exploit the possibilities
Showing 1 - 25 of 2,880 RSS Feed

Shell Files

Zenphoto CMS 1.5.7 Shell Upload
Posted Feb 26, 2021
Authored by Abdulaziz Almisfer

Zenphoto CMS versions 1.5.7 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2020-36079
MD5 | a2953bf434e2c790793df43f6311240f
Simple Employee Records System 1.0 Shell Upload
Posted Feb 26, 2021
Authored by sML

Simple Employee Records System version 1.0 suffers from an unauthenticated remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | d0eef29666b46dd7390d7081cb53a6e9
TestLink 1.9.20 Shell Upload
Posted Feb 14, 2021
Authored by snovvcrash

TestLink version 1.9.20 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
advisories | CVE-2020-8639
MD5 | ae7a82dc9cd277f7eda03cb9961266ca
Online Car Rental 1.0 Shell Upload
Posted Feb 10, 2021
Authored by Richard Jones

Online Car Rental version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 16e7dbecfa2fc7c91e9c10a0ab80b747
Car Rental Project 2.0 Shell Upload
Posted Feb 3, 2021
Authored by Jannick Tiger

Car Rental Project version 2.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 931b1766d4fdd75c0bd8596b70a042b6
Online Reviewer System 1.0 SQL Injection / Shell Upload
Posted Feb 1, 2021
Authored by Richard Jones

Online Reviewer System version 1.0 remote shell upload exploit that also leverages a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, shell, sql injection
MD5 | 51109808c0a78c3656ec6d9759f49a77
Ubuntu Security Notice USN-4714-1
Posted Jan 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4714-1 - Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. Various other issues were also addressed.

tags | advisory, remote, arbitrary, shell, code execution
systems | linux, ubuntu
advisories | CVE-2020-26217, CVE-2020-26258, CVE-2020-26259
MD5 | 3cdeed73f8b46410b7481e928cd50ec1
PRTG Network Monitor Remote Code Execution
Posted Jan 28, 2021
Authored by Josh Berry, Julien Bedel | Site metasploit.com

This Metasploit module exploits an authenticated remote code execution vulnerability in PRTG Network Monitor. Notifications can be created by an authenticated user and can execute scripts when triggered. Due to a poorly validated input on the script name, it is possible to chain it with a user-supplied command allowing command execution under the context of privileged user. The module uses provided credentials to log in to the web interface, then creates and triggers a malicious notification to perform remote code execution using a Powershell payload. It may require a few tries to get a shell because notifications are queued up on the server. This vulnerability affects versions prior to 18.2.39.

tags | exploit, remote, web, shell, code execution
advisories | CVE-2018-9276
MD5 | 60bd8795d3c06d9bcbf5158034587215
WordPress SuperForms 4.9 Shell Upload
Posted Jan 28, 2021
Authored by ABDO10

WordPress SuperForms plugin version 4.9 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 133fb86b31b7bb9c43996f7bc1be1913
SonicWall SSL-VPN Shellshock Remote Code Execution
Posted Jan 26, 2021
Authored by Darren Martyn | Site github.com

SonicWall SSL-VPN Exploit shellshock unauthenticated remote code execution exploit that provides a shell as uid nobody.

tags | exploit, remote, shell, code execution
advisories | CVE-2014-6271
MD5 | d0bc2623346993f9d6ff22f57c85558e
Linux/x64 Bindshell With Password Shellcode
Posted Jan 25, 2021
Authored by Guillem Alminyana

142 bytes small Linux/x64 shellcode that binds a password protected shell to TCP 0.0.0.0:4444.

tags | shell, tcp, shellcode
systems | linux
MD5 | f8b947c4c7650a50507dafa334b79742
Voting System 1.0 Shell Upload
Posted Jan 20, 2021
Authored by Richard Jones

Voting System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 914e629a4a5d9a24d137afe82a7997e2
Church Rota 2.6.4 Shell Upload
Posted Jan 20, 2021
Authored by Rob McCarthy

Church Rota version 2.6.4 suffers from an authenticated remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2021-3164
MD5 | e841fbff38c5cede21d193f544b6a04e
Linux/x64 Reverse Shell Shellcode
Posted Jan 19, 2021
Authored by Guillem Alminyana

