30 matches found
Ubuntu: Security Advisory (USN-6885-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for Improper Encoding or Escaping of Output in Apache Http_Server
CVE-2024-38473 Nuclei Template !imagehttps://github.com/us...
Improving Apache httpd Protections Proactively with Orange Tsai of DEVCORE
...
Improving Apache httpd Protections Proactively with Orange Tsai of DEVCORE
...
Exploit for OS Command Injection in Php
CVE-2024-4577: Critical Vulnerability in PHP's CGI Configurati...
Exploit for OS Command Injection in Php
CVE-2024-4577 A Proof of Concept developed by @watchTowrhtt...
Exploit for OS Command Injection in Php
Orange Tsi 🍊 This vulnerability was found by Orange Tsai @oran...
Exploit for OS Command Injection in Php
Orange Tsi 🍊 This vulnerability was found by Orange Tsai @oran...
WSO Arbitrary File Upload / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WSO2 Arbitrary File Upload to RCE', 'Description' = %q This module abuses a vulnerability in certain WSO2 products that allow unrestricted file...
Exploit for Path Traversal in Wso2 Api_Manager
CVE-2022-29464 WSO2 RCE CVE-2022-29464 exploit. Details C...
New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root
Samba has issued software updates to address multiple security vulnerabilities that, if successfully exploited, could allow remote attackers to execute arbitrary code with the highest privileges on affected installations. Chief among them is CVE-2021-44142, which impacts all versions of Samba...
Exploit for Server-Side Request Forgery in Microsoft
Proxyshell-Scanner nuclei scanner for Proxyshell RCE CVE-2021...
ProxyShell Exploit Chain
Microsoft Exchange Server Remote Code Execution Vulnerability Recent assessments: ccondon-r7 at August 12, 2021 9:19pm UTC reported: Check out the Rapid7 analysis for details on the exploit chain. Seems like a lot of the PoC implementations so far are using admin mailboxes, but I’d imagine folks...
MobileIron MDM Hessian-Based Java Deserialization RCE
This module exploits an ACL bypass in MobileIron MDM products to execute a Groovy gadget against a Hessian-based Java deserialization endpoint. Module Options msf use exploit/linux/http/mobileironmdmhessianrce msf exploitmobileironmdmhessianrce show targets ...targets... msf...
Exploit for Cross-site Scripting in F5 Big-Ip_Access_Policy_Manager
CVE-2020-5902 RCE /tmui/login.jsp/..;/tmui/locallb/workspac...
Exploit for Out-of-bounds Write in Php
PHuiP-FPizdaM What's this This is an exploit for a bug in...
U.S. Dept Of Defense: Arbitrary File Reading leads to RCE in the Pulse Secure SSL VPN on the https://██████ (███)
The Pulse Secure SSL VPN was found to be vulnerable to multiple issues, including pre-authentication arbitrary file reading CVE-2019-11510 and post-authentication command injection CVE-2019-11539. These vulnerabilities were discovered and disclosed by security researcher Orange Tsai. The...
Exploit for Path Traversal in Ivanti Connect_Secure
pwn-pulse.sh Exploit for Pulse Connect Secure SSL VPN arbitr...
Pulse Secure 8.1R15.18.28.39.0 SSL VPN - Remote Code Execution
Pulse Secure 8.1R15.18.28.39.0 SSL VPN - Remote Code Execution !/usr/bin/python Exploit Title: Pulse Secure Post-Auth Remote Code Execution Google Dork: inurl:/dana-na/ filetype:cgi Date: 09/05/2019 Exploit Author: Justin Wagner 0xDezzy, Alyssa Herrera @AlyssaHerrera Vendor Homepage:...
Jenkins ACL Bypass / Metaprogramming Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins ACL Bypass and Metaprogramming RCE', 'Description' = %q This module exploits a vulnerability in Jenkins dynamic routing to bypass the...