Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Exploits - exploit.company
header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

WordPress Plugin Background Image Cropper v1.2 – Remote Code Execution

The vulnerability in Wordpress Plugin Background Image Cropper v1.2 allows remote attackers to execute arbitrary code on the target system. By uploading a malicious PHP file, an attacker can run commands on the server remotely. This vulnerability has a CVE ID pending assignment.

Nokia BMC Log Scanner Remote Code Execution

The BMC Log Scanner web application in Nokia's BMC is vulnerable to command injection attacks, which can be exploited for unauthenticated remote code execution. This vulnerability is critical as the service runs with root privileges. By injecting a malicious command in the Search Pattern field, an attacker can execute arbitrary commands on the target system as root.

Karaf v4.4.3 Console Remote Code Execution

The exploit allows an attacker to execute remote code on the Karaf Console. By sending a crafted request, an attacker can open a reverse shell connection, giving them unauthorized access to the system. This vulnerability has been assigned the CVE identifier CVE-2023-XXXXX.

Metabase 0.46.6 – Pre-Auth Remote Code Execution

A vulnerability in Metabase version 0.46.6 allows remote attackers to execute arbitrary code before authentication. By sending a crafted request to the '/exploitable' endpoint, an attacker can trigger the execution of malicious code on the target server. This vulnerability has been assigned CVE-2023-38646.

TitanNit Web Control 2.01 / Atemio 7600 Root Remote Code Execution

The vulnerability in Atemio AM 520 HD Full HD satellite receiver with firmware <=2.01 allows an unauthorized attacker to execute system commands with elevated privileges by utilizing the 'getcommand' query in the application, leading to root access.

DS Wireless Communication Remote Code Execution

The exploit allows injection of arbitrary code into a client's game through a crafted payload. The code author holds no liability for any damages caused by the usage of this exploit. By exploiting this vulnerability, an attacker can execute remote code on the target system.

Juniper SRX Firewalls & EX Switches Remote Code Execution (Pre-Authentication)

The exploit code serves as a vulnerability checker and proof of concept for CVE-2023-36845. It triggers the phpinfo() function on the login page of the target device, enabling inspection of the PHP configuration. The script also provides the option to save the phpinfo() output for further analysis.

Recent Exploits: