Subscribe via feed.
Archive for June, 2021

Trojan-Dropper.Win32.Krepper.a Remote Command Execution

Posted by deepcore under exploit (No Respond)

Trojan-Dropper.Win32.Krepper.a malware suffers from an unauthenticated remote command execution vulnerability.

rConfig Shell Upload

Posted by deepcore under exploit (No Respond)

This Metasploit module allows an attacker with a privileged rConfig account to start a reverse shell due to an arbitrary file upload vulnerability in /lib/crud/vendors.crud.php.

Simple Client Management System 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Simple Client Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Online Pet Shop We App 1.0 SQL Injection / Shell Upload

Posted by deepcore under exploit (No Respond)

Online Pet Shop We App version 1.0 suffers from remote SQL injection and shell upload vulnerabilities.

Seeddms 5.1.10 Remote Command Execution

Posted by deepcore under exploit (No Respond)

Seeddms version 5.1.10 authenticated remote command execution exploit.

Lightweight Facebook-Styled Blog Remote Code Execution

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits the file upload vulnerability of Lightweight self-hosted facebook-styled PHP blog and allows remote code execution.

SAPSprint 7.60 Unquoted Service Path

Posted by deepcore under exploit (No Respond)

SAPSprint version 7.60 suffers from an unquoted service path vulnerability.

https://www.afrims.go.th/o.txt

Posted by deepcore under defacement (No Respond)

https://www.afrims.go.th/o.txt notified by Mr.ToKeiChun69

Tags:

rConfig Shell Upload

Posted by deepcore under exploit (No Respond)

This Metasploit module allows an attacker with a privileged rConfig account to start a reverse shell due to an arbitrary file upload vulnerability in /lib/crud/vendors.crud.php.

[webapps] Lightweight facebook-styled blog 1.3 – Remote Code Execution (RCE) (Authenticated) (Metasploit)

Posted by deepcore under Security (No Respond)

Lightweight facebook-styled blog 1.3 – Remote Code Execution (RCE) (Authenticated) (Metasploit)

Tags: ,