Lucene search
+L

11 matches found

GithubExploit
GithubExploit
added 2021/04/09 7:59 a.m.204 views

Exploit for OS Command Injection in Klogserver Klog_Server

Information py Exploit Title: Klog Server 2.4.1 - Command...

10CVSS9.7AI score0.87987EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2021/02/19 5:55 p.m.87 views

Metasploit Wrap-Up

GSoC Rocks! In a rare double whammy, one of our 2020 Google Summer of Code GSoC participants has authored a PR containing both enhancements & a new module! Improvements to our SQL injection library now allow PostgreSQL injection, and this new functionality has been verified with both a test modul...

10CVSS9.6AI score0.95657EPSS
Exploits21
Packet Storm
Packet Storm
added 2021/02/15 12:0 a.m.183 views

Klog Server 2.4.1 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Klog Server authenticate.php user Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injectio...

10CVSS0.1AI score0.87987EPSS
Exploits8
Packet Storm
Packet Storm
added 2021/01/26 12:0 a.m.153 views

Klog Server 2.4.1 Command Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Klog Server Unauthenticated Command Injection Vulnerability', 'Description' = %q This module exploits an unauthenticated command injection...

10CVSS0.1AI score0.87987EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/01/25 12:0 a.m.231 views

Klog Server 2.4.1 - Unauthenticated Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Klog Server Unauthenticated Command Injection Vulnerability', 'Description' = %q This module exploits an unauthenticated command injection...

10CVSS7AI score0.87987EPSS
Exploits8
Check Point Advisories
Check Point Advisories
added 2021/01/06 12:0 a.m.64 views

KLog Server Command Injection (CVE-2020-35729)

A command injection vulnerability exists in KLog Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS5.8AI score0.87987EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.386 views

Klog Server 2.4.1 - Command Injection (Unauthenticated)

Exploit Title: Klog Server 2.4.1 - Command Injection Unauthenticated Date: 22.12.2020 Exploit Author: b3kc4t Mustafa GUNDOGDU Vendor Homepage: https://www.klogserver.com/ Version: 2.4.1 Tested On: Ubuntu 18.04 CVE: 2020-35729 Description:...

7.4AI score
Exploits0
Circl
Circl
added 2021/01/05 12:0 a.m.28 views

CVE-2020-35729

creationtimestamp| type| source ---|---|--- 2021-01-05 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/49366 2021-01-25 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/49474 2021-02-12 17:48:56+00:00| seen|...

10CVSS7.3AI score0.87987EPSS
Exploits8References4
OSV
OSV
added 2020/12/27 5:15 a.m.3 views

CVE-2020-35729

KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter...

9.8CVSS7.3AI score0.87987EPSS
Exploits8References5
Cvelist
Cvelist
added 2020/12/27 4:40 a.m.50 views

CVE-2020-35729

KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter...

9.8AI score0.87987EPSS
Exploits8References5
CVE
CVE
added 2020/12/27 4:40 a.m.146 views

CVE-2020-35729

Klog Server 2.4.1 and earlier versions are affected by an unauthenticated command injection in authenticate.php. The vulnerability uses the user parameter, passed to shell_exec(), allowing arbitrary commands as the apache user; the sudoers setup can grant root privileges, enabling full system com...

10CVSS9.6AI score0.87987EPSS
Exploits8References5Affected Software1
Rows per page
Query Builder