Lucene search
K

12 matches found

Rapid7 Blog
Rapid7 Blog
added 2021/08/13 6:25 p.m.333 views

Metasploit Wrap-Up

Print Driver PrivEsc If you attended DEF CON last week, you may have seen this talk on print driver vulnerabilities from Metasploit community contributor Jacob Baines. In the spirit of Friday the 13th, we're highlighting some of these "print nightmares" again, in the form of two new Metasploit...

7.5CVSS9.9AI score0.95355EPSS
Exploits12
Metasploit
Metasploit
added 2021/08/12 5:51 p.m.193 views

Atlassian Crowd pdkinstall Unauthenticated Plugin Upload RCE

This module can be used to upload a plugin on Atlassian Cloud via the pdkinstall development plugin as an unauthenticated attacker. The payload is uploaded as a JAR archive containing a servlet using a POST request to /crowd/admin/uploadplugin.action. The check command will check that the...

9.8CVSS9.6AI score0.95355EPSS
Exploits6
Gitee
Gitee
added 2021/02/24 11:10 a.m.9 views

Exploit for CVE-2019-11580

CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE Usage: python CVE-2019-11580.py http://xx.xx.xx.xx/ Crowd-2.11.0 VulnVersion Donwload https://product-downloads.atlassian.com/software/crowd/downloads/atlassian-crowd-2.11.0.tar.gz Powered by Atlassian Crowd Version: 2.11.0 Build:725 -...

9.8CVSS7.2AI score0.95355EPSS
Exploits6
ATTACKERKB
ATTACKERKB
added 2020/02/13 12:0 a.m.42 views

Atlassian Crowd: pdkinstall development plugin incorrectly enabled (CVE-2019-11580)

Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code...

9.8CVSS9.6AI score0.95355EPSS
In wildExploits6References2
GithubExploit
GithubExploit
added 2019/07/17 7:54 a.m.214 views

Exploit for CVE-2019-11580

CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE...

9.8CVSS9.7AI score0.95355EPSS
Exploits6
Circl
Circl
added 2019/07/15 1:15 a.m.9 views

CVE-2019-11580

creationtimestamp| type| source ---|---|--- 2019-07-15 01:15:44+00:00| published-proof-of-concept| https://t.me/canyoupwnme/5744 2019-07-17 07:49:27+00:00| published-proof-of-concept| https://t.me/SecLabNews/5382 2020-10-20 15:57:21+00:00| seen| MISP/42d04e94-bf5b-427d-acc8-f5d740675941 2020-10-2...

9.8CVSS7.1AI score0.95355EPSS
In wildExploits6References15
NVD
NVD
added 2019/06/03 2:29 p.m.25 views

CVE-2019-11580

Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits...

9.8CVSS9.8AI score0.95355EPSS
Exploits6References4
Vulnrichment
Vulnrichment
added 2019/06/03 1:43 p.m.10 views

CVE-2019-11580

Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits...

7.8AI score0.95355EPSS
Exploits6References3
CVE
CVE
added 2019/06/03 1:43 p.m.1048 views

CVE-2019-11580

Atlassian Crowd/Crowd Data Center are affected by CVE-2019-11580 due to the pdkinstall development plugin being incorrectly enabled in release builds. The flaw permits attackers to install arbitrary plugins via unauthenticated or authenticated requests, enabling remote code execution on vulnerabl...

9.8CVSS9.5AI score0.95355EPSS
In wildExploits6References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2019/06/03 12:0 a.m.46 views

CVE-2019-11580

Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits...

9.8CVSS9.7AI score0.95355EPSS
In wildExploits6References4
Atlassian
Atlassian
added 2019/05/06 4:6 a.m.175 views

Crowd - pdkinstall development plugin incorrectly enabled - CVE-2019-11580

Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code...

9.8CVSS3AI score0.95355EPSS
Exploits6Affected Software1
Atlassian
Atlassian
added 2019/05/06 4:6 a.m.49 views

Crowd - pdkinstall development plugin incorrectly enabled - CVE-2019-11580

Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code...

9.8CVSS9.7AI score0.95355EPSS
Exploits6
Rows per page
Query Builder