8 matches found
p0wny Shell Remote Code Execution (CVE-2017-9830; CVE-2018-15139; CVE-2018-19423; CVE-2018-6383; CVE-2020-29607; CVE-2021-24155; CVE-2021-24347)
p0wny Shell is a PHP shell. An attacker might use this shell to execute arbitrary code on the affected system...
OpenEMR 5.0.1.3 - (manage_site_files) Remote Code Execution (Authenticated) Exploit (2)
Title: OpenEMR 5.0.1.3 - 'managesitefiles' Remote Code Execution Authenticated 2 Exploit author: noraj Alexandre ZANNI for SEC-IT http://secit.fr Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Docker PoC:...
OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code Execution (Authenticated) (2)
Title: OpenEMR 5.0.1.3 - 'managesitefiles' Remote Code Execution Authenticated 2 Exploit author: noraj Alexandre ZANNI for SEC-IT http://secit.fr Date: 2021-07-05 Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Docker PoC:...
OpenEMR 5.0.1.3 Shell Upload
Title: OpenEMR 5.0.1.3 - 'managesitefiles' Remote Code Execution Authenticated 2 Exploit author: noraj Alexandre ZANNI for SEC-IT http://secit.fr Date: 2021-07-05 Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Docker PoC:...
OpenEMR 5.0.1.3 - (manage_site_files) Remote Code Execution Exploit
Exploit Title: OpenEMR 5.0.1.3 - 'managesitefiles' Remote Code Execution Authenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v5013.zip Version: Prior to 5.0.1.4 Tested on: Ubuntu 18.04...
OpenEMR 5.0.1.3 Shell Upload
Exploit Title: OpenEMR 5.0.1.3 - 'managesitefiles' Remote Code Execution Authenticated Date 12.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v5013.zip Version: Prior to 5.0.1.4 Tested on...
OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code Execution (Authenticated)
Exploit Title: OpenEMR 5.0.1.3 - 'managesitefiles' Remote Code Execution Authenticated Date 12.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v5013.zip Version: Prior to 5.0.1.4 Tested on...
CVE-2018-15139
OpenEMR prior to 5.0.1.4 is affected by Unrestricted file upload in interface/super/manage_site_files.php. An authenticated remote attacker can upload a PHP file via the images upload form and access it in the images directory to execute arbitrary PHP code. Impact is high (C/H I/H A/H as per CVSS...