CVE-2023-34362

In Progress MOVEit Transfer before 2021.0.6 13.0.6, 2021.1.4 13.1.4, 2022.0.4 14.0.4, 2022.1.5 14.1.5, and 2023.0.1 15.0.1, a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer’s database...

Total CMS 1.7.4 Shell Upload

Exploit Title: Total CMS 1.7.4 - Remote Code Execution RCE on File Upload Authenticated Date: 03/06/2023 Exploit Author: tmrswrr Version: 1.7.4 Vendor home page : https://www.totalcms.co/ Tested Url : https://www.totalcms.co/demo/soccer/ PLatform : MACOSX 1 Go to this page and click edit page...

WordPress Elementor Website Builder Plugin < 3.18.2 RCE Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elementor:websitebuilder"; ifdescription...

CVE-2022-45938

CVE-2022-45938 affects Comcast Defined Technologies microeisbss (through 2021). A stored XSS in the Device ID field under Inventory Management can lead to Remote Code Execution and privilege escalation. Multiple sources corroborate the impact (RCE and privilege escalation) and indicate the issue ...

CVE-2023-33722

EDIMAX BR-6288ACL v1.12 was discovered to contain an authenticated remote code execution RCE vulnerability via the pppUserName parameter...

CVE-2022-35752 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

...

CVE-2023-33508

KramerAV VIA GO² 4.0.1.1326 is vulnerable to unauthenticated file upload resulting in Remote Code Execution RCE...

CVE-2023-33722

EDIMAX BR-6288ACL v1.12 was discovered to contain an authenticated remote code execution RCE vulnerability via the pppUserName parameter...

CVE-2023-33735

CVE-2023-33735 affects D-Link DIR-846 v1.00A52. The vulnerability is a remote command execution via the tomography_ping_address parameter on the /HNAP1 interface, attributed to the HNAP1 handling in the device firmware. Impact is described as total (high confidentiality, integrity, and availabili...

CVE-2023-33735

D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution RCE vulnerability via the tomographypingaddress parameter in the /HNAP1 interface...

CVE-2023-33508

CVE-2023-33508 affects KramerAV VIA GO² prior to version 4.0.1.1326, with unauthenticated file upload leading to Remote Code Execution (RCE) . Multiple connected sources corroborate this vulnerability in affected versions. Exploitation details are not provided in the supplied documents. Remediati...

CVE-2023-33722

CVE-2023-33722 affects Edimax BR-6288ACL (firmware v1.12) with an authenticated remote code execution (RCE) vulnerability exposed via the pppUserName parameter. The available documents identify the affected device and the vulnerability class but do not provide concrete exploit details, additional...

CVE-2023-33234 Apache Airflow CNCF Kubernetes Provider: KubernetesPodOperator RCE via connection configuration

Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection. In order to exploit this weakness, a user would already need elevated permissions Op or Admin to change the connection object in this...

CVE-2023-33234 Apache Airflow CNCF Kubernetes Provider: KubernetesPodOperator RCE via connection configuration

Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection. In order to exploit this weakness, a user would already need elevated permissions Op or Admin to change the connection object in this...

Jetpack < 12.1.1 - Author+ Arbitrary File Manipulation via API

The plugin does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization. PoC curl --json ' "media": "tmpname": "/WPCONTENTPATH/wp-config.php"...

GHSA-9WQR-5JP4-MJMH Dolibarr vulnerable to remote code execution via uppercase manipulation

Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: ?PHP instead of ?php in injected data...

CVE-2022-24629

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. Remote code execution can be achieved via directory traversal in the dir parameter of the file upload functionality of BrowseFiles.php. An attacker can upload a .php file to WebAdmin/admin/AudioCodesfiles/ajax/...

CVE-2023-30253

Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: ?PHP instead of ?php in injected data...

Exploit for Deserialization of Untrusted Data in Oracle Weblogic_Server

CVE-2023-21839-metasploit-scanner Usage git clone https://...

Microsoft Patch Tuesday May 2023: Microsoft Edge, BlackLotus Secure Boot SFB, OLE RCE, Win32k EoP, NFS RCE, PGM RCE, LDAP RCE, SharePoint RCE

Microsoft Patch Tuesday May 2023: Microsoft Edge, BlackLotus Secure Boot SFB, OLE RCE, Win32k EoP, NFS RCE, PGM RCE, LDAP RCE, SharePoint RCE. Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2023, including vulnerabilities that were added between April and May Patch...