11231 matches found
Exploit for OS Command Injection in Php
CVE-2024-4577 - PHP CGI Argument Injection Remote Code Executi...
Exploit for OS Command Injection in Php
CVE-2024-4577-PHP-RCE Project Overview and Mechanism - Th...
Exploit for Path Traversal in Wso2 Api_Manager
CVE-2022-29464 A preauth arbitrary file upload that leads t...
Exploit for Expression Language Injection in Atlassian Confluence_Data_Center
CVE-2022-26134 A pre-authenticated RCE vulnerability in Atl...
Metasploit Weekly Wrap-Up 06/07/2024
New OSX payloads:ARMed and Dangerous In addition to an RCE leveraging CVE-2024-5084 to gain RCE through a WordPress Hash form, this release features the addition of several new binary OSX stageless payloads with aarch64 support: Execute Command, Shell Bind TCP, and Shell Reverse TCP. The new...
Exploit for OS Command Injection in Php
CVE-2024-4577 A Proof of Concept developed by @watchTowrhtt...
Exploit for OS Command Injection in Php
CVE-2024-4577 A Proof of Concept developed by @watchTowrhtt...
CVE-2024-4620 ArForms < 6.6 - Unauthenticated RCE
The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form...
CVE-2024-4620 ArForms < 6.6 - Unauthenticated RCE
The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form...
ruby:3.3 security, bug fix, and enhancement update
ruby 3.3.1-2 - Upgrade to Ruby 3.3.1. Resolves: RHEL-37446 - Fix buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-37448 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281 Resolves: RHEL-37449 - Fix Arbitrary memory address read vulnerability with Regex searc...
CVE-2024-30162
Invision Community through 4.7.16 allows remote code execution via the applications/core/modules/admin/editor/toolbar.php IPS\core\modules\admin\editor\toolbar::addPlugin method. This method handles uploaded ZIP files that are extracted into the...
Oracle Linux 9 : ruby:3.3 (ELSA-2024-3671)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3671 advisory. - Fix buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-37699 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281...
Oracle Linux 9 : ruby:3.1 (ELSA-2024-3668)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3668 advisory. ruby 3.1.5-144 - Upgrade to Ruby 3.1.5. Resolves: RHEL-33978 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-34129 - Fix RCE...
CVE-2024-5278
gaizhenbiao/chuanhuchatgpt is vulnerable to an unrestricted file upload vulnerability due to insufficient validation of uploaded file types in its /upload endpoint. Specifically, the handlefileupload function does not sanitize or validate the file extension or content type of uploaded files,...
CVE-2024-3408 Authentication Bypass and RCE in man-group/dtale
man-group/dtale version 3.10.0 is vulnerable to an authentication bypass and remote code execution RCE due to improper input validation. The vulnerability arises from a hardcoded SECRETKEY in the flask configuration, allowing attackers to forge a session cookie if authentication is enabled...
CVE-2024-3408 Authentication Bypass and RCE in man-group/dtale
man-group/dtale version 3.10.0 is vulnerable to an authentication bypass and remote code execution RCE due to improper input validation. The vulnerability arises from a hardcoded SECRETKEY in the flask configuration, allowing attackers to forge a session cookie if authentication is enabled...
CVE-2024-3408
CVE-2024-3408 (DTale) affects man-group/dtale 3.10.0 up to 3.15.1. Root causes: (1) hardcoded SECRET_KEY in Flask config enabling session forgery; (2) improper input validation that allows bypass of authentication and arbitrary code execution via the /dtale/update-settings and /dtale/test-filter ...
CVE-2024-5278 Unrestricted File Upload leading to RCE in gaizhenbiao/chuanhuchatgpt
gaizhenbiao/chuanhuchatgpt is vulnerable to an unrestricted file upload vulnerability due to insufficient validation of uploaded file types in its /upload endpoint. Specifically, the handlefileupload function does not sanitize or validate the file extension or content type of uploaded files,...
CVE-2024-5278 Unrestricted File Upload leading to RCE in gaizhenbiao/chuanhuchatgpt
gaizhenbiao/chuanhuchatgpt is vulnerable to an unrestricted file upload vulnerability due to insufficient validation of uploaded file types in its /upload endpoint. Specifically, the handlefileupload function does not sanitize or validate the file extension or content type of uploaded files,...
Remote code execution in pytorch lightning
A remote code execution RCE vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state base...