CVE-2025-67924 WordPress Corpkit theme <= 2.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Corpkit corpkit allows Upload a Web Shell to a Web Server.This issue affects Corpkit: from n/a through = 2.0...

EUVD-2022-52744

Malicious code in bioql PyPI...

PT-2025-27906 · Liquidthemes · Logisticshub

Name of the Vulnerable Software and Affected Versions: LiquidThemes LogisticsHub versions 1.1.6 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to significant security...

CVE-2025-47658 WordPress ELEX HelpDesk & Customer Ticketing System plugin <= 3.2.9 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System elex-helpdesk-customer-support-ticket-system allows Upload a Web Shell to a Web Server.This issue affects ELEX WordPress HelpDesk & Customer Ticketing System: from n/a...

PT-2025-20163 · Unknown · Themefic Instantio

Name of the Vulnerable Software and Affected Versions: Themefic Instantio versions n/a through 3.3.16 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and...

Webmin 2.202 Remote Command Execution

Webmin version 2.202 remote command execution exploit that provides a reverse shell. ============================================================================================================================================= | Title : Webmin 2.202 Reverse Shell attack | | Author : indoushka | |...

PT-2025-5474 · Unknown · Themefic Tourfic

Name of the Vulnerable Software and Affected Versions: Themefic Tourfic versions 2.15.3 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can lead to web shell attacks. Recommendations: For...

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17)

What do hijacked websites, fake job offers, and sneaky ransomware have in common? They're proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week makes one thing clear: no system, no person, no organization is truly off-limits. Attackers are...

ROS-20240503-18

A vulnerability in the Apache Maven framework is related to the generation of double-quoted strings without proper escaping. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a shell-based attack. shell attacks A vulnerability in the Apache Maven framework is...

CVE-2022-29599

A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack...

CVE-2021-41547

A vulnerability has been identified in Teamcenter Active Workspace V4.3 All versions V4.3.11, Teamcenter Active Workspace V5.0 All versions V5.0.10, Teamcenter Active Workspace V5.1 All versions V5.1.6, Teamcenter Active Workspace V5.2 All versions V5.2.3. The application contains an unsafe...

Ghost in the shell: Investigating web shell attacks

Recently, an organization in the public sector discovered that one of their internet-facing servers was misconfigured and allowed attackers to upload a web shell, which let the adversaries gain a foothold for further compromise. The organization enlisted the services of Microsoft’s Detection and...

Premod SubDog 2 includes/themen_portal_mitte.php phpbb_root_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/22912/info Premod SubDog 2 is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of...

JCCorp URLShrink Free 1.3.1 CreateURL.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22894/info URLshrink Free is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the...

phpcms v9 front Desk unlimited GETSHELL-a vulnerability warning-the black bar safety net

0×0 1:An Introduction PHPCMS V9（hereinafter referred to V9 with PHP5+MYSQL as the technical basis for development. V9 using OOP for object mode for running based frame structures. The modular development approach as a function of development forms. Framework easy functionality expansion, code...

Successful Shell Attack Detected - Linux 'passwd' Command

Binary data 6145.prm...

Successful Shell Attack Detected - Windows 'Fport' Command

Binary data 6190.prm...

Successful Shell Attack Detected - Windows 'date' Command

Binary data 6188.prm...

Successful Shell Attack Detected - Unix Failed 'tcpdump' Command

Binary data 6157.prm...

Successful Shell Attack Detected - FreeBSD 'netstat -rn' Command

Binary data 6165.prm...