This module can run commands on the system using Jenkins users who has JOB creation and BUILD privileges. The vulnerability is exploited by a small script prepared in NodeJS. The sh parameter allows us to run commands. In addition, ANONYMOUS users also have the authority to JOB create and BUILD by default. Therefore, all users without console authority can run commands on the system as root privilege.
This is a code injection exploit in the Sciurus Hosting Panel. The exploit allows an attacker to inject malicious code into the target website. The code can be executed on the server, potentially leading to unauthorized access or other malicious activities.
This exploit allows an attacker to execute arbitrary code without authentication in Indusoft Web Studio versions 8.1 SP2 and below. The vulnerability is caused by a flaw in the software, which can be exploited by sending a specially crafted request to the target server. By exploiting this vulnerability, an attacker can gain unauthorized access to the target system and execute arbitrary code.
This module exploits a command injection vulnerability in Evince before version 3.24.1 when opening comic book .cbt files. Some file manager software, such as Nautilus and Atril, may allow automatic exploitation without user interaction due to thumbnailer preview functionality. Note that limited space is available for the payload (<256 bytes). Reverse Bash and Reverse Netcat payloads should be sufficiently small. This module has been tested successfully on evince versions: 3.4.0-3.1 + nautilus 3.4.2-1+build1 on Kali 1.0.6; 3.18.2-1ubuntu4.3 + atril 1.12.2-1ubuntu0.3 on Ubuntu 16.04.
This exploits a vulnerability in the web application of NUUO NVRmini IP camera, which can be done by triggering the writeuploaddir command in the upgrade_handle.php file.
A hacker could exploit this security breach in order to alter a SQL request.
This exploit allows an attacker to gain a bind shell on port 3110 by exploiting a vulnerability in River Past CamDo software. The exploit involves running a Python code, modifying a file within the software, and triggering the exploit.
This exploit takes advantage of a buffer overflow vulnerability in River_Past_Audio_Converter. By pasting a specially crafted content into the 'Lame_enc.dll' name field, an attacker can trigger a buffer overflow and gain control of the program. This can be used to execute arbitrary code or launch a bind shell on port 4444.
This exploit allows an attacker to manipulate the 'reviews_id' parameter in the osCommerce 2.3.4.1 web application, leading to SQL injection vulnerabilities. By replacing the ID value in the URL with a high number value and adding a payload, an attacker can execute arbitrary SQL queries.
Pull admin info from database, and maybe upload shell.
Services By CQR