HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

command

  1. 1

    Exploits CentOS Control Web Panel 0.9.8.836 Remote Command Execution

    CentOS Control Web Panel (CWP) version 0.9.8.836 suffers from a remote command execution vulnerability. View the full article
  2. 1

    Exploits KDE 4/5 KDesktopFile Command Injection

    KDE 4/5 is vulnerable to a command injection vulnerability in the KDesktopFile class. When a .desktop or .directory file is instantiated, it unsafely evaluates environment variables and shell expansions using KConfigPrivate::expandString() via the KConfigGroup::readEntry() function. Using a...
  3. 1

    Exploits ATutor 2.2.4 Arbitrary File Upload / Command Execution

    ATutor version 2.2.4 suffers from a language_import arbitrary file upload that allows for command execution. View the full article
  4. 1

    Exploits Opencart 2.3.0.2 Insecure OCMod Generation Remote Command Execution

    Opencart versions 2.3.0.2 and below suffer from an insecure OCMod generation remote command execution vulnerability. View the full article
  5. 1

    Exploits ATutor 2.2.4 Backup Remote Command Execution

    ATutor version 2.2.4 suffers from a backup functionality remote command execution vulnerability. View the full article
  6. 1

    Exploits Apache Tika 1.17 Header Command Injection

    This Metasploit module exploits a command injection vulnerability in Apache Tika versions 1.15 through 1.17 on Windows. A file with the image/jp2 content-type is used to bypass magic byte checking. When OCR is specified in the request, parameters can be passed to change the parameters passed at...
  7. 1

    Exploits Microsoft Windows PowerShell Command Execution

    Microsoft Windows suffers from a PowerShell unsanitized filename command execution vulnerability. View the full article
  8. 1

    Exploits Sar2HTML 3.2.1 Remote Command Execution

    Sar2HTML version 3.2.1 suffers from a remote code execution vulnerability. View the full article
  9. 1

    Exploits WordPress Database Backup Remote Command Execution

    There exists a command injection vulnerability in the Wordpress plugin wp-database-backup for versions less than 5.2. For the backup functionality, the plugin generates a mysqldump command to execute. The user can choose specific tables to exclude from the backup by setting the...
  10. 1

    Exploits PHP Laravel Framework Token Unserialize Remote Command Execution

    This Metasploit module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x up to 5.6.29. Remote command execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in...
  11. 1

    Exploits Citrix SD-WAN Appliance 10.2.2 Authentication Bypass / Remote Command Execution

    Citrix SD-WAN Appliance version 10.2.2 suffers from authentication bypass and remote command execution vulnerabilities. View the full article
  12. 1

    Exploits Xymon useradm Command Execution

    This Metasploit module exploits a command injection vulnerability in Xymon versions before 4.3.25 which allows authenticated users to execute arbitrary operating system commands as the web server user. When adding a new user to the system via the web interface with useradm.sh, the user's...
  13. 1

    Exploits Linux Mint 19.1 yelp Command Injection

    This Metasploit module exploits a vulnerability within the "ghelp", "help" and "man" URI handlers within Linux Mint's "ubuntu-system-adjustments" package. Invoking any one the URI handlers will call the python script "/usr/local/bin/yelp" with the contents of the supplied URI handler as its...
  14. 1

    Exploits Mac OS X TimeMachine (tmdiagnose) Command Injection Privilege Escalation

    This Metasploit module exploits a command injection in TimeMachine on macOS <= 10.14.3 in order to run a payload as root. The tmdiagnose binary on OSX <= 10.14.3 suffers from a command injection vulnerability that can be exploited by creating a specially crafted disk label. The tmdiagnose...
  15. 1

    Exploits FaceSentry Access Control System 6.4.8 Remote Command Injection

    FaceSentry Access Control System version 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' and 'strInPort' parameters (POST) in pingTest and...
  16. 1

    Exploits Fortinet FCM-MB40 Cross Site Request Forgery / Remote Command Execution

    Fortinet FCM-MB40 suffers from remote command execution and cross site request forgery vulnerabilities. View the full article
  17. 1

    Exploits SAPIDO RB-1732 Remote Command Execution

    SAPIDO RB-1732 version 2.0.43 suffers from a remote command execution vulnerability. View the full article
  18. 1

    Exploits SeedDMS Remote Command Execution

    SeedDMS versions prior to 5.1.11 suffers from a remote shell upload vulnerability. View the full article
  19. 1

    Exploits FusionPBX 4.4.3 Remote Command Execution

    FusionPBX versions 4.4.3 and below suffer from a remote code execution vulnerability via cross site scripting. View the full article
  20. 1

    Exploits Webmin 1.910 Remote Command Execution

    This Metasploit module exploits an arbitrary command execution vulnerability in Webmin 1.910 and lower versions. Any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges. View the full article

command

command

Share this tag

Back
Top