exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Florent Montel

WordPress Media Library Assistant 3.09 LFI / Remote Code Execution

Posted Sep 5, 2023

Authored by Florent Montel | Site patrowl.io

WordPress Media Library Assistant plugin versions prior to 3.10 are affected by an unauthenticated remote reference to Imagick() conversion which allows attacker to perform local file inclusion and remote code execution depending on the Imagick configuration on the remote server.

tags | exploit, remote, local, code execution, file inclusion

advisories | CVE-2023-4634

SHA-256 | 215d90f7b23ba2c6491523ea488e0b6086485144b12a9481dd5f5a3182326981

Download | Favorite | View

Geutebruck testaction.cgi Remote Command Execution

Posted Feb 17, 2017

Authored by Davy Douhine, Frederic Cikala, Florent Montel | Site metasploit.com

This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/testaction.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware <= 1.11.0.12 are concerned. Tested on 5.02024 G-Cam/EFD-2250 running 1.11.0.12 firmware.

tags | exploit, arbitrary, cgi, root

advisories | CVE-2017-5173, CVE-2017-5174

SHA-256 | 1a871ca3aa7b2e6e423f8d9e8cda9e0aa977c1488a8441163c46f083da5f5f3c

Download | Favorite | View