Lucene search
K

1833 matches found

Exploit DB
Exploit DB
added 2020/05/10 12:0 a.m.261 views

Pi-hole < 4.4 - Authenticated Remote Code Execution

!/usr/bin/env python3 Pi-hole = 4.4 RCE Author: Nick Frichette Homepage: https://frichetten.com Note: This exploit must be run with root privileges and port 80 must not be occupied. While it is possible to exploit this from a non standard port, for the sake of simplicity and not having to modify...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/10 12:0 a.m.173 views

Pi-hole < 4.4 - Authenticated Remote Code Execution / Privileges Escalation

!/usr/bin/env python3 Pi-hole = 4.4 RCE Author: Nick Frichette Homepage: https://frichetten.com Note: This exploit must be run with root privileges and port 80 must not be occupied. While it is possible to exploit this from a non standard port, for the sake of simplicity and not having to modify...

7.4AI score
Exploits0
Gitee
Gitee
added 2020/05/03 6:44 p.m.11 views

Exploit for Race Condition in Canonical Ubuntu_Linux

This is a PoC Proof of Concept exploit for CVE-2016-5195, also known as Dirty COW. The exploit relies on ptrace to patch the vDSO Virtual Dynamic Shared Object and gain root privileges. The exploit is architecture-dependent and may not work on every Linux version. The payload is written in assemb...

7.2CVSS7AI score0.83524EPSS
Exploits81
GithubExploit
GithubExploit
added 2020/04/22 7:28 a.m.28 views

Exploit for Improper Authentication in Microsoft

CVE-2020-0688 Working Exploit PoC CVE-202...

9CVSS8.8AI score0.99965EPSS
Exploits30
Hacker One
Hacker One
added 2020/04/16 8:44 p.m.276 views

Nextcloud: Code injection possible with malformed Nextcloud Talk chat commands

Summary The Nextcloud Talk app allows system administrators to setup chat commands that can be executed in Talk using the "/command" syntax. Users can provide additional arguments to the commands, such as "/calc 1+1" or "/wiki Hello", which are passed to the underlying script using @exec. If...

6.5CVSS0.8AI score0.01668EPSS
Exploits1
Kitploit
Kitploit
added 2020/04/11 12:30 p.m.261 views

Serverless Prey - Serverless Functions For Establishing Reverse Shells To Lambda, Azure Functions, And Google Cloud Functions

Serverless Prey is a collection of serverless functions FaaS, that, once launched to a cloud environment and invoked, establish a TCP reverse shell, enabling the user to introspect the underlying container: Panther: AWS Lambda written in Node.js Cougar: Azure Function written in C Cheetah: Google...

7.4AI score
Exploits0References6
Kitploit
Kitploit
added 2020/03/30 11:30 a.m.77 views

One-Lin3r v2.1 - Gives You One-Liners That Aids In Penetration Testing Operations, Privilege Escalation And More

One-Lin3r is simple modular and light-weight framework gives you all the one-liners that you will need while penetration testing Windows, Linux, macOS or even BSD systems or hacking generally with a lot of new features to make all of this fully automated ex: you won't even need to copy the...

7.8AI score
Exploits0References4
Packet Storm
Packet Storm
added 2020/03/30 12:0 a.m.211 views

Zen Load Balancer 3.10.1 Remote Code Execution

c@kali:/src/eonila/zenload3r$ cat zenload3r.py !/usr/bin/env python zenload3r.py - zen load balancer pwn3r 28.03.2020 @ 22:41 by cody sixteen import base64 import sys, re import requests import ssl from functools import partial ssl.wrapsocket = partialssl.wrapsocket, sslversion=ssl.PROTOCOLTLSv1...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/24 12:0 a.m.346 views

UCM6202 1.0.18.13 - Remote Command Injection

Exploit Title: UCM6202 1.0.18.13 - Remote Command Injection Date: 2020-03-23 Exploit Author: Jacob Baines Vendor: http://www.grandstream.com Product Link: http://www.grandstream.com/products/ip-pbxs/ucm-series-ip-pbxs/product/ucm6200-series Tested on: UCM6202 1.0.18.13 CVE : CVE-2020-5722 Shodan...

