11233 matches found
CVE-2023-38941
django-sspanel v2022.2.2 was discovered to contain a remote command execution RCE vulnerability via the component sspanel/adminview.py - GoodsCreateView.post...
CVE-2023-38942
Dango-Translator v4.5.5 is affected by a remote command execution (RCE) vulnerability through the component app/config/cloud_config.json. The CVE-2023-38942 entry indicates a CRITICAL severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) with network access, no privileges, and no user interact...
CVE-2023-36298
CVE-2023-36298 : The connected sources identify a file-upload vulnerability in DedeCMS v5.7.109 that can lead to remote code execution (RCE). The records do not specify the root cause details, affected subcomponents, exact exploit vectors, or a published fix/patch version. No in-the-wild exploita...
CVE-2023-37679
CVE-2023-37679 / CVE-2023-43208 (NextGen HealthCare Mirth Connect) : Open-source data integration platform vulnerable to unauthenticated remote code execution due to improper/deserialization handling. Affects Mirth Connect versions prior to 4.4.1 (PoCs and advisories reference vulnerable ranges i...
Cosmos: RCE and DoS in Cosmovisor
Vulnerability description not provided...
Exploit for CVE-2023-38646
CVE-2023-38646 - Metabase Pre-auth RCE !Untitled presentatio...
Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager
Refresh This container emulates the vulnerable functionality o...
Atlassian Confluence 8.x < 8.3.2 Remote Code Execution
According to its self-reported version number, the Atlassian Confluence application running on the remote host is 8.0.0 prior to 8.3.2. It is, therefore, affected by a Remote Code Execution flaw which permits remote attackers to execute arbitary code without user interaction. No source data...
CVE-2023-38303
An issue was discovered in Webmin 2.021. One can exploit a stored Cross-Site Scripting XSS attack to achieve Remote Command Execution RCE through the Users and Group's real name parameter...
Cross site scripting
An issue was discovered in Webmin 2.021. One can exploit a stored Cross-Site Scripting XSS attack to achieve Remote Command Execution RCE through the Users and Group's real name parameter...
Exploit for CVE-2023-38646
CVE-2023...
Rudder Server SQL Injection / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rudder Server SQLI Remote Code Execution', 'Description' = %q This Metasploit module exploits a SQL injection vulnerability in RudderStack's...
CVE-2023-38303
An issue was discovered in Webmin 2.021. One can exploit a stored Cross-Site Scripting XSS attack to achieve Remote Command Execution RCE through the Users and Group's real name parameter...
CVE-2023-38303
An issue was discovered in Webmin 2.021. One can exploit a stored Cross-Site Scripting XSS attack to achieve Remote Command Execution RCE through the Users and Group's real name parameter...
Zomplog 3.9 Remote Code Execution
Exploit Title: zomplog 3.9 - Remote Code Execution RCE Application: zomplog Version: v3.9 Bugs: RCE Technology: PHP Vendor URL: http://zomp.nl/zomplog/ Software Link: http://zomp.nl/zomplog/downloads/zomplog/zomplog3.9.zip Date of found: 22.07.2023 Author: Mirabbas Ağalarov Tested on: Linux impor...
CVE-2023-38303
CVE-2023-38303 affects Webmin 2.021. A stored XSS in the Users and Groups real name parameter can lead to Remote Command Execution (RCE). Impact is described as RCE via authenticated user input; CVSS v3.1 base score 5.4 (MEDIUM). Public details from multiple sources confirm the vulnerability in W...
Exploit for Expression Language Injection in Atlassian Confluence_Data_Center
PoC exploit for CVE-2022-26134, a Confluence pre-auth remote cod...
Exploit for CVE-2023-38646
Metabase Pre Authentication RCE CVE-2023-38646 We have pro...
Exploit for CVE-2023-38646
CVE-2023-38646 Metabase Pre-auth R...
Exploit for Command Injection in Apache Airflow
Apache Airflow SQL injection PoC CVE-2023-22884 PoC for C...