11232 matches found
Atlassian Confluence < 8.5.3 - Remote Code Execution Exploit
Exploit Title: CVE-2023-22527: Atlassian Confluence RCE Vulnerability Exploit Author: MaanVader Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://www.atlassian.com/software/confluence Version: 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3 Tested on: 8.5.3 CVE ...
Atlassian Confluence < 8.5.3 - Remote Code Execution
Exploit Title: CVE-2023-22527: Atlassian Confluence RCE Vulnerability Date: 25/1/2024 Exploit Author: MaanVader Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://www.atlassian.com/software/confluence Version: 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3 Teste...
ZoneMinder Snapshots < 1.37.33 - Unauthenticated RCE
import re import requests from bs4 import BeautifulSoup import argparse import base64 Exploit Title: Unauthenticated RCE in ZoneMinder Snapshots Date: 12 December 2023 Discovered by : @Unblvr1 Exploit Author: Ravindu Wickramasinghe @rvizx9 Vendor Homepage: https://zoneminder.com/ Software Link:...
Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect
RCE vulnerability in Mirth Connect CVE-2023-37679 and CVE-202...
Karaf v4.4.3 Console - RCE
!/usr/bin/python Exploit Title: Karaf v4.4.3 Console RCE Date: 2023-08-07 Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-karaf-exploits.git Vendor Homepage: https://karaf.apache.org Software Link:...
Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect
CVE-2023-43208 - Mirth Connect Remote Code Execution RCE Exp...
Google-Dorks-Bug-Bounty - A List Of Google Dorks For Bug Bounty, Web Application Security, And Pentesting
A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting Live Tool Broad domain search w/ negative search site:example.com -www -shop -share -ir -mfa PHP extension w/ parameters site:example.com ext:php inurl:? Disclosed XSS and Open Redirects site:openbugbounty.org...
Important: Red Hat Security Advisory: gimp:2.8 security update
An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having...
Viessmann Vitogate 300 2.1.3.0 Remote Code Execution
Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: [email protected] - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import...
JetBrains TeamCity 2023.05.3 - Remote Code Execution Exploit
Exploit Title: JetBrains TeamCity 2023.05.3 - Remote Code Execution RCE - Shodan Dork: http.title:TeamCity , http.favicon.hash:-1944119648 - Exploit Author: ByteHunter - Vendor: JetBrains - Email: email protected - vendor: JetBrains - Version: versions before 2023.05.4 - Tested on: 2023.05.3 -...
Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution Exploit
Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: email protected - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import requests...
CVE-2024-25228
Vinchin Backup and Recovery 7.2 and earlier is affected by an Authenticated Remote Code Execution (RCE) in the getVerifydiyResult function of ManoeuvreHandler.class.php. Sources confirm the vulnerability exists in versions 7.2 and earlier and stems from inadequate input validation, notably in the...
Honeywell PM43 Remote Code Execution
Exploit Title: Honeywell PM43 ' if htmlstartindex != -1: return responsetext:htmlstartindex else: return responsetext except requests.exceptions.RequestException as e: return f"Error: e" def main: parser = argparse.ArgumentParserdescription='Command Injection PoC for Honeywell PM43 Printers'...
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check Chequea si t...
Microsoft Patch Tuesday March 2024 includes critical Hyper-V flaws
The March 2024 Patch Tuesday update includes patches for 61 Microsoft vulnerabilities. Only two of the vulnerabilities are rated critical and both of these are found in Windows Hyper-V. Hyper-V is a hardware virtualization product that allows you to run multiple operating systems as virtual...
MSMS-PHP 1.0 Shell Upload
Title: MSMS-PHP by: oretnom23 v1.0 File Upload - RCE browser using Author: nu11secur1ty Date: 03/13/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/14924/online-mobile-store-management-system-using-php-free-source-code.html Reference:...
CVE-2024-28114 Remote Code Execution using Server Side Template Injection in Peering Manager
Peering Manager is a BGP session management tool. There is a Server Side Template Injection vulnerability that leads to Remote Code Execution in Peering Manager =1.8.2. As a result arbitrary commands can be executed on the operating system that is running Peering Manager. This issue has been...
CVE-2024-28114
CVE-2024-28114 affects Peering Manager (BGP session management) with a Server‑Site Template Injection that enables Remote Code Execution in versions
Patch Tuesday - March 2024
Microsoft is addressing 60 vulnerabilities this March 2024 Patch Tuesday. Microsoft indicated that they aren’t aware of prior public disclosure or exploitation in the wild for any of the vulnerabilities patched today, which means no new additions to CISA KEV at time of writing. Microsoft is...
Microsoft and Adobe Patch Tuesday, March 2024 Security Update Review
Welcome to another insightful dive into Microsofts Patch Tuesday! This months security updates address a significant number of CVEs, underscoring the ongoing battle against digital vulnerabilities. We invite you to join us to review and discuss the details of these security updates and patches...