Lucene search
K

4 matches found

0day.today
0day.today
added 2022/03/02 12:0 a.m.286 views

Xerte 3.9 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Xerte 3.9 - Remote Code Execution RCE Authenticated Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.8.5-33.zip Version: up until version 3.9 Tested on: Windows 10 XAMP CVE :...

8.8CVSS0.1AI score0.12782EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/03/02 12:0 a.m.328 views

Xerte 3.9 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Xerte 3.9 - Remote Code Execution RCE Authenticated Date: 05/03/2021 Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.8.5-33.zip Version: up until version 3.9 Tested on: Windows...

8.8CVSS8.8AI score0.12782EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/03/02 12:0 a.m.295 views

Xerte 3.9 Remote Code Execution

Exploit Title: Xerte 3.9 - Remote Code Execution RCE Authenticated Date: 05/03/2021 Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.8.5-33.zip Version: up until version 3.9 Tested on: Windows...

8.8AI score0.12782EPSS
Exploits4
CVE
CVE
added 2022/02/24 8:11 p.m.86 views

CVE-2021-44664

CVE-2021-44664 affects Xerte up to version 3.9, with an authenticated RCE described in multiple sources. The vulnerability resides in website_code/php/import/fileupload.php, where an attacker can upload a malicious PHP file disguised as a language file to bypass upload filters. The attacker can t...

8.8CVSS8.8AI score0.12782EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder