HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

execution

  1. 1

    Exploits Cisco RV130W Routers Management Interface Remote Command Execution

    A vulnerability in the web-based management interface of the Cisco RV130W Wireless-N Multifunction VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based...
  2. 1

    Exploits ATutor file_manager Remote Code Execution

    This Metasploit module allows the user to run commands on the server with the teacher user privilege. The 'Upload files' section in the 'File Manager' field contains an arbitrary file upload vulnerability. View the full article
  3. 1

    Exploits Nagios XI 5.5.10 XSS / Remote Code Execution

    Various vulnerabilities have been found in Nagios XI version 5.5.10, which allow a remote attacker able to trick an authenticated victim (with "autodiscovery job" creation privileges) to visit a malicious URL to obtain a remote root shell via a reflected cross site scripting, an authenticated...
  4. 1

    Exploits Microsoft Windows Contact File Format Arbitary Code Execution

    This Metasploit module allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw is due to processing of contact...
  5. 1

    Exploits Dell KACE Systems Management Appliance (K1000) 6.4.120756 Code Execution

    Dell KACE Systems Management Appliance (K1000) version 6.4.120756 unauthenticated remote code execution exploit. View the full article
  6. 1

    Exploits Apache Axis 1.4 Remote Code Execution

    Apache Axis version 1.4 suffers from a remote code execution vulnerability. View the full article
  7. 1

    Exploits Bolt CMS 3.6.6 Cross Site Request Forgery / Code Execution

    Bolt CMS version 3.6.6 suffers from cross site request forgery and code execution vulnerabilities. View the full article
  8. 1

    Exploits PhreeBooks ERP 5.2.3 Remote Command Execution

    PhreeBooks ERP version 5.2.3 suffers from a remote command execution vulnerability. View the full article
  9. 1

    Exploits Oracle Weblogic Server Deserialization RMI UnicastRef Remote Code Execution

    An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (sun.rmi.server.UnicastRef) to the interface to execute code on vulnerable hosts. View the full article
  10. 1

    Exploits LimeSurvey Deserialization Remote Code Execution

    LimeSurvey versions prior to 3.16 suffer from a deserialization remote code execution vulnerability. View the full article
  11. 1

    Exploits Oracle Weblogic Server Deserialization MarshalledObject Remote Code Execution

    An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (weblogic.corba.utils.MarshalledObject) to the interface to execute code on vulnerable hosts. View the full article
  12. 1

    Exploits Cisco RV320 / RV325 Unauthenticated Remote Code Execution

    This Metasploit module combines an information disclosure (CVE-2019-1653) and a command injection vulnerability (CVE-2019-1652) together to gain unauthenticated remote code execution on Cisco RV320 and RV325 small business routers. Can be exploited via the WAN interface of the router. Either via...
  13. 1

    Exploits Pydio 8 Command Execution / Cross Site Scripting

    Pydio 8 suffers from cross site scripting, command injection, and various other vulnerabilities. View the full article
  14. 1

    Exploits CMS Made Simple (CMSMS) Showtime2 File Upload Remote Command Execution

    This Metasploit module exploits a file upload vulnerability that allows for remote command execution in Showtime2 module versions 3.6.2 and below in CMS Made Simple (CMSMS). An authenticated user with "Use Showtime2" privilege could exploit the vulnerability. The vulnerability exists in the...
  15. 1

    Exploits Oracle Weblogic Server Deserialization Remote Code Execution

    This Metasploit module demonstrates that an unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (weblogic.jms.common.StreamMessag eImpl) to the interface to execute code on vulnerable hosts. View the full article
  16. 1

    Exploits Advanced Bash-Scripting Guide Code Execution

    RedTeam Pentesting discovered that the shell function "getopt_simple", as presented in the "Advanced Bash-Scripting Guide", allows execution of attacker-controlled commands. View the full article
  17. 1

    Exploits TCPDF 6.2.19 Deserialization / Remote Code Execution

    TCPDF versions 6.2.19 and below suffer from a deserialization vulnerability that can allow for remote code execution. View the full article
  18. 1

    Exploits Microsoft Windows IE11 VBScript Execution Policy Bypass In MSHTML

    MSHTML only checks for the CLSID associated with VBScript when blocking in the Internet Zone, but doesn't check other VBScript CLSIDs which allow a web page to bypass the security zone policy. View the full article
  19. 1

    Exploits Jenkins ACL Bypass / Metaprogramming Remote Code Execution

    This Metasploit module exploits a vulnerability in Jenkins dynamic routing to bypass the Overall/Read ACL and leverage Groovy metaprogramming to download and execute a malicious JAR file. The ACL bypass gadget is specific to Jenkins versions 2.137 and below and will not work on later versions of...
  20. 1

    Exploits Webmin 1.900 Upload Authenticated Remote Command Execution

    This Metasploit module exploits an arbitrary command execution vulnerability in Webmin 1.900 and lower versions. Any user authorized to the "Upload and Download" module can execute arbitrary commands with root privileges. In addition, if the Running Processes (proc) privilege is set the user can...

execution

execution

Share this tag

Back
Top