Design/Logic Flaw

An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell...

CVE-2017-11561

CVE-2017-11561 affects ZOHO ManageEngine OpManager 12.2. An authenticated user can upload arbitrary files in the Group Chat or Alarm sections, enabling potential web shells. The vulnerability arises from insecure file upload handling, allowing an attacker to upload executable content. Public desc...

CVE-2017-11561

An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell...

Exploit for Unrestricted Upload of File with Dangerous Type in Elabftw

Exploit Title : eLabFTW 1.8.5 'EntityController' Arbit...

CVE-2019-11680

KonaKart 8.9.0.0 is vulnerable to Remote Code Execution by uploading a web shell as a product category image...

CVE-2019-11680

KonaKart 8.9.0.0 is vulnerable to Remote Code Execution by uploading a web shell as a product category image...

Remote code execution

KonaKart 8.9.0.0 is vulnerable to Remote Code Execution by uploading a web shell as a product category image...

CVE-2019-11680

CVE-2019-11680 affects KonaKart 8.9.0.0. The vulnerability allows remote code execution by uploading a web shell as a product category image, indicating the attacker can run arbitrary code on the server. Multiple connected sources (NVD, Red Hat advisory, CNVD, PRION, CVE lists) corroborate that K...

FIN7 Linked to Escalating Active Exploits for Microsoft SharePoint Bug

A recently patched, high-severity vulnerability in Microsoft SharePoint CVE-2019-0604 that allows remote code-execution is being increasingly exploited in the wild, according to researchers – possibly by the FIN7 group, among others. According to the Microsoft’s advisory, the vulnerability which...

Joomla Jmail Breaker Arbitrary File Upload

An attacker might use a web shell backdoor to upload arbitrary files using Joomla Jmail service. A successful exploitation might allow the attacker to run arbitrary code, or use the server as a bot for further attacks...

Joomla Jmail Breaker PHP Web Shell Backdoor

An attacker might upload a web shell backdoor to a Joomla Jmail service. A successful exploitation might allow the attacker to run arbitrary code, or use the server as a bot for further attacks...

JSP Web Shell Generic Backdoor

An attacker might upload a web shell backdoor to a JSP server. A successful exploitation might allow the attacker to run arbitrary code, or use the server as a bot for further attacks...

U.S. Dept Of Defense: RCE on https://█████/ Using CVE-2017-9248

Summary: https://█████████/ is hosting an unpatched version of the Telerik DialogHandler Telerik.Web.UI.DialogHandler.aspx allowing for the machine key to be brute forced. The machine key can be used to access the DNN file manager to upload arbitrary files including ASPX giving a web shell and RC...

W3Brute - Automatic Web Application Brute Force Attack Tool

w3brute is an open source penetration testing tool that automates attacks directly to the website's login page. w3brute is also supported for carrying out brute force attacks on all websites. Features 1. Scanner: w3brute has a scanner feature that serves to support the bruteforce attack process...

ZIP Shotgun - Utility Script To Test Zip File Upload Functionality (And Possible Extraction Of Zip Files) For Vulnerabilities

Utility script to test zip file upload functionality and possible extraction of zip files for vulnerabilities. Idea for this script comes from this post on Silent Signal Techblog - Compressed File Upload And Command Execution and from OWASP - Test Upload of Malicious Files This script will create...

Exploit for Improper Authentication in Comodo Unified_Threat_Management_Firewall

CVE-2018-17431-PoC Proof of consept for CVE-2018-17431 E...

ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload) Vulnerability

Exploit for php platform in category web applications Exploit Title: ClipperCMS 1.3.3 File Upload CSRF Vulnerability Exploit Author: Ameer Pornillos Website: http://ethicalhackers.club Vendor Homepage: http://www.clippercms.com/ Software Link:...

ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload)

ClipperCMS 1.3.3 - Cross-Site Request Forgery File Upload Exploit Title: ClipperCMS 1.3.3 File Upload CSRF Vulnerability Date: 2018-11-11 Exploit Author: Ameer Pornillos Website: http://ethicalhackers.club Vendor Homepage: http://www.clippercms.com/ Software Link:...

Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution (Metasploit)

Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Watchguard AP Backdoor Shell', 'Description' = 'Watchguard AP's have a...

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Restricted Shell Escape Vulnerability

Exploit for hardware platform in category local exploits Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Backdoor Jailbreak Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1.6 buil...