623 matches found
CVE-2020-8821
Affected software: Webmin 1.941 and earlier. Root cause: Improper data validation in the Command Shell Endpoint allows HTML to be submitted in the Command field; HTML is rendered in Action Logs and across users, with no JavaScript execution. Impact: HTML rendering in logs and cross-user persisten...
CVE-2020-8821
An Improper Data Validation Vulnerability exists in Webmin 1.941 and earlier affecting the Command Shell Endpoint. A user may enter HTML code into the Command field and submit it. Then, after visiting the Action Logs Menu and displaying logs, the HTML code will be rendered however, JavaScript is...
CVE-2020-26894
LiveCode v9.6.1 on Windows allows local, low-privileged users to gain privileges by creating a malicious "cmd.exe" in the folder of the vulnerable LiveCode application. If the application is using LiveCode's "shell" function, it will attempt to search for "cmd.exe" in the folder of the current...
Windows Inject PE Files, Hidden Bind TCP Stager
Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...
Cisco Small Business Routers Command Shell Injection (cisco-sa-cmd-shell-injection-9jOQn9Dy)
According to its self-reported version, Cisco Small Business RV Series Router Firmware is affected by a command shell injection vulnerability in the web-based management interface due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by sending a...
ALEOS Mismanagement of Privileges Vulnerability
ALEOS is an integrated development environment for building customized embedded M2M applications. ALEOS versions prior to 4.11.0, 4.9.4, and 4.4.9 contain a mismanagement of privileges vulnerability that can be exploited by an authenticated attacker to elevate privileges to root via a command she...
CVE-2019-11847
An improper privilege management vulnerabitlity exists in ALEOS before 4.11.0, 4.9.4 and 4.4.9. An authenticated user can escalate to root via the command shell...
Design/Logic Flaw
An improper privilege management vulnerabitlity exists in ALEOS before 4.11.0, 4.9.4 and 4.4.9. An authenticated user can escalate to root via the command shell...
CVE-2019-11847 ALEOS User Root Shell Escalation
An improper privilege management vulnerabitlity exists in ALEOS before 4.11.0, 4.9.4 and 4.4.9. An authenticated user can escalate to root via the command shell...
CVE-2020-3332 Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Command Shell Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. The vulnerability is due to insufficient input...
Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Command Shell Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. The vulnerability is due to insufficient input...
OS X dup2 Command Shell, Reverse TCP Stager with UUID Support (OSX x64)
dup2 socket in edi, then execve. Connect back to the attacker with UUID Support OSX x64 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 204 include Msf::Payload::Osx::ReverseTcpx64...
Unix Command Shell, Bind TCP (via jjs)
Listen for a connection and spawn a command shell via jjs This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 795 include Msf::Payload::Single include Msf::Sessions::CommandShellOption...
DeviceViewer 3.12.0.1 - add user Local Buffer Overflow (DEP Bypass)
DeviceViewer 3.12.0.1 - add user Local Buffer Overflow DEP Bypass Exploit Title: Sricam DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow DEP Bypass Date: 08/10/2019 Exploit Author: Alessandro Magnosi Vendor Homepage: http://www.sricam.com/ Software Link:...
DeviceViewer 3.12.0.1 - (add user) Local Buffer Overflow (DEP Bypass) Exploit
Exploit Title: Sricam DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow DEP Bypass Date: 08/10/2019 Exploit Author: Alessandro Magnosi Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Exploit type: Local Tested on:...
DeviceViewer 3.12.0.1 Local Buffer Overflow
Exploit Title: Sricam DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow DEP Bypass Date: 08/10/2019 Exploit Author: Alessandro Magnosi Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Exploit type: Local Tested on:...
FileThingie 2.5.7 - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: FileThingie 2.5.7 - Arbitrary File Upload Author: Cakes Vendor Homepage: www.solitude.dk/filethingie Software Link: https://github.com/leefish/filethingie/archive/master.zip Tested Version: 2.5.7 Tested on OS: CentOS 7 CVE: N/A...
Privilege escalation
An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The attacker must...
CVE-2019-12889
An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The attacker must...
Unix Command Shell, Pingback Reverse TCP (via netcat)
Creates a socket, send a UUID, then exit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 99 include Msf::Payload::Single include Msf::Payload::Pingback include...