7213 matches found
Webmin 1.580 Directory Traversal
Webmin version 1.580 proof of concept directory traversal exploit that leverages a vulnerability from 2012. ============================================================================================================================================= | Title : Webmin 1.580 Directory Traversal...
CVE-2025-1707 Review Schema <= 2.2.4 - Authenticated (Contributor+) Local File Inclusion via Post Meta
The Review Schema plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.4 via post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing...
CVE-2025-1707
CVE-2025-1707 applies to the WordPress plugin Review Schema (Versions up to and including 2.2.4). The vulnerability is Local File Inclusion via post meta, exploitable by authenticated attackers with contributor+ privileges to include and execute arbitrary PHP files on the server, potentially bypa...
ABB AC500v3 3.7.0.569 Symlink Attack
ABB AC500v3 version 3.7.0.569 proof of concept symlink attack exploit that leverages vulnerabilities previously discovered in 2024 by CyberDanube. ============================================================================================================================================= | Title ...
CVE-2024-13890
The Allow PHP Execute plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 1.0. This is due to allowing PHP code to be entered by all users for whom unfiltered HTML is allowed. This makes it possible for authenticated attackers, with Editor-level access a...
Zabbix 6.0.32rc1 PHP Code Injection
Zabbix server version 6.0.32rc1 proof of concept remote code injection exploit. ============================================================================================================================================= | Title : Zabbix server v 6.0.32rc1 PHP Code Injection Vulnerability | |...
CVE-2024-13890
The Allow PHP Execute plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 1.0. This is due to allowing PHP code to be entered by all users for whom unfiltered HTML is allowed. This makes it possible for authenticated attackers, with Editor-level access a...
CVE-2024-13890
The Allow PHP Execute plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 1.0. This is due to allowing PHP code to be entered by all users for whom unfiltered HTML is allowed. This makes it possible for authenticated attackers, with Editor-level access a...
WordPress Allow PHP Execute plugin <= 1.0 - Authenticated (Editor+) PHP Code Injection vulnerability
Authenticated Editor+ PHP Code Injection vulnerability discovered by Francesco Carlucci in WordPress Plugin Allow PHP Execute versions = 1.0...
CVE-2024-13890 Allow PHP Execute <= 1.0 - Authenticated (Editor+) PHP Code Injection
The Allow PHP Execute plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 1.0. This is due to allowing PHP code to be entered by all users for whom unfiltered HTML is allowed. This makes it possible for authenticated attackers, with Editor-level access a...
CVE-2024-13890
CVE-2024-13890 affects the WordPress plugin Allow PHP Execute (
CVE-2024-13890 Allow PHP Execute <= 1.0 - Authenticated (Editor+) PHP Code Injection
The Allow PHP Execute plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 1.0. This is due to allowing PHP code to be entered by all users for whom unfiltered HTML is allowed. This makes it possible for authenticated attackers, with Editor-level access a...
Cleo LexiCom Harmony 5.8.0.23 CSRF / Command Execution
Cleo LexiCom Harmony version 5.8.0.23 suffers from a remote command execution vulnerability that can be leveraged via a cross site request forgery attack. ============================================================================================================================================= ...
D Tale 3.10.0 Remote Command Execution
D Tale version 3.10.0 proof of concept remote command execution exploit. ============================================================================================================================================= | Title : D Tale v3.10.0 PHP code execution vulnerability | | Author : indoushka |...
WordPress 4.2.4 XMLRPC GHOST Vulnerability Scanner
WordPress version 4.2.4 XMLRPC GHOST vulnerability scanning script that checks to see if an instance is vulnerable. ============================================================================================================================================= | Title : WordPress 4.2.4 XMLRPC GHOST...
ZENworks Configuration Management 11.1 Shell Upload
ZENworks Configuration Management version 11.1 suffers from a remote shell upload vulnerability. ============================================================================================================================================= | Title : ZENworks Configuration Management 11.1 PHP Code...
Microsoft SRV2.SYS SMB 2 Denial of Service
Microsoft SRV2.SYS SMB version 2 remote denial of service exploit that leverages a flaw from 2009. ============================================================================================================================================= | Title : Microsoft SRV2.SYS SMB v2 Denial of Service...
Wazuh 4.9.1 Remote Code Execution
Wazuh version 4.9.1 proof of concept remote code execution exploit with a reverse shell. ============================================================================================================================================= | Title : Wazuh v 4.9.1 PHP Code Injection Vulnerability | | Autho...
Zabbix 6.4.17rc1 Remote Code Execution
Zabbix server version 6.4.17rc1 remote code execution exploit that provides a reverse shell. ============================================================================================================================================= | Title : Zabbix server v 6.4.17rc1 PHP Code Injection...
ZENworks Configuration Management 11.1a Shell Upload
ZENworks Configuration Management version 11.1a suffers from a remote shell upload vulnerability. ============================================================================================================================================= | Title : ZENworks Configuration Management 11.1a PHP Cod...