header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Backdrop CMS 1.27.1 – Authenticated Remote Command Execution (RCE)

The Backdrop CMS version 1.27.1 is vulnerable to authenticated remote command execution. An attacker can exploit this vulnerability to execute arbitrary commands on the target system. This could lead to unauthorized access, data theft, and further compromise of the system. This exploit was authored by Ahmet Ümit BAYRAM.

SofaWiki 3.9.2 – Remote Command Execution (RCE) (Authenticated)

The exploit allows an authenticated attacker to execute arbitrary commands on the target system. By uploading a PHP shell through the 'uploadedfile' parameter in the 'index.php' script, the attacker can run system commands via the 'cmd' parameter in the uploaded PHP shell.

Webgrind 1.1 – Reflected Cross-Site Scripting (XSS) & Remote Command Execution (RCE)

Remote Command Execution (RCE) vulnerability in Webgrind <= 1.1 allow remote unauthenticated attackers to inject OS commands via /<webgrind_path_directory>/index.php in dataFile parameter. Reflected Cross-Site Scripting (XSS) vulnerability in Webgrind v1.1 and before, does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability via the /<webgrind_path_directory>/index.php, in file parameter.

GNU gdbserver 9.2 – Remote Command Execution (RCE)

GNU gdbserver is vulnerable to a Remote Command Execution (RCE) vulnerability. An attacker can send a specially crafted packet to the gdbserver, which will execute arbitrary code on the target system. The vulnerability is due to the lack of proper validation of user-supplied input when handling the 'vCont' command. This allows an attacker to send a malicious payload to the gdbserver, which will be executed on the target system.

TextPattern CMS 4.8.7 – Remote Command Execution (RCE) (Authenticated)

First of all, an attacker should use the file upload section to upload a malicious shell containing the code &lt;?PHP system($_GET['cmd']);?&gt;. Then, the attacker should go to the content section, click Files and upload the malicious php file. Finally, the attacker should go to the URL of the malicious file with the command as a parameter (e.g. yourserver/textpattern/files/yourphp.php?cmd=yourcode;). After the malicious file is uploaded, the attacker can execute arbitrary commands on the server.

XCMS v1.83 – Remote Command Execution (RCE)

The xcms's footer(that is in "/dati/generali/footer.dtb") is included in each page of the xcms. Taking "home.php" for example, the xcms allow you to modify the footer throught a bugged page called cpie.php included in the admin panel. So with a simple html form, an attacker can change the footer and insert malicious code. Trick: We can change the admin panel password by inserting this code in the footer. Fix: The fix is very simple, just add an exit() after the header() in the cpie.php.

Cacti v1.2.22 – Remote Command Execution (RCE)

Cacti is vulnerable to Remote Command Execution (RCE) due to improper input validation. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This can allow the attacker to execute arbitrary commands on the server.

Recent Exploits: