Malicious Package in sj-tw-abc

All versions of sj-tw-abc contain malicious code. The package downloads and runs a script that opens a reverse shell in the system. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

GHSA-4HFC-FV33-PH9P Malicious Package in sj-tw-abc

All versions of sj-tw-abc contain malicious code. The package downloads and runs a script that opens a reverse shell in the system. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package in sj-tw-sec

All versions of sj-tw-sec contain malicious code. The package downloads and runs a script that opens a reverse shell in the system. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

GHSA-692H-G37C-QV44 Malicious Package in sj-tw-sec

All versions of sj-tw-sec contain malicious code. The package downloads and runs a script that opens a reverse shell in the system. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package in sj-tw-test-security

All versions of sj-tw-test-security contain malicious code. The package downloads and runs a script that opens a reverse shell in the system. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer...

GHSA-RCV7-4W2M-GJ9V Malicious Package in sj-tw-test-security

All versions of sj-tw-test-security contain malicious code. The package downloads and runs a script that opens a reverse shell in the system. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer...

Malicious Package in owl-orchard-apple-sunshine

All versions of owl-orchard-apple-sunshine contain malicious code. The package downloads and runs a script that opens a reverse shell in the system. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

Rukovoditel 2.7.1 - Remote Code Execution (2) (Authenticated)

!/usr/bin/python3 Exploit Title: Rukovoditel 2.7.1 - Remote Code Execution Authenticated Exploit Author: @danyx07 Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Version: Rukovoditel -p you can provide credentials, load the image with PHP...

CMS Made Simple 2.2.14 Shell Upload

!/usr/bin/python3 -- coding: utf-8 -- Exploit Title: CMS Made Simple 2.2.14 - Arbitrary File Upload Authenticated Google Dork: N/A Date: 2020-08-31 Exploit Author: Luis Noriega @nogagmx Vendor Homepage: https://www.cmsmadesimple.org/ Software Link:...

CMS Made Simple 2.2.14 - Arbitrary File Upload (Authenticated)

!/usr/bin/python3 -- coding: utf-8 -- Exploit Title: CMS Made Simple 2.2.14 - Arbitrary File Upload Authenticated Google Dork: N/A Date: 2020-08-31 Exploit Author: Luis Noriega @nogagmx Vendor Homepage: https://www.cmsmadesimple.org/ Software Link:...

Linux/x86 reverse TCP Shellcode (84 bytes)

Title: Linux/x86 - Reverse TCP Shellcode 84 bytes Author: Xenofon Vassilakopoulos Tested on: Linux 3.13.0-32-generic 57precise1-Ubuntu i686 i386 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 84 bytes SLAE-ID: SLAE - 1314 --------------------- Reverse Shellcode ---------------------...

Acronis: TrueImage for Acronis True Image 2020 - Untrusted DLL Search-Ordering lead to Privilege Escalation as Administrative account

Vulnerability description not provided...

CVE-2020-22722

Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in the ScadaAgentSvc.exe executable file. An attacker can obtain admin privileges by placing a malicious .exe file in the application and renaming it ScadaAgentSvc.exe, which would result in executing t...

OpenEMR 5.0.1 Remote Code Execution

!/usr/bin/env ruby Title: OpenEMR --shell --user --password --debug FILE semi-auto --root-url --user --password --payload --lhost --lport --debug FILE auto --root-url --user --password --lhost --lport --debug FILE -H | --help Options: -r , --root-url Root URL base path including HTTP scheme, port...

OpenEMR 5.0.1 Remote Code Execution Exploit

Exploit for php platform in category web applications !/usr/bin/env ruby Title: OpenEMR --shell --user --password --debug FILE semi-auto --root-url --user --password --payload --lhost --lport --debug FILE auto --root-url --user --password --lhost --lport --debug FILE -H | --help Options: -r ,...

SNOWCRASH - A Polyglot Payload Generator

A polyglot payload generator Introduction SNOWCRASH creates a script that can be launched on both Linux and Windows machines. Payload selected by the user in this case combined Bash and Powershell code is embedded into a single polyglot template, which is platform-agnostic. There are few payloads...

pfSense 2.4.4-p3 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: pfSense 2.4.4-p3 - Cross-Site Request Forgery Exploit Author: ghostfh Vendor Homepage: https://www.pfsense.org/ Software Link: https://www.pfsense.org/download/index.html?section=downloads Version: Till 2.4.4-p3 Tested on: freeb...

pfSense 2.4.4-p3 Cross Site Request Forgery

Exploit Title: pfSense 2.4.4-p3 - Cross-Site Request Forgery Date: 2019-09-27 Exploit Author: ghostfh Vendor Homepage: https://www.pfsense.org/ Software Link: https://www.pfsense.org/download/index.html?section=downloads Version: Till 2.4.4-p3 Tested on: freebsd CVE : CVE-2019-16667 Vulnerability...

pfSense 2.4.4-p3 - Cross-Site Request Forgery

Exploit Title: pfSense 2.4.4-p3 - Cross-Site Request Forgery Date: 2019-09-27 Exploit Author: ghostfh Vendor Homepage: https://www.pfsense.org/ Software Link: https://www.pfsense.org/download/index.html?section=downloads Version: Till 2.4.4-p3 Tested on: freebsd CVE : CVE-2019-16667 Vulnerability...

Online Book Store 1.0 Code Execution Exploit

Exploit for php platform in category web applications !/usr/bin/env python3 Exploit Title: Online Book Store 1.0 - Unauthenticated Remote Code Execution modified by cesgami Exploit Author: Tib3rius Vendor Homepage:...