15280 matches found
NorthStar C2 Agent 1.0 Cross Site Scripting / Remote Command Execution
Exploit Title: NorthStar C2 agent RCE via stored XSS Date: 2024-03-11 Exploit Author: @chebuya Software Link: https://github.com/EnginDemirbilek/NorthStarC2 Version: v1.0 Tested on: Ubuntu 20.04 LTS CVE: CVE-2024-28741 Description: NorthStar C2 applies insufficient sanitization on agent...
Backdoor.Win32.Beastdoor.oq MVID-2024-0674 Remote Command Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/6268df4c9c805c90725dde4fe5ef6fea.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Beastdoor.oq Vulnerability: Unauthenticated Remote Command Execution...
Akaunting 3.1.3 Remote Command Execution
Exploit Title: Akaunting 3.1.3 - RCE Date: 08/02/2024 Exploit Author: [email protected] Vendor Homepage: https://akaunting.com Software Link: https://github.com/akaunting/akaunting Version: = 3.1.3 Tested on: Ubuntu 22.04 CVE : CVE-2024-22836 !/usr/bin/python3 import sys import re import requests...
OESA-2024-1248 atril security update
Mate-document-viewer is simple document viewer. It can display and print Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS, DVI, DJVU, epub and XPS files. When supported by the document format, mate-document-viewer allows searching for text, copying text to the clipboard,...
CVE-2023-33676
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=" which can be escalated to the remote command execution...
CVE-2023-33676
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=" which can be escalated to the remote command execution...
CVE-2023-33676
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=" which can be escalated to the remote command execution...
Sql injection
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=" which can be escalated to the remote command execution...
CVE-2023-33676
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=" which can be escalated to the remote command execution...
CVE-2023-33676
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=" which can be escalated to the remote command execution...
Lost and Found Information System security breach
Lost and Found Information System is a lost and found information system by oretnom23 Individual Developer. A security vulnerability exists in the Lost and Found Information System that originates from an unauthenticated SQL injection attack via "?page=items/view&id=", which can be escalated to...
PT-2024-12435 · Sourcecodester · Lost/Found Information System
Name of the Vulnerable Software and Affected Versions: Sourcecodester Lost and Found Information System version 1.0 Description: The issue concerns an unauthenticated SQL Injection vulnerability at the "/items/view&id=" endpoint, which can be escalated to remote command execution. Recommendations...
The vulnerability of the IBM Security Guardium information protection tool lies in the lack of mechanisms for neutralizing CSV files, allowing attackers to execute arbitrary commands.
The vulnerability of the IBM Security Guardium security tool lies in the absence of a mechanism to neutralize elements within the CSV file. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary commands by sending a specially crafted CSV file...
BIT-GITLAB-2021-22205
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution...
elFinder Web file manager Version - 2.1.53 Remote Command Execution Vulnerability
Exploit Title: elFinder Web file manager Version: 2.1.53 Remote Command Execution Exploit Author: tmrswrr Google Dork: intitle:"elFinder 2.1.53" Vendor Homepage: https://studio-42.github.io/elFinder/ Software Link: https://github.com/Studio-42/elFinder/archive/refs/tags/2.1.53.zip Version: 2.1.53...
CSZ CMS Version 1.3.0 - Authenticated Remote Command Execution Exploit
Exploit Title: CSZ CMS Version 1.3.0 Remote Command Execution Exploit Author: tmrswrr Vendor Homepage: https://www.cszcms.com/ Software Link: https://www.cszcms.com/link/3https://sourceforge.net/projects/cszcms/files/latest/download Version: Version 1.3.0 Tested on:...
CSZ CMS Version 1.3.0 - Authenticated Remote Command Execution
Exploit Title: CSZ CMS Version 1.3.0 Remote Command Execution Date: 17/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.cszcms.com/ Software Link: https://www.cszcms.com/link/3https://sourceforge.net/projects/cszcms/files/latest/download Version: Version 1.3.0 Tested on:...
elFinder Web file manager Version - 2.1.53 Remote Command Execution
Exploit Title: elFinder Web file manager Version: 2.1.53 Remote Command Execution Date: 23/11/2023 Exploit Author: tmrswrr Google Dork: intitle:"elFinder 2.1.53" Vendor Homepage: https://studio-42.github.io/elFinder/ Software Link: https://github.com/Studio-42/elFinder/archive/refs/tags/2.1.53.zi...
Amazon Linux 2 : engrampa (ALASMATE-DESKTOP1.X-2024-008)
The version of engrampa installed on the remote host is prior to 1.24.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2MATE-DESKTOP1.X-2024-008 advisory. Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal...
openssh: potential command injection via shell metacharacters
A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters...