info www.abysssec.com Avaya WinPDM UniteHostRouter = v2 || v4 = v3 + 1, v5 = strpbrkv3 + 1, ":/? \n\r", v5 v2 result = 0; else v6 = v5 - v4; memcpya2, v4, v6; // vulnerable memcpy BYTE a2 + v6 = 0; result = 1; return result; signed int cdecl sub403160patchedconst char...

Avaya WinPDM UniteHostRouter <= 3.8.2 Pre-Auth Command Execute

Exploit for windows platform in category remote exploits Abysssec Public Exploit more info www.abysssec.com Avaya WinPDM UniteHostRouter = v2 || v4 = v3 + 1, v5 = strpbrkv3 + 1, ":/? \n\r", v5 v2 result = 0; else v6 = v5 - v4; memcpya2, v4, v6; // vulnerable memcpy BYTE a2 + v6 = 0; result = 1;...

Avaya WinPDM UniteHostRouter 3.8.2 - Remote Command Execution

Abysssec Public Exploit more info www.abysssec.com Avaya WinPDM UniteHostRouter = v2 || v4 = v3 + 1, v5 = strpbrkv3 + 1, ":/? \n\r", v5 v2 result = 0; else v6 = v5 - v4; memcpya2, v4, v6; // vulnerable memcpy BYTE a2 + v6 = 0; result = 1; return result; signed int cdecl sub403160patchedconst char...