1794 matches found
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
Log4Shell CVE-2021-44228 minecraft demo This demo is used at...
Exploit for XML Injection (aka Blind XPath Injection) in Splunk Cloud
Splunk RCE - PoC Proof of concept exploit for CVE-2023-46214...
Unrestricted file upload
OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute...
OpenSupports Security Vulnerabilities
OpenSupports is a simple open source ticketing platform. A security vulnerability exists in OpenSupports version v4.11.0, which can be exploited to execute arbitrary code or create a reverse shell, due to a security restriction that can be bypassed by an attacker via annotations and uploading a...
PT-2023-30676 · Unknown · Opensupports
Name of the Vulnerable Software and Affected Versions: OpenSupports version 4.11.0 Description: The issue allows an attacker to bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type in the comment function. This can enable the...
CVE-2023-48031
OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions by manipulating the file’s magic bytes to masquerade a .bat as an allowed type, enabling arbitrary code execution or a reverse shell and lea...
CVE-2023-48031
OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute...
CVE-2023-48031
OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute...
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory. Tracked as CVE-2023-46604 CVSS score: 10.0, the vulnerability is a remote code execution bug that could permit a threat actor to run...
Exploit for CVE-2023-38646
Metabase Pre-Auth RCE POC - CVE-2023-38646 Metabase open sourc...
Exploit for SQL Injection in Spiceworks Help_Desk_Server
Spiceworks Sort SQLi There's a SQLi in a sort parameter of...
Exploit for CVE-2023-3452
CVE-2023-3452-PoC - Wordpress Plugin Canto 3.0.5 - Remote...
Exploit for OS Command Injection in Vm2_Project Vm2
CVE-2023-37903 Expl...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ This exploit...
Exploit for Code Injection in Gitlab
gitlab-cve-2021-22205 A simple bash script that exploits CVE-2...
Exploit for CVE-2023-38646
CVE-2023-38646 Python script to exploit CVE-2023-38646 Metabas...
Exploit for CVE-2023-38646
CVE-2023-38646 A python RCE exploit for CVE-2023-38646 Us...
Exploit for Incorrect Authorization in Vmware Aria_Operations_For_Logs
CVE-2023-34051 CVE-2023-34051 is an authentication bypass tha...
Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets
This is a PoC exploit for CVE-2023-27163, a remote code executio...
Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets
This is a PoC exploit for CVE-2023-27163, a remote code executio...