HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

remote

  1. 1

    Exploits Apache Tomcat CGIServlet enableCmdLineArguments Remote Code Execution

    This Metasploit module exploits a vulnerability in Apache Tomcat's CGIServlet component. When the enableCmdLineArguments setting is set to true, a remote user can abuse this to execute system commands, and gain remote code execution. View the full article
  2. 1

    Exploits Centreon 19.04 Remote Code Execution

    Centreon version 19.04 suffers from an authenticated remote code execution vulnerability. View the full article
  3. 1

    Exploits FaceSentry Access Control System 6.4.8 Remote SSH Root Access

    FaceSentry Access Control System version 6.4.8 facial biometric access control appliance ships with hard-coded and weak credentials for SSH access on port 23445 using the credentials wwwuser:123456. The root privilege escalation is done by abusing the insecure sudoers entry file. View the full...
  4. 1

    Exploits FaceSentry Access Control System 6.4.8 Remote Root

    FaceSentry Access Control System version 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' POST parameter in pingTest PHP script. View the full...
  5. 1

    Exploits EA Origin Template Injection Remote Code Execution

    EA Origin versions prior to 10.5.36 suffer from a remote code execution vulnerability via template injection leveraging cross site scripting. View the full article
  6. 1

    Exploits FaceSentry Access Control System 6.4.8 Remote Command Injection

    FaceSentry Access Control System version 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' and 'strInPort' parameters (POST) in pingTest and...
  7. 1

    Exploits LibreNMS 1.46 addhost Remote Code Execution

    LibreNMS version 1.46 addhost remote code execution exploit. View the full article
  8. 1

    Exploits Nagios XI Magpie_debug.php Root Remote Code Execution

    This Metasploit module exploits two vulnerabilities in Nagios XI 5.5.6. One allows for unauthenticated remote code execution and another allows for local privilege escalation. When combined, these two vulnerabilities give us a root reverse shell. View the full article
  9. 1

    Exploits Fortinet FCM-MB40 Cross Site Request Forgery / Remote Command Execution

    Fortinet FCM-MB40 suffers from remote command execution and cross site request forgery vulnerabilities. View the full article
  10. 1

    Exploits SAPIDO RB-1732 Remote Command Execution

    SAPIDO RB-1732 version 2.0.43 suffers from a remote command execution vulnerability. View the full article
  11. 1

    Exploits SuperDoctor5 NRPE Remote Code Execution

    SuperDoctor5 implemented a remote command execution plugin in their implementation of NRPE that can be leveraged without authentication. View the full article
  12. 1

    Exploits SeedDMS Remote Command Execution

    SeedDMS versions prior to 5.1.11 suffers from a remote shell upload vulnerability. View the full article
  13. 1

    Exploits EA Origin Remote Code Execution

    EA Origin versions prior to 10.5.38 suffer from a remote code execution vulnerability. View the full article
  14. 1

    Exploits BlogEngine.NET 3.3.6 / 3.3.7 Theme Cookie Directory Traversal / Remote Code Execution

    BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from theme Cookie directory traversal and remote code execution vulnerabilities. View the full article
  15. 1

    Exploits BlogEngine.NET 3.3.6 / 3.3.7 dirPath Directory Traversal / Remote Code Execution

    BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from dirPath directory traversal and remote code execution vulnerabilities. View the full article
  16. 1

    Exploits BlogEngine.NET 3.3.7 Directory Traversal / Remote Code Execution

    BlogEngine.NET versions 3.3.7 and earlier are vulnerable to two separate directory traversal issues that can lead to remote code execution. View the full article
  17. 1

    Exploits AROX School-ERP Pro Unauthenticated Remote Code Execution

    This Metasploit module exploits a command execution vulnerability in AROX School-ERP. "import_stud.php" and "upload_fille.php" do not have session control. Session start/check functions in Line 8,9,10 are disabled with slashes. Therefore an unauthenticated user can execute the command on the...
  18. 1

    Exploits HC10 HC.Server Service 10.14 Remote Invalid Pointer Write

    The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS if attackers can reach the service on port 8794. In addition this can potentially be leveraged for post exploit persistence with SYSTEM privileges, if physical access or malware is involved. If a physical...
  19. 1

    Exploits Sitecore 8.x Deserialization Remote Code Execution

    Sitecore versions 8.x suffer from a deserialization vulnerability that allows for remote code execution. View the full article
  20. 1

    Exploits FusionPBX 4.4.3 Remote Command Execution

    FusionPBX versions 4.4.3 and below suffer from a remote code execution vulnerability via cross site scripting. View the full article

remote

remote

Share this tag

Back
Top