SEC Consult Vulnerability Lab Security Advisory =======================================================================title: Arbitrary File Upload and Bypassing .htaccess Rulesproduct: Monospace...

Atlassian Jira Service Desk 4.9.1 – Unrestricted File Upload to XSS

1 min read

Exploit/Advisories
Vulnerabilties

Atlassian Jira Service Desk 4.9.1 – Unrestricted File Upload to XSS

admin April 7, 2021

# Exploit Title: Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS # Date: 07...

ScadaBR 1.0 Shell Upload ≈ Packet Storm

6 min read

Exploit/Advisories
Vulnerabilties

ScadaBR 1.0 Shell Upload ≈ Packet Storm

admin April 1, 2021

# Exploit Title: ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (1)# Date: 03/2021# Exploit Author: Fellipe Oliveira#...

ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (2)

4 min read

Exploit/Advisories
Vulnerabilties

ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (2)

admin April 1, 2021

# Exploit Title: ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (2) # Date: 04/21 # Exploit Author:...

ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (1)

3 min read

Exploit/Advisories
Vulnerabilties

ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (1)

admin April 1, 2021

# Exploit Title: ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (1) # Date: 03/2021 # Exploit Author:...

GetSimple CMS 3.3.16 Cross Site Scripting / Shell Upload ≈ Packet Storm

5 min read

Exploit/Advisories
Vulnerabilties

GetSimple CMS 3.3.16 Cross Site Scripting / Shell Upload ≈ Packet Storm

admin March 31, 2021

# Exploit Title: GetSimple CMS 3.3.16 – Reflected XSS to RCE# Exploit Author: Bobby Cooke (boku)# Discovery...

Development Kamel KCFinder 1.7 Shell Upload ≈ Packet Storm

1 min read

Exploit/Advisories
Vulnerabilties

Development Kamel KCFinder 1.7 Shell Upload ≈ Packet Storm

admin March 27, 2021

Development Kamel KCFinder 1.7 Shell Upload Posted Mar 26, 2021 Authored by Rayan Ali Development Kamel KCFinder...

FortiLogger Arbitrary File Upload ≈ Packet Storm

2 min read

Exploit/Advisories
Vulnerabilties

FortiLogger Arbitrary File Upload ≈ Packet Storm

admin March 26, 2021

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::RemoteRank = NormalRanking include Msf::Exploit::EXEprepend Msf::Exploit::Remote::AutoCheckinclude...

Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE)

4 min read

Exploit/Advisories
Vulnerabilties

Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE)

admin March 25, 2021

# Exploit Title: Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE) # Date: 16/06/2020 #...

Online Faculty Clearance System 1.0 Shell Upload ≈ Packet Storm

1 min read

Exploit/Advisories
Vulnerabilties

Online Faculty Clearance System 1.0 Shell Upload ≈ Packet Storm

admin March 24, 2021

# Exploit Title: Online Faculty Clearance System Shell Upload# Exploit Author: th3d1gger# Vendor Homepage: https://sourcecodester.com# Software Link:...

Online Reviewer Management System 1.0 Shell Upload

1 min read

Exploit/Advisories
Vulnerabilties

Online Reviewer Management System 1.0 Shell Upload

admin March 24, 2021

Online Reviewer Management System version 1.0 suffers from a remote shell upload vulnerability. Source link

CMS Made Simple 2.2.15 Shell Upload ≈ Packet Storm

1 min read

Exploit/Advisories
Vulnerabilties

CMS Made Simple 2.2.15 Shell Upload ≈ Packet Storm

admin March 23, 2021

1) Summary Affected software CMS Made Simple-2.2.15Vendor URLhttp://www.cmsmadesimple.org/ Vulnerability File upload bypass with .phar extension lead to...

SonLogger 4.2.3.3 – Unauthenticated Arbitrary File Upload (Metasploit)

2 min read

Exploit/Advisories
Vulnerabilties

SonLogger 4.2.3.3 – Unauthenticated Arbitrary File Upload (Metasploit)

admin March 21, 2021

## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank...

Alphaware E-Commerce System 1.0 – Unauthenicated Remote Code Execution (File Upload + SQL injection)

3 min read

Exploit/Advisories
Vulnerabilties

Alphaware E-Commerce System 1.0 – Unauthenicated Remote Code Execution (File Upload + SQL injection)

admin March 21, 2021

# Exploit Title: Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution (File Upload + SQL injection)...

rConfig 3.9.6 Shell Upload ≈ Packet Storm

2 min read

Exploit/Advisories
Vulnerabilties

rConfig 3.9.6 Shell Upload ≈ Packet Storm

admin March 19, 2021

# Exploit Title: rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated)# Date: 2021-03-17# Exploit...

rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated)

2 min read

Exploit/Advisories
Vulnerabilties

rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated)

admin March 18, 2021

# Exploit Title: rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) # Date: 2021-03-17 #...

CuteNews 2.1.2 Shell Upload ≈ Packet Storm

3 min read

Exploit/Advisories
Vulnerabilties

CuteNews 2.1.2 Shell Upload ≈ Packet Storm

admin March 18, 2021

[*]#! /usr/bin/env python3[*]## Exploit Title: CuteNews 2.1.2 – Avatar upload RCE (Authenticated)## Exploit Author: Mayank Deshmukh## Date:...

Posts navigation

1 2 3 4 … 26 Next

upload

Phone Shop Sales Management System 1.0 Shell Upload ≈ Packet Storm

Native Church Website 1.0 Shell Upload ≈ Packet Storm

Composr 10.0.36 Shell Upload ≈ Packet Storm

Monospace Directus Headless CMS File Upload / Rule Bypass ≈ Packet Storm

Atlassian Jira Service Desk 4.9.1 – Unrestricted File Upload to XSS

ScadaBR 1.0 Shell Upload ≈ Packet Storm

ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (2)

ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (1)

GetSimple CMS 3.3.16 Cross Site Scripting / Shell Upload ≈ Packet Storm

Development Kamel KCFinder 1.7 Shell Upload ≈ Packet Storm

FortiLogger Arbitrary File Upload ≈ Packet Storm

Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE)

Online Faculty Clearance System 1.0 Shell Upload ≈ Packet Storm

Online Reviewer Management System 1.0 Shell Upload

CMS Made Simple 2.2.15 Shell Upload ≈ Packet Storm

SonLogger 4.2.3.3 – Unauthenticated Arbitrary File Upload (Metasploit)

Alphaware E-Commerce System 1.0 – Unauthenicated Remote Code Execution (File Upload + SQL injection)

rConfig 3.9.6 Shell Upload ≈ Packet Storm

rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated)

CuteNews 2.1.2 Shell Upload ≈ Packet Storm

You may have missed

Red Hat Security Advisory 2021-1315-01 ≈ Packet Storm

Red Hat Security Advisory 2021-1313-01 ≈ Packet Storm

Security Expert Reaction On Bank Of England Considering Digital Money Plan

Ill-advised research on Linux kernel lands computer scientists in hot water

Recent Topics

Archives