Online Learning Management System 1.0 – RCE (Authenticated)
January 10th, 2021 📆 | 8307 Views ⚑
# Exploit Title: Online Learning Management System 1.0 - RCE (Authenticated) # Date: 01.01.2021 # Exploit Author: Bedri Sertkaya #
Browsing the "authenticated" Tag
Tagged with: authenticated • learning • management • online • php • RCE • system • webapps
Zoom Meeting Connector 4.6.239.20200613 – Remote Root Exploit (Authenticated)
January 10th, 2021 📆 | 2126 Views ⚑
# Exploit Title: Zoom Meeting Connector 4.6.239.20200613 - Remote Root Exploit (Authenticated) # Date: 12-29-2020 # Exploit Author: Jeremy Brown
Tagged with: ): Zoom • 20200613 • authenticated • connector • exploit • linux • meeting • remote • root • webapps
Sonatype Nexus 3.21.1 – Remote Code Execution (Authenticated)
January 10th, 2021 📆 | 7531 Views ⚑
# Exploit Title: Sonatype Nexus 3.21.1 - Remote Code Execution (Authenticated) # Exploit Author: 1F98D # Original Author: Alvaro Muñoz
Tagged with: authenticated • code • CVE-2020-10199 • execution • Java • nexus • remote • sonatype • webapps
WordPress Plugin Autoptimize 2.7.6 – Authenticated Arbitrary File Upload (Metasploit)
January 8th, 2021 📆 | 3637 Views ⚑
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include
Tagged with: arbitrary • authenticated • autoptimize • File • metasploit • php • plugin • upload • webapps • wordpress
GitLab 11.4.7 – RCE (Authenticated)
December 24th, 2020 📆 | 2613 Views ⚑
# Exploit Title: GitLab 11.4.7 - RCE (Authenticated) # Date: 24th December 2020 # Exploit Author: Sam Redmond # Software
Tagged with: authenticated • CVE-2018-19571CVE-2018-19585 • gitlab • RCE • Ruby • webapps
Pandora FMS 7.0 NG 750 – ‘Network Scan’ SQL Injection (Authenticated)
December 22nd, 2020 📆 | 1596 Views ⚑
# Exploit Title: Pandora FMS 7.0 NG 750 - 'Network Scan' SQL Injection (Authenticated) # Date: 12-21-2020 # Exploit Author:
Tagged with: authenticated • FMS • injection • network • pandora • php • Scan • SQL • webapps
Online Marriage Registration System (OMRS) 1.0 – Remote Code Execution (Authenticated)
December 20th, 2020 📆 | 7171 Views ⚑
# Exploit Title: Online Marriage Registration System (OMRS) 1.0 - Remote Code Execution (Authenticated) # Google Dork: N/A # Date:
Tagged with: authenticated • code • execution • marriage • OMRS • online • php • registration • remote • system • webapps
GitLab 11.4.7 – Remote Code Execution (Authenticated)
December 20th, 2020 📆 | 6946 Views ⚑
# Exploit Title: GitLab 11.4.7 Authenticated Remote Code Execution (No Interaction Required) # Date: 15th December 2020 # Exploit Author:
Tagged with: authenticated • code • CVE-2018-19571CVE-2018-19585 • execution • gitlab • remote • Ruby • webapps
Victor CMS 1.0 – Multiple SQL Injection (Authenticated)
December 20th, 2020 📆 | 5888 Views ⚑
# Exploit Title: Victor CMS 1.0 - Multiple SQL Injection (Authenticated) # Date: 17.12.2020 # Exploit Author: Furkan Göksel #
Tagged with: authenticated • cms • injection • multiple • php • SQL • victor • webapps
Dolibarr ERP-CRM 12.0.3 – Remote Code Execution (Authenticated)
December 20th, 2020 📆 | 7982 Views ⚑
# Exploit Title: Dolibarr ERP-CRM 12.0.3 - Remote Code Execution (Authenticated) # Date: 2020.12.17 # Exploit Author: Yilmaz Degirmenci #
Tagged with: authenticated • code • dolibarr • ERPCRM • execution • php • remote • webapps
LibreNMS 1.46 – MAC Accounting Graph Authenticated SQL Injection
December 15th, 2020 📆 | 5352 Views ⚑
*] *]# Exploit Title: LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection # Google Dork: Unknown # Date: 13-12-2020
Tagged with: accounting • authenticated • graph • injection • librenms • Mac • multiple • SQL • webapps
WonderCMS 3.1.3 – Authenticated Remote Code Execution
December 6th, 2020 📆 | 1785 Views ⚑
# Exploit Title: WonderCMS 3.1.3 - Authenticated Remote Code Execution # Date: 2020-11-27 # Exploit Author: zetc0de # Vendor Homepage:
Tagged with: authenticated • code • execution • php • remote • webapps • wondercms
