SQL Injection at /front/report.dynamic.php

Description A SQL Injection vulnerability allow to guest user with reports view like "Technician" to extract all data from database and some cases write a webshell on the server. This vulnerability occurs because an insecure concatenation is taking place on this function:...

CVE-2023-23752

An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. Recent assessments: noraj at March 24, 2023 9:21am UTC reported: There are at least two ways to achieve RCE. Vector n°1 It leaks the MySQL credentials, in default a...

SUSE CVE-2017-7432

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability...

SUSE CVE-2020-28165

The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability. An attacker can upload arbitrary webshell to the server by using the downloadZipPackage function...

Exploit for Unrestricted Upload of File with Dangerous Type in Tecrail Responsive_Filemanager

ResponsiveFileManager-CVE-2022-46604 Responsive FileManager v...

DFShell - The Best Forwarded Shell

██████╗ ███████╗███████╗██╗ ██╗███████╗██╗ ██╗ ██╔══██╗██╔════╝██╔════╝██║ ██║███╔═══╝██║ ██║ ██║ ██║█████╗ ███████╗███████║█████╗ ██║ ██║ ██║ ██║██╔══╝ ╚════██║██╔══██║██╔══╝ ██║ ██║ ██████╔╝██║ ███████║██║ ██║███████╗████████╗███████╗ ╚═════╝ ╚═╝ ╚══════╝╚═╝ ╚═╝╚══════╝╚══════╝╚══════╝ D3Ext's...

CVE-2022-46135

In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=editpost , through which we can upload webshell and control the web server...

Design/Logic Flaw

In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=editpost , through which we can upload webshell and control the web server...

CVE-2022-46135

CVE-2022-46135 affects AeroCms v0.0.1. The vulnerability is an arbitrary file upload at /admin/posts.php?source=edit_post that enables uploading a webshell and taking control of the web server. Affected component is the upload endpoint in the admin/post editing flow; root cause details are consis...

CVE-2022-46135

In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=editpost , through which we can upload webshell and control the web server...

AeroCMS 代码问题漏洞

AeroCMS is a content management system from the American company AeroCMS. AeroCMS v0.0.1 version of a security vulnerability, the vulnerability stems from /admin/posts.php?source=editpost there are arbitrary file uploads, an attacker can take advantage of the vulnerability to upload a webshell,...

PT-2022-27755 · Aerocms · Aerocms

Name of the Vulnerable Software and Affected Versions: AeroCms version 0.0.1 Description: The issue is related to an arbitrary file upload vulnerability. This vulnerability is located at the "/admin/posts.php?source=edit post" API endpoint, which allows uploading a webshell and potentially...

CVE-2022-46135

In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=editpost , through which we can upload webshell and control the web server...

Exploit for Code Injection in Vmware Spring_Framework

Spring4Shell-PoC Application This application has been contai...

MSMAP - Memory WebShell Generator

Msmap is a Memory WebShell Generator. Compatible with various Containers, Components, Encoder, WebShell / Proxy / Killer and Management Clients. 简体中文 The idea behind I, The idea behind II Function Dynamic Menu Automatic Compilation Generate Script Lite Mode Graphical Interface Container Java...

CVE-2020-23591

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an attacker to upload arbitrary files through " /mgmdevupgrade.asp " which can "delete every file for Denial of Service using 'rm -rf .' in the code, reverse connection using '.asp' webshell,...

CVE-2020-23591

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an attacker to upload arbitrary files through " /mgmdevupgrade.asp " which can "delete every file for Denial of Service using 'rm -rf .' in the code, reverse connection using '.asp' webshell,...

Optilink Network OP-XT71000N 代码问题漏洞

The Optilink Network OP-XT71000N is a wireless router from Optilink Network India. A code issue vulnerability exists in Optilink Network OP-XT71000N version V2.2, which stems from a vulnerability that allows an attacker to cause a denial of service by uploading an arbitrary file via...

PT-2022-8684 · Optilink · Optilink Op-Xt71000N

Name of the Vulnerable Software and Affected Versions: OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028 Description: A vulnerability allows an attacker to upload arbitrary files through "/mgm dev upgrade.asp" which can delete every file for Denial of Service using r...

CVE-2020-23591

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an attacker to upload arbitrary files through " /mgmdevupgrade.asp " which can "delete every file for Denial of Service using 'rm -rf .' in the code, reverse connection using '.asp' webshell,...