11231 matches found
Exploit for Code Injection in Geoserver
🚀 GeoServer Exploit for CVE-2024-36401 🚀 📝 Description...
GHSA-3H9F-MM2X-4J58 Studio 42 elFinder vulnerable to Incorrect Access Control
Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE, etc...
Studio 42 elFinder vulnerable to Incorrect Access Control
Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE, etc...
CVE-2024-38909
Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE, etc...
CVE-2024-38909
Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE, etc...
CVE-2024-38909
Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE, etc...
CVE-2024-38909
Studio 42 elFinder 2.1.64 is affected by an Incorrect Access Control vulnerability that lets an attacker copy files with unauthorized extensions between server directories, potentially exposing secrets and enabling remote code execution. Root cause: flawed access control allowing cross-directory ...
CVE-2024-38529 Admidio Vulnerable to RCE via Arbitrary File Upload in Message Attachment
Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.3.10, there is a Remote Code Execution Vulnerability in the Message module of the Admidio Application, where it is possible to upload a PHP file in the attachment. The...
Exploit for Unrestricted Upload of File with Dangerous Type in Git
PoC exploit for CVE-2024-32002, a remote code execution vulnerab...
Exploit for CVE-2024-39700
CVE-2024-39700 Proof of Concept Repositories created using th...
Exploit for Unrestricted Upload of File with Dangerous Type in Git
CVE-2024-32002: Exploiting Git RCE via git clone This repos...
Prison Management System 1.0 Shell Upload
Exploit Title: Prison Management System 1.0 - Unuthenticated RCE Date: 24.07.2024 Exploit Author: Muhammet Ali Dak Vendor Homepage: https://www.sourcecodester.com/sql/17287/prison-management-system.html Software Link:...
GHSA-VPRP-94P9-5JP8 Dolibarr ERP CRM vulnerable to remote code execution (RCE)
Dolibarr ERP CRM before 19.0.2 was discovered to contain a remote code execution RCE vulnerability via the Computed field parameter under the Users Module Setup function...
Exploit for OS Command Injection in Php
CVE-2024-4577-PHP-RCE Project Overview and Mechanism - Th...
CVE-2024-40137
Dolibarr ERP CRM before 19.0.2-php8.2 was discovered to contain a remote code execution RCE vulnerability via the Computed field parameter under the Users Module Setup function...
CVE-2024-41662 VNote vulnerable to Markdown XSS, which leads to RCE
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
CVE-2024-41662 VNote vulnerable to Markdown XSS, which leads to RCE
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
CVE-2024-40137
Dolibarr ERP CRM before 19.0.2-php8.2 was discovered to contain a remote code execution RCE vulnerability via the Computed field parameter under the Users Module Setup function...
CVE-2024-40137
Dolibarr ERP CRM before 19.0.2-php8.2 was discovered to contain a remote code execution RCE vulnerability via the Computed field parameter under the Users Module Setup function...
CVE-2024-40137
Dolibarr ERP/CRM versions before 19.0.2-php8.2 contain a remote code execution (RCE) vulnerability exposed through the Computed field parameter in the Users Module Setup function. The issue is documented across multiple feeds (CVE-2024-40137) and is reported as affecting Dolibarr; proof of exploi...