EUVD-2018-1136

Malware in sbrugna...

Tenda AC7 ate_iwpriv_set function command injection vulnerability

Tenda AC7 is a wireless router from Tenda, a Chinese company. The Tenda AC7 suffers from a command injection vulnerability that stems from ateiwprivset failing to correctly filter construct command special characters, commands, and so on. An attacker can exploit this vulnerability to execute...

KiTTY 0.76.1.13 - Command Injection Exploit

Exploit Title: KiTTY 0.76.1.13 - Command Injection Exploit Author: DEFCESCO Austin A. DeFrancesco Vendor Homepage: https://github.com/cyd01/KiTTY/= Software Link: https://github.com/cyd01/KiTTY/releases/download/v0.76.1.13/kitty-bin-0.76.1.13.zip Version: ≤ 0.76.1.13 Tested on: Microsoft Windows...

Aigital Wireless-N Repeater Mini_Router.0.131229 Remote Command Execution Vulnerability

Exploit Title: Aigital Wireless-N Repeater - Command Injection Exploit Author: Matteo Mandolini Date : 13/04/2023 Vendor Homepage: https://web.archive.org/web/20220625053314/https://www.aigital.com/ Version: MiniRouter.0.131229 Command Injection POST /boafrm/formSysCmd HTTP/1.1 Host: 192.168.10.2...

PT-2022-8885 · Unknown · Git-Archive

Name of the Vulnerable Software and Affected Versions: git-archive versions all Description: The issue concerns Command Injection via the exports function. This allows for potential execution of arbitrary commands. Recommendations: For all versions, consider disabling the exports function as a...

elFinder PHP Connector < 2.1.48 - 'exiftran' Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'elFinder PHP Connector exiftran Command Injection', 'Description' = %q This module exploits a command injection vulnerability in elFinder version...

GL-AR300M-Lite 2.27 - (Authenticated) Command Injection Arbitrary File Download Directory Traversal

GL-AR300M-Lite 2.27 - Authenticated Command Injection Arbitrary File Download Directory Traversal Exploit Title: GL-AR300M-Lite Authenticated Command injection - Arbitrary file download - Directory Traversal Date: 15/1/2019 Exploit Author: Pasquale Turi aka boombyte Vendor Homepage:...

Imperva SecureSphere 13 - Remote Command Execution

Imperva SecureSphere 13 - Remote Command Execution Title: Imperva SecureSphere 13 - Remote Command Execution Author: rsp3ar Date: 2018-10-08 Vendor: https://www.imperva.com/products/securesphere/ CVE: N/A Version: 13.0.10, 13.1.10, 13.2.10 Tested on: SecureSphere Virtual Appliance Description PWS...

Infinite Automation / Mango Automation - Command Injection Exploit

Exploit for jsp platform in category remote exploits require 'msf/core' class MetasploitModule 'Infinite Automation Mango Automation Command Injection', 'Description' = %q This module exploits a command injection vulnerability found in Infinite Automation Systems Mango Automation v2.5.0 - 2.6.0...

Haraka 2.8.9 - Remote Command Execution

Haraka 2.8.9 - Remote Command Execution !/usr/bin/python Exploit Title: Harakiri ShortDescription: Haraka comes with a plugin for processing attachments. Versions before 2.8.9 can be vulnerable to command injection Exploit Author: xychix xychix at hotmail.com / mark at outflank.nl Date: 26 Januar...

dbdisplay-exec.txt

...:::::dbdisplay.plall versions Remote execut Vulnerability::::.... Virangar Security Team www.virangar.org -------- Discoverd By : black.shadowes & hadihadi special tnx to:MR.nosrati,MR.hesy,satan,IGI,zahra & all virangar members & all iranian hackerz greetz:to my best friend in the world...