117 matches found
pfSense Post-Auth Command Execution Vulnerability
pfSense is a free and open source firewall and router software under FreeBSD. A command execution vulnerability exists in pfSense Post-Auth. An attacker can exploit this vulnerability to gain privileges to execute commands in the root user's environment...
CVE-2017-9270 post-auth arbitrary file write on cryptctl server
In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database...
LogicalDOC Enterprise 7.7.4 - Directory Traversal
LogicalDOC Enterprise 7.7.4 - Directory Traversal LogicalDOC Enterprise 7.7.4 Multiple Directory Traversal Vulnerabilities Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4 7.7.3 7.7.2 7.7.1 7.6.4 7.6.2 7.5.1 7.4.2 7.1.1 Summary: LogicalDOC is a free...
IPFire 2.19 - Remote Code Execution
IPFire 2.19 - Remote Code Execution Title : IPFire 2.19 Firewall Post-Auth RCE Date : 09/06/2017 Author : 0x09AL https://twitter.com/0x09AL Tested on: IPFire 2.19 x8664 - Core Update 110 Vendor : http://www.ipfire.org/ Software :...
Cisco Firepower Management Console 6.0 Post Auth Report Download Directory Traversal
This module exploits a directory traversal vulnerability in Cisco Firepower Management under the context of www user. Authentication is required to exploit this vulnerability. This module requires Metasploit: https://metasploit.com/download Current source:...
JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal
Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725 Version: 0.3 Date: Aug 31st, 2016 Complete Proof of Concept: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725 https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40411.zip Tag: jsch...
JCraft / JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal
Exploit for windows platform in category dos / poc Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725 Version: 0.3 Date: Aug 31st, 2016 Complete Proof of Concept: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725...
Barracuda Web Application Firewall 8.0.1.008 - (Authenticated) Remote Command Execution (Metasploit)
Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Command Execution Metasploit Exploit Title: Barracuda Web Application Firewall 'Barracuda Web Application Firewall %q This module exploits a remote command execution vulnerability in the Barracuda Web Application Firweall firmwar...
Barracuda Spam And Virus Firewall 5.1.3.007 Remote Root
Exploit Title: Barracuda Spam & Virus Firewall Post Auth Remote Root Exploit Date: 07/21/16 Exploit Author: xort [email protected] Vendor Homepage: https://www.barracuda.com/ Software Link: https://www.barracuda.com/landing/pages/spamfirewall/ Version: Spam and Virus Firewall 'Barracuda Spam...
Dell SonicWall Scrutinizer 11.0.1 SQL Injection / Code Execution
!/usr/local/bin/python """ Dell SonicWall Scrutinizer Summary: ======== This exploits an pre-auth SQL Injection in the login.php script within an update statement to steal session data. You could also steal login creds which require absolutely no hash cracking since the target uses symmetric...
Dell SonicWALL Scrutinizer 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution
!/usr/local/bin/python """ Dell SonicWall Scrutinizer Summary: ======== This exploits an pre-auth SQL Injection in the login.php script within an update statement to steal session data. You could also steal login creds which require absolutely no hash cracking since the target uses symmetric...
Dell SonicWALL Scrutinizer 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution
Exploit for windows platform in category remote exploits !/usr/local/bin/python """ Dell SonicWall Scrutinizer Summary: ======== This exploits an pre-auth SQL Injection in the login.php script within an update statement to steal session data. You could also steal login creds which require...
Magento CE Remote Command Execution
!/usr/bin/python Exploit Title: Magento CE \nExample: python %s http://localhost "uname -a"" sys.exit if lensys.argv != 3: usage Command-line args target = sys.argv1 arg = sys.argv2 Config. username = '' password = '' phpfunction = 'system' Note: we can only pass 1 argument to the function...
Magento CE < 1.9.0.1 - (Authenticated) Remote Code Execution
!/usr/bin/python Exploit Title: Magento CE \nExample: python %s http://localhost "uname -a"" sys.exit if lensys.argv != 3: usage Command-line args target = sys.argv1 arg = sys.argv2 Config. username = '' password = '' phpfunction = 'system' Note: we can only pass 1 argument to the function...
PMB 4.1.3 Post-Auth SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: PMB = 4.1.3 Post-Auth SQL Injection Vulnerability Google Dork: inurl:opaccss Date: 25-12-2014 Exploit Author: XD4rker Ismail Belkacim Email: xd4rkeratgmail.com Twitter: @xd4rker Vendor Homepage: http://www.sigb.net Software Link...
PMB 4.1.3 SQL Injection
Exploit Title: PMB = 4.1.3 Post-Auth SQL Injection Vulnerability Google Dork: inurl:opaccss Date: 25-12-2014 Exploit Author: XD4rker Ismail Belkacim Email: xd4rkeratgmail.com Twitter: @xd4rker Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files...
X7 Chat 2.0.5 - 'message.php' PHP Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'X7 Chat 2.0.5 lib/message.php pregreplace PHP Code Execution', 'Description' = %q This module exploits a post-auth vulnerability fou...
CUPS Filter Bash Environment Variable Code Injection Exploit
This Metasploit module exploits a post-auth code injection in specially crafted environment variables in Bash, specifically targeting CUPS filters through the PRINTERINFO and PRINTERLOCATION variables by default. This module requires Metasploit: http://metasploit.com/download Current source:...
GWebmail 0.7.3 XSS & LFI RCE Vulnerabilities
No description provided by source. !/usr/bin/python ''' Exploit Title: XSS & LFI RCE Vulnerabilities in GWebmail Date: 11/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: https://www.gwebmail.net Software Link: https://www.gwebmail.net/download/ Version: 0.7.3 Gr33Tz: @aviadgolan ,...
Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit
No description provided by source. !/usr/bin/python Title: Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit Egghunter Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit Software Versions Tested: 5.53 Date Discovered: Febrary 22, 2012 Vendor Contacted: Febrary 23, 2012 Vendor Response: Februar...