Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:54 p.m.7 views

CVE-2020-7246

A remote code execution RCE vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users'photoppreview' delete photo feature, allowing bypass of .htaccess protection...

8.8CVSS8AI score0.83235EPSS
Exploits18References1
Rapid7 Blog
Rapid7 Blog
added 2022/09/30 6:47 p.m.182 views

Metasploit Weekly Wrap-Up

Veritas Backup Exec Agent RCE This module kindly provided by c0rs targets the Veritas Backup Exec Agent in order to gain RCE as the system/root user. The exploit itself is actually a chain of 3 separate CVEs CVE-2021-27876, CVE-2021-27877 and CVE-2021-27878 which only makes it more impressive...

9CVSS0.99998EPSS
Exploits49
Metasploit
Metasploit
added 2022/09/29 7:52 p.m.293 views

qdPM 9.1 Authenticated Arbitrary PHP File Upload (RCE)

A remote code execution RCE vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users'photoppreview' delete photo feature, allowing bypass of .htaccess protection...

8.8CVSS8.8AI score0.14399EPSS
Exploits4
0day.today
0day.today
added 2022/09/29 12:0 a.m.581 views

qdPM 9.1 Authenticated Shell Upload Exploit

A remote code execution vulnerability exists in qdPM versions 9.1 and below. An attacker can upload a malicious PHP code file via the profile photo functionality by leveraging a path traversal vulnerability in the users'photoppreview' delete photo feature thus allowing bypass of .htaccess...

8.8CVSS9.2AI score0.83235EPSS
Exploits18
Packet Storm
Packet Storm
added 2022/05/26 12:0 a.m.260 views

qdPM 9.1 Remote Code Execution

Exploit Title: qdPM 9.1 - Remote Code Execution RCE Authenticated Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2021-08-03 Original Exploit Author: Rishal Dwivedi Loginsoft Original ExploitDB ID: 47954 https://www.exploit-db.com/exploits/47954 Exploit Author: Leon Trappett...

8.8CVSS8.7AI score0.83235EPSS
Exploits16
0day.today
0day.today
added 2022/05/26 12:0 a.m.453 views

qdPM 9.1 - Remote Code Execution (Authenticated) Exploit

Exploit Title: qdPM 9.1 - Remote Code Execution RCE Authenticated Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Original Exploit Author: Rishal Dwivedi Loginsoft Original ExploitDB ID: 47954 https://www.exploit-db.com/exploits/47954 Exploit Author: Leon Trappett thepcn3rd Vendor...

8.8CVSS0.83235EPSS
Exploits16
Exploit DB
Exploit DB
added 2022/05/25 12:0 a.m.398 views

qdPM 9.1 - Remote Code Execution (RCE) (Authenticated) (v2)

Exploit Title: qdPM 9.1 - Remote Code Execution RCE Authenticated Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2021-08-03 Original Exploit Author: Rishal Dwivedi Loginsoft Original ExploitDB ID: 47954 https://www.exploit-db.com/exploits/47954 Exploit Author: Leon Trappett...

8.8CVSS8.7AI score0.83235EPSS
Exploits16
0day.today
0day.today
added 2021/08/04 12:0 a.m.157 views

qdPM 9.1 - Remote Code Execution (Authenticated) Exploit

Exploit Title: qdPM 9.1 - Remote Code Execution RCE Authenticated Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Original Exploit Author: Rishal Dwivedi Loginsoft Original ExploitDB ID: 47954 Exploit Author: Leon Trappett thepcn3rd Vendor Homepage: http://qdpm.net/ Software Link:...

8.8CVSS0.1AI score0.83235EPSS
Exploits16
Exploit DB
Exploit DB
added 2021/08/04 12:0 a.m.407 views

qdPM 9.1 - Remote Code Execution (Authenticated)

Exploit Title: qdPM 9.1 - Remote Code Execution RCE Authenticated Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2021-08-03 Original Exploit Author: Rishal Dwivedi Loginsoft Original ExploitDB ID: 47954 Exploit Author: Leon Trappett thepcn3rd Vendor Homepage: http://qdpm.net/...

