Lucene search
+L

8 matches found

Nuclei
Nuclei
added 2 days ago80 views

WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload

WordPress SP Project & Document Manager plugin before 4.22 is susceptible to authenticated shell upload. The plugin allows users to upload files; however, the plugin attempts to prevent PHP and other similar executable files from being uploaded via checking the file extension. PHP files can still...

8.8CVSS7.9AI score0.52007EPSS
Exploits8References5
Check Point Advisories
Check Point Advisories
added 2021/10/19 12:0 a.m.79 views

p0wny Shell Remote Code Execution (CVE-2017-9830; CVE-2018-15139; CVE-2018-19423; CVE-2018-6383; CVE-2020-29607; CVE-2021-24155; CVE-2021-24347)

p0wny Shell is a PHP shell. An attacker might use this shell to execute arbitrary code on the affected system...

7.5CVSS8.4AI score0.84112EPSS
Exploits38
Metasploit
Metasploit
added 2021/07/24 5:50 p.m.96 views

Wordpress Plugin SP Project and Document - Authenticated Remote Code Execution

This module allows an attacker with a privileged Wordpress account to launch a reverse shell due to an arbitrary file upload vulnerability in Wordpress plugin SP Project & Document /.php Module Options msf use exploit/multi/http/wppluginspprojectdocumentrce msf exploitwppluginspprojectdocumentrce...

8.8CVSS8.6AI score0.52007EPSS
Exploits8
Circl
Circl
added 2021/07/10 4:29 p.m.16 views

CVE-2021-24347

creationtimestamp| type| source ---|---|--- 2021-07-10 16:29:07+00:00| published-proof-of-concept| Telegram/eMoVbCeI-n-jaFKeB-W9ZjnKBEe6KGFrv-r960DcFriPRg 2021-07-23 17:46:03+00:00| seen|...

8.8CVSS8.1AI score0.52007EPSS
Exploits8References1
0day.today
0day.today
added 2021/07/08 12:0 a.m.160 views

Wordpress SP Project & Document Manager 4.21 Plugin - Remote Code Execution Exploit

Exploit Title: Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution RCE Authenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://smartypantsplugins.com/ Software Link: https://downloads.wordpress.org/plugin/sp-client-document-manager.4.21.zip Version:...

8.8CVSS0.1AI score0.52007EPSS
Exploits8
Packet Storm
Packet Storm
added 2021/07/08 12:0 a.m.566 views

WordPress SP Project And Document Manager 4.21 Shell Upload

Exploit Title: Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution RCE Authenticated Date 07.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://smartypantsplugins.com/ Software Link:...

6.5CVSS0.2AI score0.52007EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/07/08 12:0 a.m.566 views

Wordpress Plugin SP Project &amp; Document Manager 4.21 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution RCE Authenticated Date 07.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://smartypantsplugins.com/ Software Link:...

8.8CVSS8.7AI score0.52007EPSS
Exploits8
CVE
CVE
added 2021/06/14 1:37 p.m.208 views

CVE-2021-24347

The CVE-2021-24347 entry concerns the WordPress SP Project & Document Manager plugin prior to version 4.22. The vulnerability arises because the plugin attempts to block executable uploads by checking file extensions, but PHP files can still be uploaded by altering the extension case (e.g., php t...

8.8CVSS8.6AI score0.52007EPSS
Exploits8References3Affected Software1
Rows per page
Query Builder