Phone Shop Sales Management System 1.0 Shell Upload ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties Phone Shop Sales Management System 1.0 Shell Upload ≈ Packet Storm admin April 21, 2021 # Exploit Title: Phone Shop Sales Management System – Arbitrary File Upload (Unauthenticated)# Date: 20/04/21# Exploit Author:...Read More
Native Church Website 1.0 Shell Upload ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties Native Church Website 1.0 Shell Upload ≈ Packet Storm admin April 14, 2021 # Exploit Title: Native Church Website – Arbitrary File Upload (Authenticated)# Date: 04/21# Exploit Author: Richard Jones#...Read More
Composr 10.0.36 Shell Upload ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties Composr 10.0.36 Shell Upload ≈ Packet Storm admin April 9, 2021 # Exploit Title: Composr 10.0.36 – Remote Code Execution# Date: 04/06/2021# Exploit Author: Orion Hridoy# Vendor Homepage:...Read More
Monospace Directus Headless CMS File Upload / Rule Bypass ≈ Packet Storm 4 min read Exploit/Advisories Vulnerabilties Monospace Directus Headless CMS File Upload / Rule Bypass ≈ Packet Storm admin April 8, 2021 SEC Consult Vulnerability Lab Security Advisory =======================================================================title: Arbitrary File Upload and Bypassing .htaccess Rulesproduct: Monospace...Read More
Atlassian Jira Service Desk 4.9.1 – Unrestricted File Upload to XSS 1 min read Exploit/Advisories Vulnerabilties Atlassian Jira Service Desk 4.9.1 – Unrestricted File Upload to XSS admin April 7, 2021 # Exploit Title: Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS # Date: 07...Read More
ScadaBR 1.0 Shell Upload ≈ Packet Storm 6 min read Exploit/Advisories Vulnerabilties ScadaBR 1.0 Shell Upload ≈ Packet Storm admin April 1, 2021 # Exploit Title: ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (1)# Date: 03/2021# Exploit Author: Fellipe Oliveira#...Read More
ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (2) 4 min read Exploit/Advisories Vulnerabilties ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (2) admin April 1, 2021 # Exploit Title: ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (2) # Date: 04/21 # Exploit Author:...Read More
ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (1) 3 min read Exploit/Advisories Vulnerabilties ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (1) admin April 1, 2021 # Exploit Title: ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (1) # Date: 03/2021 # Exploit Author:...Read More
GetSimple CMS 3.3.16 Cross Site Scripting / Shell Upload ≈ Packet Storm 5 min read Exploit/Advisories Vulnerabilties GetSimple CMS 3.3.16 Cross Site Scripting / Shell Upload ≈ Packet Storm admin March 31, 2021 # Exploit Title: GetSimple CMS 3.3.16 – Reflected XSS to RCE# Exploit Author: Bobby Cooke (boku)# Discovery...Read More
Development Kamel KCFinder 1.7 Shell Upload ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties Development Kamel KCFinder 1.7 Shell Upload ≈ Packet Storm admin March 27, 2021 Development Kamel KCFinder 1.7 Shell Upload Posted Mar 26, 2021 Authored by Rayan Ali Development Kamel KCFinder...Read More
FortiLogger Arbitrary File Upload ≈ Packet Storm 2 min read Exploit/Advisories Vulnerabilties FortiLogger Arbitrary File Upload ≈ Packet Storm admin March 26, 2021 ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::RemoteRank = NormalRanking include Msf::Exploit::EXEprepend Msf::Exploit::Remote::AutoCheckinclude...Read More
Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE) 4 min read Exploit/Advisories Vulnerabilties Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE) admin March 25, 2021 # Exploit Title: Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE) # Date: 16/06/2020 #...Read More
Online Faculty Clearance System 1.0 Shell Upload ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties Online Faculty Clearance System 1.0 Shell Upload ≈ Packet Storm admin March 24, 2021 # Exploit Title: Online Faculty Clearance System Shell Upload# Exploit Author: th3d1gger# Vendor Homepage: https://sourcecodester.com# Software Link:...Read More
Online Reviewer Management System 1.0 Shell Upload 1 min read Exploit/Advisories Vulnerabilties Online Reviewer Management System 1.0 Shell Upload admin March 24, 2021 Online Reviewer Management System version 1.0 suffers from a remote shell upload vulnerability. Source linkRead More
CMS Made Simple 2.2.15 Shell Upload ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties CMS Made Simple 2.2.15 Shell Upload ≈ Packet Storm admin March 23, 2021 1) Summary Affected software CMS Made Simple-2.2.15Vendor URLhttp://www.cmsmadesimple.org/ Vulnerability File upload bypass with .phar extension lead to...Read More
SonLogger 4.2.3.3 – Unauthenticated Arbitrary File Upload (Metasploit) 2 min read Exploit/Advisories Vulnerabilties SonLogger 4.2.3.3 – Unauthenticated Arbitrary File Upload (Metasploit) admin March 21, 2021 ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank...Read More
Alphaware E-Commerce System 1.0 – Unauthenicated Remote Code Execution (File Upload + SQL injection) 3 min read Exploit/Advisories Vulnerabilties Alphaware E-Commerce System 1.0 – Unauthenicated Remote Code Execution (File Upload + SQL injection) admin March 21, 2021 # Exploit Title: Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution (File Upload + SQL injection)...Read More
rConfig 3.9.6 Shell Upload ≈ Packet Storm 2 min read Exploit/Advisories Vulnerabilties rConfig 3.9.6 Shell Upload ≈ Packet Storm admin March 19, 2021 # Exploit Title: rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated)# Date: 2021-03-17# Exploit...Read More
rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated) 2 min read Exploit/Advisories Vulnerabilties rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated) admin March 18, 2021 # Exploit Title: rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) # Date: 2021-03-17 #...Read More
CuteNews 2.1.2 Shell Upload ≈ Packet Storm 3 min read Exploit/Advisories Vulnerabilties CuteNews 2.1.2 Shell Upload ≈ Packet Storm admin March 18, 2021 [*]#! /usr/bin/env python3[*]## Exploit Title: CuteNews 2.1.2 – Avatar upload RCE (Authenticated)## Exploit Author: Mayank Deshmukh## Date:...Read More