17 matches found
Apache ActiveMQ Fileserver - Arbitrary File Write
Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request via the Fileserver web application. id: CVE-2016-3088 info: name: Apache ActiveMQ Fileserver - Arbitrary File Write author: fqhsu severity: critical...
at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +499 more potentially affected by CVE-2016-3088 via org.apache.activemq:activemq-client (>=5.10.0 <=5.13.5)
org.apache.activemq:activemq-client MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2016-3088 Source advisory: OSV:GHSA-RXQH-FC23-GXP2...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq
CVE-2016-3088 Apache ActiveMQ Remote Code Execution Exploit...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq
This repository is an offensive tool for ActiveMQ. It is a PoC exploit for CVE-2016-3088. The tool is designed to upload a shell to the ActiveMQ server, allowing for remote code execution. The exploit targets a vulnerability in the ActiveMQ file server, which allows an attacker to upload a file t...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq
This repository is an offensive tool for collecting or writing various vulnerability PoCs proofs of concept and exploits. The primary tool in this repository is a Python script named ActiveMQExP/ActiveMQExPV1.0.py, which is designed to exploit a vulnerability in Apache ActiveMQ, specifically...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq
This repository is an offensive tool for ActiveMQ. It is a proof-of-concept PoC exploit for CVE-2016-3088. The tool is designed to upload a shell to the ActiveMQ server and execute it, allowing for remote code execution. The tool is written in Python and uses the urlparse and urlunparse modules t...
Apache ActiveMQ 5.x < 5.14.0 ActiveMQ Fileserver web application remote code execution (Xbash)
The version of Apache ActiveMQ running on the remote host is 5.x prior to 5.14.0. It is, therefore, affected by a remote code execution vulnerability. The Fileserver web application allows remote attackers to upload and execute arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Apache ActiveMQ Fileserver remote code execution vulnerability(CVE-2016-3088)
Author: The know Chong Yu 404 laboratory 1. Background overview ActiveMQ is an Apache Software Foundation under an open source message-driven middleware software. Jetty is an open source servlet container, it is based on Java web container such as JSP and servlet to provide the running...
Apache ActiveMQ < 5.14.0 - Web Shell Upload Exploit
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request. This module requires Metasploit: http://metasploit.com/download Current source:...
ActiveMQ < 5.14.0 - Web Shell Upload (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ActiveMQ web shell upload', 'Description' = %q The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to uplo...
Apache ActiveMQ 5.x Web Shell Upload
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ActiveMQ web shell upload', 'Description' = %q The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to uplo...
ActiveMQ web shell upload
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request. This module requires Metasploit: https://metasploit.com/download Current source:...
Apache ActiveMQ Fileserver Multi Methods Directory Traversal (CVE-2016-3088)
A directory traversal vulnerability exists in Apache ActiveMQ. The vulnerability is due to insufficient input validation in the destination header when processing a MOVE request or in the file upload functionality when processing a PUT request. A remote, unauthenticated attacker may exploit this...
CVE-2016-3088
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...
CVE-2016-3088
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...
CVE-2016-3088
CVE-2016-3088 affects Apache ActiveMQ 5.x prior to 5.14.0. The Fileserver web application vulnerable to remote code execution via an HTTP PUT followed by an HTTP MOVE request allows an attacker to upload and execute arbitrary files on the server. Connected PoC repositories describe Python-based a...
CVE-2016-3088
creationtimestamp| type| source ---|---|--- 2015-08-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40857 2017-06-29 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42283 2018-05-29 15:50:33+00:00| seen|...