4 matches found
Algernon Cross-Site Scripting vulnerability
Cross-site Scripting vulnerability in Algernon v1.17.4 allows attackers to execute arbitrary code via injecting a crafted payload into a filename...
The Silent, Fileless Threat of VShell
The Silent, Fileless Threat of VShell By Sagar Bade · August 21, 2025 Introduction Linux environments are often seen as bastions of security, favored by developers, sysadmins, and security professionals for their stability, transparency, and resistance to malware. Compared to Windows, the attack...
MedDream PACS Server 6.8.3.751 - Remote Code Execution (Authenticated)
!/usr/bin/python Exploit Title: MedDream PACS Server 6.8.3.751 - Remote Code Execution Authenticated Exploit Author: bzyo Twitter: @bzyo Exploit Title: MedDream PACS Server 6.8.3.751 - Remote Code Execution Authenticated Date: 2020-10-01 Vulnerable Software:...
Cayin xPost 2.5 SQL Injection / Remote Code Execution Exploit
This Metasploit module exploits an unauthenticated remote SQL injection vulnerability in Cayin xPost versions 2.5 and below. The wayfindermeetinginput.jsp file's wayfinderseqid parameter can be injected blindly. Since this app bundles MySQL and Apache Tomcat the environment is pretty static and...