exploit the possibilities

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 1 of 1

Files from Mayfly277

First Active	2021-06-02
Last Active	2021-06-02

Cacti 1.2.12 SQL Injection / Remote Command Execution: Posted Jun 2, 2021; Authored by h00die, Leonardo Paiva, Mayfly277 | Site metasploit.com; This Metasploit module exploits a SQL injection vulnerability in Cacti versions 1.2.12 and below. An admin can exploit the filter variable within color.php to pull arbitrary values as well as conduct stacked queries. With stacked queries, the path_php_binary value is changed within the settings table to a payload, and an update is called to execute the payload. After calling the payload, the value is reset.; tags | exploit, arbitrary, php, sql injection; advisories | CVE-2020-14295; SHA-256 | 636d9fd6c79efe80bdd9f0da7f4060e559ca7cd87b6b1526a2a11e1ac747f750; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 163 files
Ubuntu 101 files
indoushka 64 files
Debian 23 files
nu11secur1ty 19 files
Apple 13 files
CraCkEr 8 files
Google Security Research 7 files
Gentoo 7 files
LiquidWorm 4 files

File Tags

File Archives

Systems

AIX (428)
Apple (2,016)
BSD (374)
CentOS (57)
Cisco (1,925)
Debian (6,843)
Fedora (1,692)
FreeBSD (1,245)
Gentoo (4,329)
HPUX (879)
iOS (355)
iPhone (108)
IRIX (220)
Juniper (68)
Linux (46,814)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,916)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,940)
UNIX (9,315)
UnixWare (186)
Windows (6,588)
Other

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec