Chaos RAT XSS to RCE

CHAOS v5.0.8 is a free and open-source Remote Administration Tool that allows generated binaries to control remote operating systems. The webapp contains a remote command execution vulnerability which can be triggered by an authenticated user when generating a new executable. The webapp also...

Exploit for Out-of-bounds Write in Treasuredata Fluent_Bit

!Profile Visitorshttps://komarev.com/ghpvc/?username=d0rb&la...

CHAOS 5.0.8 Cross Site Scripting / Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chaos RAT XSS to RCE', 'Description' = %q CHAOS v5.0.8 is a free and open-source Remote Administration Tool that allows generated binaries to...

CVE-2024-0401 ASUS OVPN RCE

ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U,...

veraPDF has potential XSLT injection vulnerability when using policy files

Impact Executing policy checks using custom schematron files invokes an XSL transformation that may theoretically lead to a remote code execution RCE vulnerability. Patches This has been patched and users should upgrade to veraPDF v1.24.2 Workarounds This doesn't affect the standard validation an...

AI Python Package Flaw ‘Llama Drama’ Threatens Software Supply Chain

By Waqas The Llama Drama vulnerability in the Llama-cpp-Python package exposes AI models to remote code execution RCE attacks, enabling attackers to steal data. Currently, over 6,000 models are affected by this vulnerability. This is a post from HackRead.com Read the original post: AI Python...

K000139680: MySQL2 vulnerability CVE-2024-21508

Security Advisory Description Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution RCE via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values. CVE-2024-21508 Impact There is no impact; F5 products are not affecte...

Exploit for Code Injection in Gitlab

CVE-2021-22205 Preauth RCE via exiftool on Gitlab CE/EE...

Exploit for CVE-2021-3129

CVE-2021-3129 Unauthenticated RCE in Laravel Ignition via F...

htmlLawed 1.2.5 - Remote Code Execution Exploit

Exploit Title: htmlLawed 1.2.5 - Remote Code Execution RCE Exploit Author: Miguel Redondo aka d4t4s3c Vendor Homepage: https://www.bioinformatics.org/phplabware/internalutilities/htmLawed Software Link: https://github.com/kesar/HTMLawed Version: -c \n" exit else banner echo -e "\n+ Command output...

litellm passes untrusted data to `eval` function without sanitization

A remote code execution RCE vulnerability exists in the berriai/litellm project due to improper control of the generation of code when using the eval function unsafely in the litellm.getsecret method. Specifically, when the server utilizes Google KMS, untrusted data is passed to the eval function...

GHSA-7GGM-4RJG-594W litellm passes untrusted data to `eval` function without sanitization

A remote code execution RCE vulnerability exists in the berriai/litellm project due to improper control of the generation of code when using the eval function unsafely in the litellm.getsecret method. Specifically, when the server utilizes Google KMS, untrusted data is passed to the eval function...

Exploit for Unrestricted Upload of File with Dangerous Type in Git

CVE-2024-32002: Exploiting Git RCE via git clone This repos...

CVE-2024-32680 WordPress HUSKY plugin <= 1.3.5.2 - Remote Code Execution (RCE) vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Improper Control of Generation of Code 'Code Injection' vulnerability in PluginUS HUSKY – Products Filter for WooCommerce formerly WOOF allows Using Malicious Files, Code Inclusion.This issue affects HUSKY – Products...

Exploit for Classic Buffer Overflow in Qnap Qts

CVE-2024-27130 A Proof of Concept developed by @watchTow...

Remote Code Execution

ezsystems is vulnerable to Remote Code Execution. The vulnerability is due to object injection in the SiteAccessMatchListener, which could lead to remote code execution RCE...

ArForms < 6.6 - Unauthenticated RCE

Description The plugin allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form PoC 1. Create a form with an upload input 2. As an unauthenticated user, upload an image file and intercept the request. 3...

ArForms < 6.6 - Unauthenticated RCE

Description The plugin allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form 1. Create a form with an upload input 2. As an unauthenticated user, upload an image file and intercept the request. 3. Modify i...

Spreadsheet::ParseExcel RCE (CVE-2023-7101)

According to its self-reported version number, the Spreadsheet::ParseExcel perl module is vulnerable to a remote code execution vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings not ...

ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command

ID: NFLX-2024-002 Impact Authenticated users can achieve limited RCE in ConsoleMe, restricted to flag inputs on a single CLI command. Due to this constraint, it is not currently known whether full RCE is possible but it is unlikely. However, a specific flag allows authenticated users to read any...