CVE-2023-5931 rtMedia for WordPress, BuddyPress and bbPress < 4.6.16 - Subscriber+ RCE

The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account e.g. subscribers to upload arbitrary files such as PHP on the server...

Exploit for Code Injection in Craftcms Craft_Cms

Craft CMS CVE-2023-41892 There is a Unauthenticated Remote...

CVE-2023-51467 Apache OFBiz: Pre-authentication Remote Code Execution (RCE) vulnerability

The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code...

Zero-Click Outlook RCE Exploitation Chain in Windows

Summary: Two vulnerabilities CVE-2023-35384 and CVE-2023-36710 in Microsoft Windows can be chained to achieve remote code execution RCE on vulnerable Outlook clients. Attackers can exploit these flaws by sending a crafted email with a custom notification sound file to trigger the download of a...

Exploit for Command Injection in Tp-Link Tapo_C200_Firmware

TP-Link Tapo c200 1.1.15 - Remote Code Execution RCE CVE-2...

CVE-2023-50254

Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...

Design/Logic Flaw

Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...

CVE-2023-50254

Summary : Deepin Linux’s default document reader, deepin-reader , is affected in versions prior to 6.0.7 due to a design flaw that allows remote command execution by processing crafted docx files. The vulnerability is a file overwrite issue; RCE can occur by overwriting files such as ~/.bashrc, ~...

Craft CMS 4.4.14 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Craft CMS unauthenticated Remote Code Execution RCE', 'Description' = %q This module exploits Remote Code Execution vulnerability CVE-2023-41892 ...

Craft CMS 4.4.14 Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Craft CMS versions 4.0.0-RC1 through 4.4.14. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Craft CMS...

How Outlook notification sounds can lead to zero-click exploits

An Akamai researcher has found two vulnerabilities in Windows that can be combined to achieve a full, zero-click remote code execution RCE in Outlook. Both vulnerabilities were responsibly disclosed to Microsoft and addressed in the August 2023 and October 2023 patch Tuesdays, so the researcher...

Vinchin Backup And Recovery Command Injection Exploit

This Metasploit module exploits a command injection vulnerability in Vinchin Backup & Recovery v5.0., v6.0., v6.7., and v7.0.. Due to insufficient input validation in the checkIpExists API endpoint, an attacker can execute arbitrary commands as the web server user. This module requires Metasploit...

Cisco Identity Services Engine RCE (cisco-sa-struts-C2kCMkmT)

An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Please see the included Cisco BIDs and Cisco Security Advisory for more information. Note that Nessu...

Vinchin Backup and Recovery Command Injection

This module exploits a command injection vulnerability in Vinchin Backup & Recovery v5.0., v6.0., v6.7., and v7.0.. Due to insufficient input validation in the checkIpExists API endpoint, an attacker can execute arbitrary commands as the web server user. Module Options msf use...

CVE-2023-35895

IBM Informix JDBC Driver (versions 4.10.x and 4.50.x) is affected by CVE-2023-35895 due to a JNDI injection in an unchecked argument passed to a specific API, enabling remote code execution. Public documentation from IBM and multiple CVE records confirm the vulnerability in the Informix JDBC driv...

Exploit for Files or Directories Accessible to External Parties in Apache Struts

CVE-2023-50164 : Apache Struts 2 vulnerable Docker container...

MajorDoMo Remote Code Execution Vulnerability

Introduction MajorDoMo, a beacon in Russian home automation and particularly favored by Raspberry Pi aficionados, has been a trusted name for over a decade. With over 380 stars on its official GitHub repository at the time of writing https://github.com/sergejey/majordomo, its popularity is eviden...

MajorDoMo Remote Code Execution

Introduction MajorDoMo, a beacon in Russian home automation and particularly favored by Raspberry Pi aficionados, has been a trusted name for over a decade. With over 380 stars on its official GitHub repository at the time of writing https://github.com/sergejey/majordomo, its popularity is eviden...

Atlassian Confluence Improper Authorization / Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Unauth JSON setup-restore Improper Authorization leading to RCE CVE-2023-22518', 'Description' = %q This Improper...

CVE-2023-4311 Vrm 360 3D Model Viewer <= 1.2.1 - Contributor+ Arbitrary File Upload Leading to RCE

The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode...