HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

jenkins

  1. 1

    Exploits Jenkins Dependency Graph View 0.13 Cross Site Scripting

    Jenkins Dependency Graph View plugin version 0.13 suffers from a persistent cross site scripting vulnerability. View the full article
  2. 1

    Exploits Jenkins ACL Bypass / Metaprogramming Remote Code Execution

    This Metasploit module exploits a vulnerability in Jenkins dynamic routing to bypass the Overall/Read ACL and leverage Groovy metaprogramming to download and execute a malicious JAR file. The ACL bypass gadget is specific to Jenkins versions 2.137 and below and will not work on later versions of...
  3. 1

    Exploits Jenkins Script Security 1.49 / Declarative 1.3.4 / Groovy 2.60 Remote Code Execution

    Jenkins plugins Script Security version 1.49, Declarative version 1.3.4, and Groovy version 2.60 suffer from a code execution vulnerability. View the full article
  4. 1

    Exploits Jenkins Remote Code Execution

    This write up contains details on how to perform remote code execution within Jenkins. View the full article
  5. 1

    Exploits Jenkins 2.150.2 Remote Command Execution Via Node JS

    This Metasploit module can run commands on the system using Jenkins users who has JOB creation and BUILD privileges. The vulnerability is exploited by a small script prepared in NodeJS. The sh parameter allows us to run commands. Sample script: node { sh "whoami" } In addition, ANONYMOUS users...

jenkins

jenkins

Share this tag

Back
Top