CVE-2023-41630

eSST Monitoring v2.147.1 was discovered to contain a remote code execution RCE vulnerability via the Gii code generator component...

CVE-2023-41631

CVE-2023-41631 affects eSST Monitoring v2.147.1. The vulnerability is a remote code execution (RCE) via the file upload function. Reported CVSSv3.1 base score is 8.8 (HIGH) with network attack vector, low complexity, privileges required: LOW, no user interaction, and impact to confidentiality, in...

CVE-2023-41630

CVE-2023-41630 affects eSST Monitoring v2.147.1, where the Gii code generator component enables a remote code execution (RCE) vulnerability. The issue is described as an RCE via Gii, with high impact on confidentiality, integrity, and availability as reflected in the CVSS 3.1 score. Public source...

CVE-2023-4666

The Form Maker by 10Web WordPress plugin before 1.15.20 does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE...

Input validation

The Form Maker by 10Web WordPress plugin before 1.15.20 does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE...

EUVD-2023-54518

The Form Maker by 10Web WordPress plugin before 1.15.20 does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE...

CVE-2023-4666 Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload

The Form Maker by 10Web WordPress plugin before 1.15.20 does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE...

CVE-2023-4666

CVE-2023-4666 affects the Form Maker by 10Web WordPress plugin (before 1.15.20). The vulnerability arises because the plugin does not validate signatures when creating them on the server from user input, allowing unauthenticated users to upload arbitrary files and potentially achieve remote code ...

Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets

This is a PoC exploit for CVE-2023-27163, a remote code executio...

WooCommerce Ninja Forms Product Add-ons < 1.7.1 - Unauthenticated Arbitrary File Upload

Description The plugin does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE. PoC Make sure to have both WooCommerce and NinjaForms 3.4.34.2 NF's latest version on the 3.4 branch installed, then follow those...

Exploit for CVE-2023-38646

Metabase Pre-Auth RCE CVE-2023-38646 POC This is a python sc...

Exploit for Improper Authentication in Fit2Cloud Jumpserver

BlackJump Chinese |...

Exploit for Improper Authentication in Fit2Cloud Jumpserver

BlackJump Chinese |...

GNOME Linux Systems Exposed to 1-Click RCE Attacks

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A new security vulnerability, known as CVE-2023-43641, has been identified in the libcue library. This library is utilized by Tracker Miners and is shipped along with the GNOME desktop environment...

Apache Superset Signed Cookie RCE

Apache Superset versions use exploit/linux/http/apachesupersetcookiesigrce msf exploitapachesupersetcookiesigrce show targets ...targets... msf exploitapachesupersetcookiesigrce set TARGET msf exploitapachesupersetcookiesigrce show options ...show and set options... msf...

Metasploit Weekly Wrap-Up

Pollution in Kibana This week, contributor h00die added a module that leverages a prototype pollution bug in Kibana prior to version 7.6.3. Particularly, this issue is within the Upgrade Assistant and enables an attacker to execute arbitrary code. This vulnerability can be triggered by sending a...

F5 Networks BIG-IP : BIG-IP Configuration utility RCE (K000135689)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0.3 / 16.1.4.1 / 15.1.10.2 / 14.1.5.6. It is, therefore, affected by a vulnerability as referenced in the K000135689 advisory. A directory traversal vulnerability exists in the BIG-IP Configuration utility that may...

PyTorch Model Server Registration / Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'PyTorch Model Server Registration and Deserialization RCE', 'Description' = %q The PyTorch model server contains multiple...

PyTorch Model Server Registration and Deserialization RCE

The PyTorch model server contains multiple vulnerabilities that can be chained together to permit an unauthenticated remote attacker arbitrary Java code execution. The first vulnerability is that the management interface is bound to all IP addresses and not just the loop back interface as the...

Authentication Bypass

neuvector is vulnerable to Authentication Bypass. An attacker can reverse engineer a JWT token, forging a valid taken to perform malicious activity. This can lead to RCE...