11231 matches found
Drupal 7 SA-CORE-2018-004 RCE
Remote command execution vulnerability in Drupal Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...
CVE-2018-10747
Affected product: D-Link DSL-3782 EU version 1.01. In the Diagnostics component, the /userfs/bin/tcapi binary accepts an unset parameter. An authenticated user can supply a long buffer to unset and trigger memory corruption, potentially redirecting program flow and enabling arbitrary code execut...
CVE-2018-10750
Summary: CVE-2018-10750 affects the D-Link DSL-3782 EU 1.01 firmware. An authenticated user can supply a very long value to the /userfs/bin/tcapi binary via the staticGet function, triggering a buffer overflow that corrupts memory and can redirect program flow to execute arbitrary code. Several ...
Critical Cisco WebEx Bug Allows Remote Code Execution
A critical vulnerability in the recording function of Cisco Systems’ WebEx conferencing platform has been uncovered, allowing for remote code execution. Attackers can use the flaw by convincing users to open a file purporting to be a recording of a past WebEx event. The bug CVE-2018-0264 exists i...
Cisco WebEx Advanced Recording Format Player Remote Code Execution Vulnerability
A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format ARF files could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability is due to a design flaw in the affected software. An attacker could exploit this...
Schneider Electric Patches Critical RCE Vulnerability
Researchers discovered a critical remote code execution vulnerability in two Schneider Electric industrial control related products that could give attackers the ability to disrupt or shut down plant operations. Tenable Research, who discovered the vulnerability CVE-2018-8840 and created a...
GitList 0.6 Remote Code Execution
python import requests from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer import urlparse import urllib import threading import time import os import re url = 'http://192.168.1.1/gitlist/' command = 'id' yourip = '192.168.1.100' yourport = 8001 print "GitList 0.6 Unauthenticated RCE"...
Multiple Vulnerabilities in NagiosXI
We found four vulnerabilities in NagiosXI, and chained them together to create a root RCE exploit, available here. Vulnerability chaining can increase the risk posed by individual vulns, it takes a village to raise a root RCE etc. etc. If you’re running NagiosXI = 5.4.12, update. If you perform...
Nagios XI 5.2.[6-9], 5.3, 5.4 - Chained Remote Root Exploit
Exploit for php platform in category web applications Exploit Title: Nagios XI 5.2.6-9, 5.3, 5.4 Chained Remote Root Exploit Authors: Benny Husted, Jared Arave, Cale Smith Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage:...
Nagios XI 5.2.6 5.2.9 5.3 5.4 - Chained Remote Root
Nagios XI 5.2.6 5.2.9 5.3 5.4 - Chained Remote Root Exploit Title: Nagios XI 5.2.6-9, 5.3, 5.4 Chained Remote Root Date: 4/17/2018 Exploit Authors: Benny Husted, Jared Arave, Cale Smith Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor...
Oracle WebLogic Server Deserialization RCE (CVE-2018-2628)
The remote Oracle WebLogic server is affected by a remote code execution vulnerability in the Core Components subcomponent due to unsafe deserialization of Java objects by the RMI registry. An unauthenticated, remote attacker can exploit this, via a crafted Java object, to execute arbitrary Java...
Nagios XI 5.2.6 < 5.2.9 / 5.3 / 5.4 - Chained Remote Root
Exploit Title: Nagios XI 5.2.6-9, 5.3, 5.4 Chained Remote Root Date: 4/17/2018 Exploit Authors: Benny Husted, Jared Arave, Cale Smith Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage: https://www.nagios.com/ Software Link:...
Node.js third-party modules: Unrestricted file upload (RCE)
I would like to report an unrestricted file upload in express-cart. It allows a user with administrative privileges to upload a file to any path. Module module name: express-cart version: 1.1.5 npm page: https://www.npmjs.com/package/express-cart Module Description expressCart is a fully function...
Drupalgeddon3: Third Critical Flaw Discovered
For the third time in the last 30 days, Drupal site owners are forced to patch their installations. As the Drupal team noted a few days ago, new versions of the Drupal CMS were released, to patch one more critical RCE vulnerability affecting Drupal 7 and 8 core. The vulnerability, code-named...
CVE-2018-10431
D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen...
GitList 0.6 - Remote Code Execution
GitList 0.6 - Remote Code Execution ''' Exploit Title: GitList 0.6 Unauthenticated RCE Date: 25-04-2018 Software Link: https://github.com/klaussilveira/gitlist Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1...
GitList 0.6 Remote Code Execution
Exploit Title: GitList 0.6 Unauthenticated RCE Date: 25-04-2018 Software Link: https://github.com/klaussilveira/gitlist Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description Bypass/Exploit escapeshellarg using...
GitList 0.6 - Remote Code Execution
''' Exploit Title: GitList 0.6 Unauthenticated RCE Date: 25-04-2018 Software Link: https://github.com/klaussilveira/gitlist Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description Bypass/Exploit escapeshellarg...
D7 Media - Critical - Remote Code Execution - SA-CONTRIB-2018-020
The Media module provides an extensible framework for managing files and multimedia assets, regardless of whether they are hosted on your own site or a third party site. The module contained a vulnerability similar to SA-CORE-2018-004, leading to a possible remote code execution RCE attack...
WordPress Woo Import Export 1.0 Arbitrary File Deletion
...