10CVSS9.5AI score0.83926EPSS
Exploits8
0day.today
0day.today
added 2020/03/19 12:0 a.m.145 views

Centreon Poller Authenticated Remote Command Execution Exploit

This Metasploit module exploits a flaw where an authenticated user with sufficient administrative rights to manage pollers can use this functionality to execute arbitrary commands remotely. Usually, the miscellaneous commands are used by the additional modules to perform certain actions, by the...

0.5AI score
Exploits0
Kitploit
Kitploit
added 2020/03/07 9:30 p.m.128 views

HTTP Asynchronous Reverse Shell - Asynchronous Reverse Shell Using The HTTP Protocol

Today there are many ways to create a reverse shell in order to be able to remotely control a machine through a firewall. Indeed, outgoing connections are not always filtered. However security software and hardware IPS, IDS, Proxy, AV, EDR... are more and more powerful and can detect these attack...

7AI score
Exploits0References4
exploitpack
exploitpack
added 2020/02/17 12:0 a.m.23 views

Avaya Aura Communication Manager 5.2 - Remote Code Execution

Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Title: Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Author: Sarang Tumne a.k.a SarT Date: 2020-02-14 Confirmed on release 5.2 Vendor: https://www.avaya.com/en/ Avaya's advisory:...

0.6AI score
Exploits0
0day.today
0day.today
added 2020/02/17 12:0 a.m.92 views

Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit

Exploit for hardware platform in category web applications Exploit Title: Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Author: Sarang Tumne a.k.a SarT Confirmed on release 5.2 Vendor: https://www.avaya.com/en/ Avaya's advisory:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/02/17 12:0 a.m.120 views

Avaya Aura Communication Manager 5.2 Remote Code Execution

Exploit Title: Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Author: Sarang Tumne a.k.a SarT Date: 2020-02-14 Confirmed on release 5.2 Vendor: https://www.avaya.com/en/ Avaya's advisory: https://downloads.avaya.com/css/P8/documents/100183151 Exploit generates a reverse shel...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/17 12:0 a.m.929 views

Avaya Aura Communication Manager 5.2 - Remote Code Execution

Exploit Title: Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Author: Sarang Tumne a.k.a SarT Date: 2020-02-14 Confirmed on release 5.2 Vendor: https://www.avaya.com/en/ Avaya's advisory: https://downloads.avaya.com/css/P8/documents/100183151 Exploit generates a reverse shel...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/02/03 12:0 a.m.198 views

Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection Exploit

Exploit for hardware platform in category web applications Exploit Title: Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection Date: 2018-08-01 Exploit Author: Cosmin Craciun Vendor Homepage: https://www.se.com Version: = 1.3.4 Tested on: Delivered Virtual Appliance running...

6.5CVSS0.1AI score0.31802EPSS
Exploits4
0day.today
0day.today
added 2020/01/29 12:0 a.m.138 views

Centreon 19.10.5 - Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit Title: Centreon 19.10.5 - Remote Command Execution Exploit Author: Fabien AUNAY, Omri BASO Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentOS 7 CVE : -...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/01/29 12:0 a.m.158 views

Centreon 19.10.5 Remote Command Execution

Exploit Title: Centreon 19.10.5 - 'centreontrapd' Remote Command Execution Date: 2020-01-29 Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentOS 7 CVE : - Centreon 19.10.5 Remote...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2020/01/29 12:0 a.m.43 views

Centreon 19.10.5 - centreontrapd Remote Command Execution

Centreon 19.10.5 - centreontrapd Remote Command Execution Exploit Title: Centreon 19.10.5 - 'centreontrapd' Remote Command Execution Date: 2020-01-29 Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version:...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/01/29 12:0 a.m.99 views

Centreon 19.10.5 - (centreontrapd) Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit Title: Centreon 19.10.5 - 'centreontrapd' Remote Command Execution Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentO...

0.1AI score
Exploits0
Rows per page
Query Builder