11236 matches found
Immunity Canvas: RAILS_ACTIVESTORAGE_RCE
Name| railsactivestoragerce ---|--- CVE| CVE-2019-5420 Exploit Pack| CANVAS Description| Ruby on Rails Arbitrary Deserialization RCE CVE-2019-5420 Notes| CVE Name: CVE-2019-5420 VENDOR: Rails NOTES: The vulnerability resides in the ActionStorage component of Ruby on Rails due to insufficient...
AIS logistics ESEL-Server Unauth SQL Injection RCE
This module will execute an arbitrary payload on an "ESEL" server used by the AIS logistic software. The server typically listens on port 5099 without TLS. There could also be server listening on 5100 with TLS but the port 5099 is usually always open. The login process is vulnerable to an SQL...
CMS Made Simple (CMSMS) Showtime2 File Upload Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "CMS Made Simple CMSMS Showtime2 File Upload RCE", 'Description' = %q This module exploits a File Upload vulnerability that lead in a RCE in...
. NET advanced code audit of the fifth classes . NET Remoting deserialization vulnerability-vulnerability warning-the black bar safety net
In recent days foreign security researcher Soroush Dalili @irsdl公布了.NET the Remoting application may exist deserializing a security risk, when the server using the HTTP channel of the SoapServerFormatterSinkProvider class as the channel of the receiver and will automatically deserialize the...
SUPEE-11086 - RCE, XSS, CSRF and other vulnerabilities
More info at https://magento.com/security/patches/supee-11086...
CVE-2019-3484
Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7...
TCPDF 6.2.19 Deserialization / Remote Code Execution Exploit
TCPDF versions 6.2.19 and below suffer from a deserialization vulnerability that can allow for remote code execution. CVE-2018-17057: phar deserialization in TCPDF might lead to RCE --------------------------------------------------------------- Affected products ================= TCPDF While it ...
GPON ONT Home Gateway Authenticated Remote Command Execution (CVE-2019-3919)
Binary data gponcve-2019-3919.nbin...
TCPDF 6.2.19 Deserialization / Remote Code Execution
CVE-2018-17057: phar deserialization in TCPDF might lead to RCE --------------------------------------------------------------- Affected products ================= TCPDF While it is a nice feature to have for the developer, it may cause problems in case the PDF creation script is vulnerable to...
Semmle: All Burp Suite Scan report
Summary: 1. Detected Deserialization RCE: Jackson 1.1. https://lgtm-com.pentesting.semmle.net/blog/ lgtmshortsession cookie 1.2. https://lgtm-com.pentesting.semmle.net/internalapi/v0.2/getSuggestedProjects apiVersion parameter 2. Session token in URL 3. CSP: Inline scripts can be inserted 3.1...
Flash Player < 31.0.0.153 RCE (APSB18-44)
Binary data 700439.prm...
Flash Player < 28.0.0.161 Multiple RCE (APSB18-03)
Binary data 700430.prm...
Flash Player < 27.0.0.130 Multiple RCE (APSB17-28)
Binary data 700425.prm...
CMS Made Simple (CMSMS) Showtime2 File Upload RCE
This module exploits a File Upload vulnerability that lead in a RCE in Showtime2 module "CMS Made Simple CMSMS Showtime2 File Upload RCE", 'Description' = %q This module exploits a File Upload vulnerability that lead in a RCE in Showtime2 module = 3.6.2 in CMS Made Simple CMSMS. An authenticated...
Researcher Says NSA's Ghidra Tool Can Be Used for RCE
Ghidra, a free, open-source software reverse-engineering tool that was released by the National Security Agency at RSA, has been found to be a potential conduit to remote code-execution. Ghidra is a disassembler written in Java; software that breaks down executable files into assembly code that c...
Jenkins ACL Bypass / Metaprogramming Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins ACL Bypass and Metaprogramming RCE', 'Description' = %q This module exploits a vulnerability in Jenkins dynamic routing to bypass the...
Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming RCE Exploit
This Metasploit module exploits a vulnerability in Jenkins dynamic routing to bypass the Overall/Read ACL and leverage Groovy metaprogramming to download and execute a malicious JAR file. The ACL bypass gadget is specific to Jenkins versions 2.137 and below and will not work on later versions of...
Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins ACL Bypass and Metaprogramming RCE', 'Description' = %q This module exploits a vulnerability in Jenkins dynamic routing to bypass the...
CVE-2018-10093
AudioCodes IP phones 420HD/400HD running firmware 2.2.12.126 are affected by a remote code execution vulnerability in CGI scripts (notably command.cgi) due to input validation failures. An attacker could execute arbitrary commands on the device, potentially compromising the VoIP network. Remediat...
Monero: Potential use-after-free due to struct array_entry_t lacking an explicit copy constructor
struct arrayentryt in contrib/epee/include/storages/portablestoragebase.h does not implement a copy constructor. Wherever there is code that attempts to copy-construct arrayentryt, the compiler inserts a copy constructor for arrayentryt that merely copies over the values. The struct possesses an...