HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

execution

  1. 1

    Exploits Feng Office 3.7.0.5 Remote Command Execution

    This Metasploit module exploits an arbitrary file upload vulnerability in Feng Office version 3.7.0.5. The application allows unauthenticated users to upload arbitrary files. There is no control of any session. All files are sent under /tmp directory. The .htaccess file under the /tmp directory...
  2. 1

    Exploits Usermin 1.750 Remote Command Execution

    This Metasploit module exploits an arbitrary command execution vulnerability in Usermin 1.750 and lower versions. This vulnerability has the same characteristics as the Webmin 1.900 RCE. View the full article
  3. 1

    Exploits Drupal 8.6.9 REST Remote Code Execution

    Drupal versions 8.6.9 and below REST service remote code execution proof of concept exploit. View the full article
  4. 1

    Exploits ZZZPHP CMS 1.6.1 Remote Code Execution

    ZZZPHP CMS version 1.6.1 suffers from a remote code execution vulnerability. View the full article
  5. 1

    Exploits Jenkins Script Security 1.49 / Declarative 1.3.4 / Groovy 2.60 Remote Code Execution

    Jenkins plugins Script Security version 1.49, Declarative version 1.3.4, and Groovy version 2.60 suffer from a code execution vulnerability. View the full article
  6. 1

    Exploits Drupal REST Module Remote Code Execution

    Drupal versions prior to 8.6.10 and 8.5.11 suffer from a REST module remote code execution vulnerability. View the full article
  7. 1

    Exploits Quest NetVault Backup Server Code Execution / SQL Injection

    Quest NetVault Backup Server versions prior to 11.4.5 suffer from process manager service SQL injection and remote code execution vulnerabilities. View the full article
  8. 1

    Exploits Kanboard 1.2.7 Code Execution / Cross Site Request Forgery

    Kanboard version 1.2.7 contains multiple vulnerabilities. The vulnerabilities include CSV account import cross site request forgery which allows an unauthenticated attacker to create a new administrative user. Cross site request forgery 2FA deactivation, allowing an unauthenticated attacker to...
  9. 1

    Exploits Belkin Wemo UPnP Remote Code Execution

    This Metasploit module has been tested on a Wemo-enabled Crock-Pot, but other Wemo devices are known to be affected, albeit on a different RPORT (49153). View the full article
  10. 1

    Exploits Jenkins Remote Code Execution

    This write up contains details on how to perform remote code execution within Jenkins. View the full article
  11. 1

    Exploits Master IP CAM 01 3.3.4.2103 Remote Command Execution

    Master IP CAM 01 version 3.3.4.2103 suffers from a remote command execution vulnerability. View the full article
  12. 1

    Exploits mIRC Remote Command Execution

    mIRC versions prior to 7.55 suffer from a remote command execution using argument injection through custom URI protocol handlers. View the full article
  13. 1

    Exploits runc Host Command Execution

    runc versions prior to 1.0-rc6 (Docker < 18.09.2 host command execution proof of concept exploit. View the full article
  14. 1

    Exploits BlogEngine.NET 3.3.6 Directory Traversal / Remote Code Execution

    BlogEngine.NET version 3.3.6 suffers from code execution and directory traversal vulnerabilities. View the full article
  15. 1

    Exploits Jenkins 2.150.2 Remote Command Execution Via Node JS

    This Metasploit module can run commands on the system using Jenkins users who has JOB creation and BUILD privileges. The vulnerability is exploited by a small script prepared in NodeJS. The sh parameter allows us to run commands. Sample script: node { sh "whoami" } In addition, ANONYMOUS users...
  16. 1

    Exploits VA MAX 8.3.4 Remote Code Execution

    VA MAX version 8.3.4 suffers from a post-authentication remote code execution vulnerability. View the full article
  17. 1

    Exploits Indusoft Web Studio 8.1 SP2 Remote Code Execution

    Indusoft Web Studio version 8.1 SP2 suffers from a remote code execution vulnerability. View the full article
  18. 1

    Exploits NUUO NVRmini upgrade_handle.php Remote Command Execution

    This Metasploit module exploits a vulnerability in the web application of NUUO NVRmini IP camera, which can be done by triggering the writeuploaddir command in the upgrade_handle.php file. View the full article
  19. 1

    Exploits Cisco ISE 2.4.0 XSS / Remote Code Execution

    Cisco Identity Services Engine (ISE) version 2.4.0 suffers from cross site scripting, java deserialization, and in conjunction can lead to remote code execution. Full exploit provided. View the full article
  20. 1

    Exploits BEWARD N100 H.264 VGA IP Camera M2.1.6 Root Remote Code Execution

    BEWARD N100 H.264 VGA IP Camera version M2.1.6 suffers from two authenticated command injection vulnerabilities. The issues can be triggered when calling ServerName or TimeZone GET parameters via the servertest page. This can be exploited to inject arbitrary system commands and gain root remote...

execution

execution

Share this tag

Back
Top