CVE-2023-53945

BrainyCP 1.0 is affected by an authenticated remote code execution vulnerability via the crontab configuration interface. The issue allows logged-in users to inject arbitrary commands, with exploit examples describing a payload that spawns a reverse shell to a specified IP/port. Several connected...

CVE-2023-53945 BrainyCP 1.0 Remote Code Execution via Authenticated Crontab Manipulation

BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...

CVE-2023-53945 BrainyCP 1.0 Remote Code Execution via Authenticated Crontab Manipulation

BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...

Apple Mac OSX - .DS_Store Arbitrary File Overwrite

Apple Mac OSX - .DSStore Arbitrary File Overwrite !/usr/bin/perl OSX Finder DSStore arbitrary file overwrite exploit. root version vade79 - [email protected] fakehalo/realhalo this will create a directory called "xfinder" in your home directory, once the root user has modified that directory using...

Apple Mac OSX - '.DS_Store' Arbitrary File Overwrite

!/usr/bin/perl OSX Finder DSStore arbitrary file overwrite exploit. root version vade79 - [email protected] fakehalo/realhalo this will create a directory called "xfinder" in your home directory, once the root user has modified that directory using Finder in almost any waysuch as copying a file out ...