123 bytes small Linux/x64 reverse shell shellcode that connects to TCP/127.1.1.1:4444.

tags | shell, tcp, shellcode
systems | linux
MD5 | 6fdcaaec184d84b16a741d95de7b3961
Cisco UCS Manager 2.2(1d) Remote Command Execution
Posted Jan 18, 2021
Authored by liquidsky

Cisco UCS Manager version 2.2(1d) remote command execution exploit. An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and 3.0 before 3.0(2e) allows remote attackers to execute arbitrary shell commands via a crafted HTTP request, aka Bug ID CSCur90888.

tags | exploit, remote, web, arbitrary, shell, cgi
systems | cisco
advisories | CVE-2015-6435
MD5 | 483ae8252192dee26cf8c9814dc78eb9
Life Insurance Management System 1.0 Shell Upload
Posted Jan 18, 2021
Authored by Aitor Herrero

Life Insurance Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | c698cf2be2d505e9ebdaf79dc6745a4f
WordPress AIT CSV Import/Export 3.0.3 Shell Upload
Posted Jan 12, 2021
Authored by h00die | Site metasploit.com

WordPress AIT CSV Import/Export plugin versions 3.0.3 and below allow unauthenticated remote attackers to upload and execute arbitrary PHP code. The upload-handler does not require authentication, nor validates the uploaded content. It may return an error when attempting to parse a CSV, however the uploaded shell is left. The shell is uploaded to wp-content/uploads/. The plugin is not required to be activated to be exploitable.

tags | exploit, remote, arbitrary, shell, php
MD5 | c39ac90e0b404ac71d25decc4f495aec
WordPress Autoptimize Shell Upload
Posted Jan 8, 2021
Authored by Hoa Nguyen, Thien Ngo, Khanh Nguyen | Site metasploit.com

WordPress Autoptimize plugin suffers from a remote shell upload vulnerability. The ao_ccss_import AJAX call does not ensure that the file provided is a legitimate zip file, allowing high privilege users to upload arbitrary files, such as PHP, leading to remote code execution.

tags | exploit, remote, arbitrary, shell, php, code execution
advisories | CVE-2020-24948
MD5 | b411262c32d42ec1cbf7382e1a8f4a37
Employee Record System 1.0 Shell Upload
Posted Jan 8, 2021
Authored by Saeed Bala Ahmed

Employee Record System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 743848822029ae69cea3de6909d752da
Responsive E-Learning System 1.0 Shell Upload
Posted Jan 6, 2021
Authored by Kshitiz Raj

Responsive E-Learning System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 34fb807bfbcc5b76646c356f0de6c804
Online Learning Management System 1.0 Remote Command Execution
Posted Jan 5, 2021
Authored by Bedri Sertkaya

Online Learning Management System 1.0 remote command execution exploit. Remote shell upload was already discovered in this version in October of 2020 by Jyotsna Adhana.

tags | exploit, remote, shell
MD5 | f9924d1cbe0095eacec9c93fa6ce973f
Resumes Management And Job Application Website 1.0 Shell Upload
Posted Jan 4, 2021
Authored by Arnav Tripathy

Resumes Management and Job Application Website version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 965020b6096dd5fc5279c3f205e12936
WordPress Adning Advertising 1.5.5 Shell Upload
Posted Dec 24, 2020
Authored by spacehen

Adning Advertising plugin version 1.5.5 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 4533cad4ba378e377d042ba106f71deb
Victor CMS 1.0 Shell Upload
Posted Dec 22, 2020
Authored by mosaaed

Victor CMS version 1.0 suffers from an authenticated remote shell upload vulnerability. A shell upload vulnerability in this version was originally discovered in May of 2020 by Kishan Lal Choudhary.

tags | exploit, remote, shell
MD5 | ea9ec402dba2c583b897d250c5776c88
WordPress Contact Form 7 5.3.1 Shell Upload
Posted Dec 20, 2020
Authored by Ramon Vila Ferreres

WordPress Contact Form 7 plugin version 5.3.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | fb51b96b8a6834e0059bf0f53bbb280b
Page 1 of 116
Back12345Next

File Archive:

March 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    19 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close