1804 matches found
Exploit for Injection in Vm2_Project Vm2
CVE-2023-30547 This is a Proof-of-Concept to CVE-2023-30547 h...
CVE-2023-32479
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by...
CVE-2023-32479
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by...
Privilege escalation
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by...
CVE-2023-32479
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by...
WebCatalog 48.4 Arbitrary Protocol Execution / Code Execution
Exploit Title: WebCatalog 48.4 - Arbitrary Protocol Execution Date: 9/27/2023 Exploit Author: ItsSixtyN3in Vendor Homepage: https://webcatalog.io/en/ Software Link: https://cdn-2.webcatalog.io/webcatalog/WebCatalog%20Setup%2052.3.0.exe Version: 48.4.0 Tested on: Windows CVE : CVE-2023-42222...
Exploit for Code Injection in Craftcms Craft_Cms
This python script exploits the Remote Code Execution vulnerabil...
Arbitrary Code Execution
Processwire is vulnerable to Arbitrary Code Execution. The vulnerability is due to the downloadzipurl parameter when installing new modules. which allows an attacker to execute arbitrary code and install a reverse shell...
Typora v1.7.4 - OS Command Injection Vulnerability
Exploit Title: Typora v1.7.4 - OS Command Injection Discovered by: Ahmet Ümit BAYRAM Vendor Homepage: http://www.typora.io Software Link: https://download.typora.io/windows/typora-setup-ia32.exe Tested Version: v1.7.4 latest Tested on: Windows 2019 Server 64bit Steps to Reproduce Open the...
7 Sticky Notes v1.9 - OS Command Injection Vulnerability
Exploit Title: 7 Sticky Notes v1.9 - OS Command Injection Discovered by: Ahmet Ümit BAYRAM Vendor Homepage: http://www.7stickynotes.com Software Link: http://www.7stickynotes.com/download/Setup7StickyNotesv19.exe Tested Version: 1.9 latest Tested on: Windows 2019 Server 64bit Steps to Reproduce...
Arbitrary Code Execution in Processwire
An issue found in Processwire 3.0.210 allows attackers to execute arbitrary code and install a reverse shell via the downloadzipurl parameter when installing a new module...
GHSA-2CVG-W29M-J8XC Arbitrary Code Execution in Processwire
An issue found in Processwire 3.0.210 allows attackers to execute arbitrary code and install a reverse shell via the downloadzipurl parameter when installing a new module...
CVE-2023-24676
An issue found in ProcessWire 3.0.210 allows attackers to execute arbitrary code and install a reverse shell via the downloadzipurl parameter when installing a new module. NOTE: this is disputed because exploitation requires that the attacker is able to enter requests as an admin; however, a...
Code injection
An issue found in ProcessWire 3.0.210 allows attackers to execute arbitrary code and install a reverse shell via the downloadzipurl parameter when installing a new module. NOTE: this is disputed because exploitation requires that the attacker is able to enter requests as an admin; however, a...
CVE-2023-24676
An issue found in ProcessWire 3.0.210 allows attackers to execute arbitrary code and install a reverse shell via the downloadzipurl parameter when installing a new module. NOTE: this is disputed because exploitation requires that the attacker is able to enter requests as an admin; however, a...
CVE-2023-24676
An issue found in ProcessWire 3.0.210 allows attackers to execute arbitrary code and install a reverse shell via the downloadzipurl parameter when installing a new module. NOTE: this is disputed because exploitation requires that the attacker is able to enter requests as an admin; however, a...
PT-2024-12039 · Unknown · Processwire
Name of the Vulnerable Software and Affected Versions: ProcessWire version 3.0.210 Description: An issue in ProcessWire allows attackers to execute arbitrary code and install a reverse shell via the download zip url parameter when installing a new module. This issue is disputed as it requires the...
Exploit for CVE-2022-25765
CVE-2022-25765 Exploit A small POC exploit for CVE-2022-25765,...
pyGPOAbuse - Partial Python Implementation Of SharpGPOAbuse
Python partial implementation of SharpGPOAbuse by@pkb1s This tool can be used when a controlled account can modify an existing GPO that applies to one or more users & computers. It will create an immediate scheduled task as SYSTEM on the remote computer for computer GPO, or as logged in user for...
Exploit for Server-Side Request Forgery in Apache Ofbiz
Go-Exploit for CVE-2023-51467 This repository contains a go-e...