4 matches found
Xerte 3.9 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Xerte 3.9 - Remote Code Execution RCE Authenticated Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.8.5-33.zip Version: up until version 3.9 Tested on: Windows 10 XAMP CVE :...
Xerte 3.9 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Xerte 3.9 - Remote Code Execution RCE Authenticated Date: 05/03/2021 Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.8.5-33.zip Version: up until version 3.9 Tested on: Windows...
Xerte 3.9 Remote Code Execution
Exploit Title: Xerte 3.9 - Remote Code Execution RCE Authenticated Date: 05/03/2021 Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.8.5-33.zip Version: up until version 3.9 Tested on: Windows...
CVE-2021-44664
CVE-2021-44664 affects Xerte up to version 3.9, with an authenticated RCE described in multiple sources. The vulnerability resides in website_code/php/import/fileupload.php, where an attacker can upload a malicious PHP file disguised as a language file to bypass upload filters. The attacker can t...