8.8CVSS8.7AI score0.83235EPSS
Exploits16
Check Point Advisories
Check Point Advisories
added 2020/03/25 12:0 a.m.75 views

qdPM Remote Code Execution (CVE-2020-7246)

A remote code execution vulnerability exists in qdPM. Successful exploitation of this vulnerability could result in execution of arbitrary code on the affected system...

6.5CVSS4.1AI score0.83235EPSS
Exploits16
0day.today
0day.today
added 2020/02/29 12:0 a.m.1291 views

qdPM < 9.1 - Remote Code Execution Exploit

Exploit for multiple platform in category web applications !/usr/bin/python ------------------------------------------------------------------------------------- Title: qdPM Webshell Upload + RCE Exploit qdPMv9.1 and below CVE-2020-7246 Author: Tobin Shields @TobinShields Description: This is an...

6.5CVSS8.8AI score0.83235EPSS
Exploits16
exploitpack
exploitpack
added 2020/02/28 12:0 a.m.90 views

qdPM 9.1 - Remote Code Execution

qdPM 9.1 - Remote Code Execution !/usr/bin/python ------------------------------------------------------------------------------------- Title: qdPM Webshell Upload + RCE Exploit qdPMv9.1 and below CVE-2020-7246 Author: Tobin Shields @TobinShields Description: This is an exploit to automatically...

6.5CVSS9AI score0.83235EPSS
Exploits16
Packet Storm
Packet Storm
added 2020/02/28 12:0 a.m.130 views

qdPM Remote Code Execution

!/usr/bin/python ------------------------------------------------------------------------------------- Title: qdPM Webshell Upload + RCE Exploit qdPMv9.1 and below CVE-2020-7246 Author: Tobin Shields @TobinShields Description: This is an exploit to automatically upload a PHP web shell to the qdPM...

6.5CVSS8.7AI score0.83235EPSS
Exploits16
Exploit DB
Exploit DB
added 2020/02/28 12:0 a.m.383 views

qdPM &lt; 9.1 - Remote Code Execution

!/usr/bin/python ------------------------------------------------------------------------------------- Title: qdPM Webshell Upload + RCE Exploit qdPMv9.1 and below CVE-2020-7246 Author: Tobin Shields @TobinShields Description: This is an exploit to automatically upload a PHP web shell to the qdPM...

8.8CVSS8.7AI score0.83235EPSS
Exploits16
0day.today
0day.today
added 2020/01/23 12:0 a.m.160 views

qdPM 9.1 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link:...

9.1AI score0.83235EPSS
Exploits16
Exploit DB
Exploit DB
added 2020/01/23 12:0 a.m.245 views

qdPM 9.1 - Remote Code Execution

Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-management Version: =1.9.1 Tested on:...

8.8CVSS8.7AI score0.83235EPSS
Exploits16
Packet Storm
Packet Storm
added 2020/01/23 12:0 a.m.336 views

qdPM 9.1 Remote Code Execution

Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-management Version: =1.9.1 Tested on:...

8.7AI score0.83235EPSS
Exploits16
exploitpack
exploitpack
added 2020/01/23 12:0 a.m.55 views

qdPM 9.1 - Remote Code Execution

qdPM 9.1 - Remote Code Execution Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-managemen...

6.5CVSS9AI score0.83235EPSS
Exploits16
Circl
Circl
added 2020/01/21 5:37 p.m.56 views

CVE-2020-7246

creationtimestamp| type| source ---|---|--- 2020-01-21 17:37:37+00:00| seen| https://t.me/cveNotify/369 2021-08-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/50175 2022-05-25 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/50944 2022-09-29 15:10:30+00:00| seen|...

8.8CVSS8.1AI score0.83235EPSS
Exploits16References4
CVE
CVE
added 2020/01/21 1:2 p.m.168 views

CVE-2020-7246

CVE-2020-7246 affects qdPM

8.8CVSS9.1AI score0.83235EPSS
Exploits16References5Affected Software1
Rows per page
Query Builder