NewsLister – Authenticated Persistent Cross-Site Scripting
December 6th, 2020 📆 | 7815 Views ⚑
# Exploit Title: NewsLister - Authenticated Persistent Cross-Site Scripting # Date: 2020-11-27 # Exploit Author: Emre Aslan # Vendor Homepage:
Tagged with: authenticated • cross • CrossSite • multiple • newslister • persistent • scripting • webapps
Artworks Gallery 1.0 – Arbitrary File Upload RCE (Authenticated) via Edit Profile
December 6th, 2020 📆 | 2934 Views ⚑
# Exploit Title: Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile # Date: November 17th, 2020
Tagged with: arbitrary • artworks • authenticated • CVE-2020-28687 • Edit • File • gallery • multiple • profile • RCE • upload • webapps
Artworks Gallery 1.0 – Arbitrary File Upload RCE (Authenticated) via Add Artwork
December 6th, 2020 📆 | 5280 Views ⚑
# Exploit Title: Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) # Date: November 17th, 2020 # Exploit Author:
Tagged with: Add • arbitrary • artwork • artworks • authenticated • CVE-2020-28688 • File • gallery • multiple • RCE • upload • webapps
Online Matrimonial Project 1.0 – Authenticated Remote Code Execution
December 5th, 2020 📆 | 7863 Views ⚑
# Exploit Title: Online Matrimonial Project 1.0 - Authenticated Remote Code Execution # Exploit Author: Valerio Alessandroni # Date: 2020-10-07
Tagged with: authenticated • code • execution • matrimonial • online • php • project • remote • webapps
CMS Made Simple 2.2.15 – Stored Cross-Site Scripting via SVG File Upload (Authenticated)
December 4th, 2020 📆 | 7477 Views ⚑
# Exploit Title: CMS Made Simple 2.2.15 - Stored Cross-Site Scripting via SVG File Upload (Authenticated) # Date: 04/12/2020 #
Tagged with: authenticated • cms • cross • CrossSite • File • php • scripting • simple • stored • SVG • upload • webapps
WonderCMS 3.1.3 – Authenticated SSRF to Remote Remote Code Execution
December 2nd, 2020 📆 | 5673 Views ⚑
# Exploit Title: WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution # Date: 2020-11-27 # Exploit Author: zetc0de
Tagged with: authenticated • code • execution • php • remote • SSRF • webapps • wondercms
Best Support System 3.0.4 – ‘ticket_body’ Persistent XSS (Authenticated)
November 27th, 2020 📆 | 2030 Views ⚑
# Exploit Title: Best Support System 3.0.4 - 'ticket_body' Persistent XSS (Authenticated) # Google Dork: "Powered By Best Support System"
Tagged with: authenticated • persistent • php • support • system • ticket • ticketbody • webapps • XSS
Laravel Administrator 4 – Unrestricted File Upload (Authenticated)
November 27th, 2020 📆 | 3570 Views ⚑
# Exploit title: Laravel Administrator 4 - Unrestricted File Upload (Authenticated) # Author: Victor Campos and Xavi Beltran # Contact:
Tagged with: administrator • authenticated • CVE-2020-10963 • File • laravel • php • unrestricted • upload • webapps
Popular
The best security conferences of 2021 December 21, 2020 The COVID-19 pandemic certainly threw a monkey wrench into the…
A second hacking group has targeted SolarWinds systems December 21, 2020 As forensic evidence is slowly being unearthed in the aftermath…
GitLab 11.4.7 – Remote Code Execution (Authenticated) December 20, 2020 # Exploit Title: GitLab 11.4.7 Authenticated Remote Code Execution (No…
Windows 10 bug corrupts your hard drive on seeing… January 15, 2021 An unpatched zero-day in Microsoft Windows 10 allows attackers to…
Rioters Open Capitol’s Doors to Potential Cyberthreats January 7, 2021 Business Continuity Management / Disaster Recovery , Critical Infrastructure Security…
WordPress Contact Form 7 5.3.1 Shell Upload ≈ Packet Storm December 22, 2020 # Exploit Title: Wordpress Plugin Contact Form 7 5.3.1 -…- Task Management System 1.0 –… December 20, 2020 # Exploit Title: Task Management System 1.0 - 'page' Local…
Members
Comments