1789 matches found
EUVD-2025-204593
Lilac-Reloaded for Nagios 2.0.8 contains a remote code execution vulnerability in the autodiscovery feature that allows attackers to inject arbitrary commands. Attackers can exploit the lack of input filtering in the nmapbinary parameter to execute a reverse shell by sending a crafted POST reques...
CVE-2023-53948 Lilac-Reloaded for Nagios 2.0.8 Remote Code Execution via Autodiscovery
Lilac-Reloaded for Nagios 2.0.8 contains a remote code execution vulnerability in the autodiscovery feature that allows attackers to inject arbitrary commands. Attackers can exploit the lack of input filtering in the nmapbinary parameter to execute a reverse shell by sending a crafted POST reques...
CVE-2023-53948 Lilac-Reloaded for Nagios 2.0.8 Remote Code Execution via Autodiscovery
Lilac-Reloaded for Nagios 2.0.8 contains a remote code execution vulnerability in the autodiscovery feature that allows attackers to inject arbitrary commands. Attackers can exploit the lack of input filtering in the nmapbinary parameter to execute a reverse shell by sending a crafted POST reques...
CVE-2023-53948
CVE-2023-53948 affects Lilac-Reloaded for Nagios 2.0.8. The vulnerability is a remote code execution in the autodiscovery feature caused by a lack of input filtering in the nmap_binary parameter, enabling an attacker to inject commands and potentially trigger a reverse shell via a crafted POST re...
CVE-2023-53945 BrainyCP 1.0 Remote Code Execution via Authenticated Crontab Manipulation
BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP a...
CVE-2023-53937
Hubstaff 1.6.14 contains a DLL search order hijacking vulnerability that allows attackers to replace a missing system32 wow64log.dll with a malicious library. Attackers can generate a custom DLL using Metasploit and place it in the system32 directory to obtain a reverse shell during application...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell: CVE-2025-55182 – Comprehensive Vulnerability Scan...
PT-2025-52516
Name of the Vulnerable Software and Affected Versions BrainyCP version 1.0 Description BrainyCP version 1.0 has an authenticated remote code execution issue. Logged-in users can inject arbitrary commands through the crontab configuration interface. Attackers can exploit the issue by adding a...
CVE-2023-53937
Hubstaff 1.6.14 contains a DLL search order hijacking vulnerability that allows attackers to replace a missing system32 wow64log.dll with a malicious library. Attackers can generate a custom DLL using Metasploit and place it in the system32 directory to obtain a reverse shell during application...
CVE-2023-53937
Hubstaff 1.6.14 contains a DLL search order hijacking vulnerability that allows attackers to replace a missing system32 wow64log.dll with a malicious library. Attackers can generate a custom DLL using Metasploit and place it in the system32 directory to obtain a reverse shell during application...
CVE-2023-53937
Hubstaff 1.6.14 is affected by a DLL search order hijacking vulnerability that enables replacing the missing system32 wow64log.dll with a malicious library. An attacker could generate a custom DLL (e.g., via Metasploit) and place it in the system32 directory to obtain a reverse shell when the app...
CVE-2023-53937 Hubstaff 1.6.14 DLL Search Order Hijacking via wow64log Library
Hubstaff 1.6.14 contains a DLL search order hijacking vulnerability that allows attackers to replace a missing system32 wow64log.dll with a malicious library. Attackers can generate a custom DLL using Metasploit and place it in the system32 directory to obtain a reverse shell during application...
CVE-2023-53937 Hubstaff 1.6.14 DLL Search Order Hijacking via wow64log Library
Hubstaff 1.6.14 contains a DLL search order hijacking vulnerability that allows attackers to replace a missing system32 wow64log.dll with a malicious library. Attackers can generate a custom DLL using Metasploit and place it in the system32 directory to obtain a reverse shell during application...
PT-2025-52316
Name of the Vulnerable Software and Affected Versions Hubstaff version 1.6.14 Description The software contains a DLL search order hijacking issue. An attacker can replace a missing system32wow64log.dll with a malicious library. By using tools like Metasploit to create a custom DLL and placing it...
Netsoft Holdings Hubstaff 代码问题漏洞
Netsoft Holdings Hubstaff is a project management platform from US-based Netsoft Holdings. A code issue vulnerability exists in Netsoft Holdings Hubstaff version 1.6.14, which stems from DLL search order hijacking and could lead to obtaining a reverse shell...
Exploit for CVE-2025-14700
CVE-2025-14700 POC Automatic exploit for Authentic...
Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks
A new distributed denial-of-service DDoS botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, and may be associated with another botnet known as AISURU, according to findings from QiAnXin XLab...
CVE-2023-53875
GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malicious URL shortcut and WebDAV technique to run a reverse shell with SMB server...
CVE-2023-53875
GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malicious URL shortcut and WebDAV technique to run a reverse shell with SMB server...
CVE-2023-53875 GOM Player 2.3.90.5360 Remote Code Execution via Insecure IE Component
GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malicious URL shortcut and WebDAV technique to run a reverse shell with SMB server...