2721 matches found
Quick.CMS 6.7 Remote Code Execution
Exploit Title: Quick.CMS 6.7 - Remote Code Execution Authenticated Date: 2020-12-28 Exploit Author: mari0x00 Vendor Homepage: https://opensolution.org/ Software Link: https://opensolution.org/download/?sFile=Quick.Cmsv6.7-pl.zip Description:...
CentOS 8 : python3 (CESA-2019:3520)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3520 advisory. - python: NULL pointer dereference using a specially crafted X509 certificate CVE-2019-5010 - python: CRLF injection via the query part of the url pass...
openSUSE Security Update : python3 (openSUSE-2020-2332)
This update for python3 fixes the following issues : - Fixed CVE-2020-27619 bsc1178009, where Lib/test/multibytecodecsupport calls eval on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 an...
CASAP Automated Enrollment System 1.0 Authentication Bypass
Exploit Title: CASAP Automated Enrollment System 1.0 - Authentication Bypass Exploit Author: Himanshu Shukla Date: 2021-01-21 Vendor Homepage: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Link:...
ERPNext 12.14.0 - SQL Injection (Authenticated)
Exploit Title: ERPNext 12.14.0 - SQL Injection Authenticated Date: 21-01-21 Exploit Author: Hodorsec Vendor Homepage: http://erpnext.org Software Link: https://erpnext.org/download Version: 12.14.0 Tested on: Ubuntu 18.04 !/usr/bin/python3 AUTHENTICATED SQL INJECTION VULNERABILITY In short: Found...
Inteno IOPSYS 3.16.4 Root Filesystem Access
Exploit Title: Inteno IOPSYS 3.16.4 - root filesystem access via sambashare Authenticated Date: 2020-03-29 Exploit Author: Henrik Pedersen Vendor Homepage: https://intenogroup.com/ Version: Iopsys -p -k Requires: impacket websocket-client On Windows: pyreadline """ def ubusAuthhost, username,...
Security update for cobbler (moderate)
openSUSE Security Update: Security update for cobbler Announcement ID: openSUSE-SU-2021:0046-1 Rating: moderate References: 1020376 1029276 1048183 1074594 1075014 1081714 1081739 1090205 1097733 1101670 1104189 1104190 1104287 1105440 1105442 1113747 1128754 1128926 1130658 1134588 1149075 11518...
Cockpit 234 Server-Side Request Forgery
Exploit Title: Cockpit Version 234 - Server-Side Request Forgery Unauthenticated Date: 08.01.2021 Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://cockpit-project.org/ Version: v234 Tested on: Ubuntu 18.04 !/usr/bin/python3 import argparse import requests import sys import urllib3...
Responsive FileManager 9.13.4 - 'path' Path Traversal
Exploit Title: Responsive FileManager 9.13.4 - 'path' Path Traversal Date: 12/12/2018 PoC Date: 04/01/2020 Auto Exploit Exploit Author: SunCSR Sun Cyber Security Research Google Dork: intitle:"Responsive FileManager 9.x.x" Vendor Homepage: http://responsivefilemanager.com/ Software Link:...
sar2html 3.2.1 - 'plot' Remote Code Execution
Exploit Title: sar2html 3.2.1 - 'plot' Remote Code Execution Date: 27-12-2020 Exploit Author: Musyoka Ian Vendor Homepage:https://github.com/cemtan/sar2html Software Link: https://sourceforge.net/projects/sar2html/ Version: 3.2.1 Tested on: Ubuntu 18.04.1 !/usr/bin/env python3 import requests...
Exploit for Deserialization of Untrusted Data in Rubyonrails Rails
CVE-2020-8165 Python Exploit This is code to exploit CVE-2020...
MGASA-2020-0477 Updated python3 packages fix security vulnerability
In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP CVE-2020-27619...
OPENSUSE-SU-2020:2333-1 Security update for python3
This update for python3 fixes the following issues: - Fixed CVE-2020-27619 bsc1178009, where Lib/test/multibytecodecsupport calls eval on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 and...
Security update for python3 (important)
openSUSE Security Update: Security update for python3 Announcement ID: openSUSE-SU-2020:2333-1 Rating: important References: 1155094 1174091 1174571 1174701 1177211 1178009 1179193 1179630 Cross-References: CVE-2019-16935 CVE-2019-18348 CVE-2019-20907 CVE-2019-5010 CVE-2020-14422 CVE-2020-26116...
Security update for python3 (important)
openSUSE Security Update: Security update for python3 Announcement ID: openSUSE-SU-2020:2332-1 Rating: important References: 1155094 1174091 1174571 1174701 1177211 1178009 1179193 1179630 Cross-References: CVE-2019-16935 CVE-2019-18348 CVE-2019-20907 CVE-2019-5010 CVE-2020-14422 CVE-2020-26116...
Vulmap - Web Vulnerability Scanning And Verification Tools
Vulmap is a vulnerability scanning tool that can scan for vulnerabilities in Web containers, Web servers, Web middleware, and CMS and other Web programs, and has vulnerability exploitation functions. Relevant testers can use vulmap to detect whether the target has a specific vulnerability, and ca...
Exploit for Incorrect Permission Assignment for Critical Resource in Wftpserver Wing_Ftp_Server
What's this Wing FTP Server 6.2.3 - Privilege Escalation...
SUSE-SU-2020:3930-1 Security update for python3
This update for python3 fixes the following issues: - Fixed CVE-2020-27619 bsc1178009, where Lib/test/multibytecodecsupport calls eval on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 and...
TerraMaster TOS 4.2.06 - RCE (Unauthenticated)
Exploit Title: TerraMaster TOS 4.2.06 - RCE Unauthenticated Date: 12/12/2020 Exploit Author: IHTeam Full Write-up: https://www.ihteam.net/advisory/terramaster-tos-multiple-vulnerabilities/ Vendor Homepage: https://www.terra-master.com/ Version: " /usr/www/"+shellfilename+" &&...
Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal (2)
Exploit Title: Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal 2 Date: 12 Dec 2020 Exploit Author: [email protected] Vendor Homepage: cisco.com Software Link: It’s against Hardware, specifically ASA’s and FTD’s Version: ASAs from version 9.6 to 9.14.1.10 and FTD’s versions 6.2.3 to...