1805 matches found
Exploit for Improper Access Control in Webmin
WebminRCE-exploit CVE-2022-0824, CVE-2022-0829 - File Manger p...
Exploit for Code Injection in Vmware Spring_Framework
Target machine bash docker run -itd -p 80:8080 vulfocus/spr...
Webmin 1.984 File Manager Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin File Manager RCE', 'Description' = %q In Webmin version 1.984, any authenticated low privilege user without access rights to the File...
Exploit for OS Command Injection in Newspaperclub Pdf_Info
CVE-2022-36231 The ruby gem pdfinfohttps://rubygems.org/g...
Apache Commons Text vulnerability CVE-2022-42889
Updated Oct. 19, 2022 CVE-2022-42889 was recently added to the NVD catalog, with a critical score of 9.8. This vulnerability allows remote code execution RCE in Apache Commons Text. It affects version numbers 1.5-1.9, and an upgrade to Apache Commons Text 1.10.0 disables the problem by default...
Exploit for Improper Access Control in Webmin
golang-webmin-CVE-2022-0824-revshell RCE in Webmin target ur...
GodGenesis - A Python3 Based C2 Server To Make Life Of Red Teamer A Bit Easier. The Payload Is Capable To Bypass All The Known Antiviruses And Endpoints
God Genesis is a C2 server purely coded in Python3 created to help Red Teamers and Penetration Testers. Currently It only supports TCP reverse shell but wait a min, its a FUD and can give u admin shell from any targeted WINDOWS Machine. The List Of Commands It Supports :-...
CVE-2022-42457
Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches runupdate in /usr/bin/gxserve-update.sh e.g., command execution can occur via a reverse shell installed by install.sh...
PSAsyncShell - PowerShell Asynchronous TCP Reverse Shell
PSAsyncShell is an Asynchronous TCP Reverse Shell written in pure PowerShell. Unlike other reverse shells, all the communication and execution flow is done asynchronously, allowing to bypass some firewalls and some countermeasures against this kind of remote connections. Additionally, this tool...
Multiple Authenticated Remote Code Execution Vulnerabilities in Admin Panel
Description An attacker with administrative privileges in the openEMR application can execute arbitrary code on the server remote code execution RCE. This was tested in openEMR version 7.0.0 1 but also affects previous versions of openEMR. Proof of Concept First of all, start a netcat listener on...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
log4j-shell-poc A Proof-Of-Concept for the recently found CVE-...
Exploit for Argument Injection in Atlassian Bitbucket
CVE-2022-36804-PoC Multithreaded exploit script for CVE-2022-3...
Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It
Organizations and security teams work to protect themselves from any vulnerability, and often don't realize that risk is also brought on by configurations in their SaaS apps that have not been hardened. The newly published GIFShell attack method, which occurs through Microsoft Teams, is a perfect...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 🐛 Path traversal and file disclosure vulnera...
CVE-2022-36667
Garage Management System 1.0 is vulnerable to the Remote Code Execution RCE due to the lack of filtering from the file upload function. The vulnerability exist during adding parts and from the upload function, the attacker can upload PHP Reverse Shell straight away to gain RCE...
CVE-2022-36667
Garage Management System 1.0 is vulnerable to the Remote Code Execution RCE due to the lack of filtering from the file upload function. The vulnerability exist during adding parts and from the upload function, the attacker can upload PHP Reverse Shell straight away to gain RCE...
Design/Logic Flaw
Garage Management System 1.0 is vulnerable to the Remote Code Execution RCE due to the lack of filtering from the file upload function. The vulnerability exist during adding parts and from the upload function, the attacker can upload PHP Reverse Shell straight away to gain RCE...
Garage Management System 代码问题漏洞
SourceCodester Garage Management System Cms-Website is a garage management system by mayurik personal developer. It helps you to manage all your vehicles, cars and motorcycles. A security vulnerability exists in Garage Management System version 1.0, which stems from a lack of file upload filterin...
Reverse Shell Commands Over HTTP Payload (CVE-2022-29078)
A reverse shell command Injection over HTTP vulnerability has been reported. A remote attacker can exploit this issue by sending a specially crafted request to the victim. Successful exploitation would allow an attacker to execute arbitrary code on the target machine...
Exploit for Argument Injection in Atlassian Bitbucket
CVE-2022-36804 PoC This repo contains a simple proof of concep...