1829 matches found
Victure WR1200 操作系统命令注入漏洞
The Victure WR1200 is a router. A security vulnerability exists in the Victure WR1200 1.0.3 and prior versions, which stems from a lack of command filtering and restriction in the device's web interface, resulting in a command injection vulnerability that could be exploited by an attacker to inje...
Laundry Booking Management System 1.0 - Remote Code Execution Exploit
Exploit Title: Laundry Booking Management System 1.0 - Remote Code Execution RCE Exploit Author: Pablo Santiago Vendor Homepage: https://www.sourcecodester.com/php/14400/laundry-booking-management-system-php-source-code.html Software Link:...
11 Malicious PyPI Python Libraries Caught Stealing Discord Tokens and Installing Shells
Cybersecurity researchers have uncovered as many as 11 malicious Python packages that have been cumulatively downloaded more than 41,000 times from the Python Package Index PyPI repository, and could be exploited to steal Discord access tokens, passwords, and even stage dependency confusion...
GitLab 13.10.2 Remote Code Execution
Exploit Title: GitLab 13.10.2 - Remote Code Execution RCE Unauthenticated Shodan Dork: https://www.shodan.io/search?query=title%3A%22GitLab%22+%2B%22Server%3A+nginx%22 Date: 11/01/2021 Exploit Author: Jacob Baines Vendor Homepage: https://about.gitlab.com/ Software Link:...
GitLab 13.10.2 - Remote Code Execution Exploit
Exploit Title: GitLab 13.10.2 - Remote Code Execution RCE Unauthenticated Shodan Dork: https://www.shodan.io/search?query=title%3A%22GitLab%22+%2B%22Server%3A+nginx%22 Exploit Author: Jacob Baines Vendor Homepage: https://about.gitlab.com/ Software Link: https://gitlab.com/gitlab-org/gitlab...
Exploit for OS Command Injection in Systeminformation
the CVE-2021-21315's exploit code wrote with Rust lang I'm ru...
Exploit for Code Injection in Gitlab
GitLab-CVE-2021-22205-scanner Usage $ python3 GitLab...
10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow (SEH) Exploit
Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow SEH Exploit Author: ro0k Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.31 Tested on: Windows 10 x64 Education...
Codiad 2.8.4 - Remote Code Execution Exploit (4)
Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 4 Author: P4p4M4n3 Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Type: WebApp ------------------------------------- Proof of Concept: 1- login on codiad 2- go to...
10-Strike Network Inventory Explorer Pro 9.31 Buffer Overflow
Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow SEH Date: 2021-10-31 Exploit Author: ro0k Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.31 Tested on: Windows 1...
Codiad 2.8.4 Shell Upload
Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 4 Author: P4p4M4n3 Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Type: WebApp ------------------------------------- Proof of Concept: 1- login on codiad 2- go to...
Exploit for Code Injection in Gitlab
CVE-2021-22205 CVE-2021-22205 RCE 工具仅用于分享交流,切勿用于非授权测试,否则与作者无关...
Exploit for Path Traversal in Microsoft
CVE-2021-40444-POC An attempt to reproduce Microsoft MSHTML Re...
Mediator - An Extensible, End-To-End Encrypted Reverse Shell With A Novel Approach To Its Architecture
Mediator is an end-to-end encrypted reverse shell in which the operator and the shell connect to a "mediator" server that bridges the connections. This removes the need for the operator/handler to set up port forwarding in order to listen for the connection. Mediator also allows you to create...
OpenClinic GA 5.194.18 Privilege Escalation
Exploit Title: OpenClinic GA 5.194.18 - Local Privilege Escalation Date: 2021-07-24 Author: Alessandro Salzano Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Homepage: https://sourceforge.net/projects/open-clinic/ Software Link:...
Gestionale Open 11.00.00 - Local Privilege Escalation Vulnerability
Exploit Title: Gestionale Open 11.00.00 - Local Privilege Escalation Author: Alessandro 'mindsflee' Salzano Vendor Homepage: https://www.gestionaleopen.org/ Software Homepage: https://www.gestionaleopen.org/ Software Link:...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-42013Reverse-Shell PoC CVE-2021-42013 reverse shell...
Apache HTTP Server 2.4.50 Remote Code Execution
Exploit: Apache HTTP Server 2.4.50 - Remote Code Execution RCE 2 Credits: Ash Daulton & cPanel Security Team Date: 24/07/2021 Exploit Author: TheLastVvV.com Vendor Homepage: https://apache.org/ Version: Apache 2.4.50 with CGI enable Tested on : Debian 5.10.28 CVE : CVE-2021-42013 !/bin/bash echo...
Active-Directory-Exploitation-Cheat-Sheet
This is a cheat sheet for Windows Active Directory exploitation, containing common enumeration and attack methods. The repository is a collection of PowerShell scripts and modules that can be used to perform various attacks on Active Directory, including domain enumeration, lateral movement, and...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-42013 Introduction It was found that the fix for C...