Coppermine Gallery 1.6.25 - RCE

Exploit Title: coppermine-gallery 1.6.25 RCE Application: coppermine-gallery Version: v1.6.25 Bugs: RCE Technology: PHP Vendor URL: https://coppermine-gallery.net/ Software Link: https://github.com/coppermine-gallery/cpg1.6.x/archive/refs/tags/v1.6.25.zip Date of found: 05.09.2023 Author: Mirabba...

Exploit for CVE-2023-38646

CVE-2023-38646 Fork of kh4sh3i'shttps://github.com/kh4sh...

Exploit for CVE-2023-38646

CVE-2023-38646 The original script originates from securezer...

Remote Code Execution (RCE)

python-reportlab is vulnerable to Remote Code Execution RCE. A remote code execution is possible because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with unichar code=" followed by arbitrary Python code...

.NET 6.0 security, bug fix, and enhancement update

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

.NET 7.0 security, bug fix, and enhancement update

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

RLSA-2023:4643 Important: .NET 7.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.110 and .NET Runtime 7.0.10...

JWT token compromise can allow malicious actions including Remote Code Execution (RCE)

Impact A user can reverse engineer the JWT token JSON Web Token used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE. Patches Upgrade to NeuVector version 5.2.2 or later and latest Helm chart 2.6.3+....

Metasploit Weekly Wrap Up

New module content 3 LDAP Login Scanner Author: Dean Welch Type: Auxiliary Pull request: 18197 contributed by dwelch-r7 Path: scanner/ldap/ldaplogin Description: This PR adds a new login scanner module for LDAP. Login scanners are the classes that provide functionality for testing authentication...

Apache Kafka Connect API Vulnerability in Bitbucket Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 7.21.0, 8.7.1, 8.8.0, 8.9.0, 8.10.0, 8.11.0, and 8.12.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...

Exploit for Missing Authentication for Critical Function in Jetbrains Teamcity

CVE-2023-42793 For educational purposes only PoC for CVE-2...

CVE-2023-37460

A flaw was found in the Plexus Archiver. While using AbstractUnArchiver for extracting, an archive might lead to arbitrary file creation and possible remote code execution RCE. Extracting an archive with an entry in the destination directory as a symbolic link whose target does not exist will...

Remote Code Execution (RCE)

Composer is vulnerable to Remote Code Execution. This vulnerability is due when the composer.phar file is published to a publicly-accessible server and registerargcargv is enabled in php.ini. This can allow an attacker to execute remote code in the server...

ShellTorch Attack Exposes Millions of PyTorch Systems to RCE Vulnerabilities

By Waqas Dubbed ShellTorch by researchers; these PyTorch vulnerabilities are troubling for the artificial intelligence AI and machine learning ML community. This is a post from HackRead.com Read the original post: ShellTorch Attack Exposes Millions of PyTorch Systems to RCE Vulnerabilities...

Important: axis

Issue Overview: UNSUPPPORTED WHEN ASSIGNED UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through "ServiceFactory.getService" allows potentially dangerous lookup mechanisms such as LDAP. When passing untrusted...

TorchServe Pre-Auth Remote Code Execution

Impact Use of Open Source Library potentially exposed to RCE Issue: Use of a version of the SnakeYAML v1.31 open source library with multiple issues that potentially exposes the user to unsafe deserialization of Java objects. This could allow third parties to execute arbitrary code on the target...

GHSA-4MQG-H5JF-J9M7 TorchServe Pre-Auth Remote Code Execution

Impact Use of Open Source Library potentially exposed to RCE Issue: Use of a version of the SnakeYAML v1.31 open source library with multiple issues that potentially exposes the user to unsafe deserialization of Java objects. This could allow third parties to execute arbitrary code on the target...

Remote Code Execution (RCE)

exim is vulnerable to Remote Code Execution RCE. The vulnerability arises from the absence of proper validation for user-supplied data in the SMTP service. This could result in a buffer overflow, enabling an attacker to inject and execute malicious code within the service account's context...

Juniper SRX Firewall / EX Switch Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'unixcrypt' require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule 'Junos OS PHPRC Environment Variable Manipulation RCE', 'Description' = %q...

CVE-2023-43835

Summary: CVE-2023-43835 affects Super Store Finder 3.7 and earlier. The issue is an authenticated Arbitrary PHP Code Injection vulnerability that can lead to remote code execution when settings overwrite the content of config.inc.php. What’s affected: Super Store Finder software, versions ≤ 3.7. ...