exploit the possibilities
Showing 1 - 25 of 2,897 RSS Feed

Shell Files

Native Church Website 1.0 Shell Upload
Posted Apr 13, 2021
Authored by Richard Jones

Native Church Website version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | dee64438c491f2610eabc5f7febbf30b
Composr 10.0.36 Shell Upload
Posted Apr 8, 2021
Authored by Orion Hridoy

Composr version 10.0.36 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2021-30149
MD5 | 735eb24f76261ce2e85c105910c3e39c
ScadaBR 1.0 Shell Upload
Posted Apr 1, 2021
Authored by Fellipe Oliveira

ScadaBR version 1.0 suffers from multiple remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability
MD5 | 8626f1f23af69cc594f9e46083b387d9
GetSimple CMS 3.3.16 Cross Site Scripting / Shell Upload
Posted Mar 30, 2021
Authored by Bobby Cooke

GetSimple CMS version 3.3.16 cross site scripting to remote shell upload exploit.

tags | exploit, remote, shell, xss
advisories | CVE-2020-23839
MD5 | 3c1d773d613339fb004324bead97e042
SAP Solution Manager 7.2 Remote Command Execution
Posted Mar 26, 2021
Authored by Dmitry Chastuhin, Pablo Artuso, Vladimir Ivanov, Yvan Genuer | Site metasploit.com

This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet of SAP Solution Manager (SolMan) running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get information about connected SMDAgents allowing an attacker to send HTTP requests (SSRF) and execute OS commands on the connected SMDAgent. Works stable in connected SMDAgent with Java version 1.8. Successful exploitation will allow unauthenticated remote attackers to get a reverse shell from connected to the SolMan agent as the user under which it runs SMDAgent service, which is usually daaadm.

tags | exploit, java, remote, web, shell
advisories | CVE-2020-6207
MD5 | 1c233a9f84fe24a1f701e2b602123168
Development Kamel KCFinder 1.7 Shell Upload
Posted Mar 26, 2021
Authored by Rayan Ali

Development Kamel KCFinder version 1.7 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | bf6153a4c62e633652255251746f04d7
Online Faculty Clearance System 1.0 Shell Upload
Posted Mar 24, 2021
Authored by th3d1gger

Online Faculty Clearance System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 79bc85565f117cac4e713d381f853d87
Online Reviewer Management System 1.0 Shell Upload
Posted Mar 23, 2021
Authored by th3d1gger

Online Reviewer Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 9d3b419524c9b1d3f62ecd6becf032ba
CMS Made Simple 2.2.15 Shell Upload
Posted Mar 21, 2021
Authored by Riccardo Krauter

CMS Made Simple version 2.2.15 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | dc9c78c07b3ed7e55a1c24a996a4e90d
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection
Posted Mar 19, 2021
Authored by LiquidWorm | Site zeroscience.mk

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the pingAddr HTTP POST parameter bypassing the injection protection filter.

tags | exploit, web, arbitrary, shell
MD5 | 1a328f5c085e43fdbc6aa762de109b6f
rConfig 3.9.6 Shell Upload
Posted Mar 18, 2021
Authored by Murat Seker

rConfig version 3.9.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 7068626a36bde3c6ba897ce4012fc020
CuteNews 2.1.2 Shell Upload
Posted Mar 17, 2021
Authored by Mayank Deshmukh

CuteNews version 2.1.2 Avatar upload remote shell upload exploit. Original discovery of remote shell upload in this version is attributed to Ozkan Mustafa Akkus in April of 2019.

tags | exploit, remote, shell
MD5 | 2f8e8a2669b12d6dc41eb292c26ca39a
Alphaware E-Commerce System 1.0 Shell Upload / SQL Injection
Posted Mar 16, 2021
Authored by Christian Vierschilling

Alphaware E-Commerce System version 1.0 suffers from unauthenticated remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
MD5 | 6f60573df06c46c975bfa0b3b3aaff4f
Monitoring System (Dashboard) 1.0 Shell Upload
Posted Mar 12, 2021
Authored by Richard Jones

Monitoring System (Dashboard) version 1.0 suffers from multiple remote code execution vulnerabilities that can be leveraged by malicious shells being uploaded.

tags | exploit, remote, shell, vulnerability, code execution
MD5 | 6fe62b2299146e49f1d6d5baac2d1d37
OpenCMS 11.0.2 Shell Upload
Posted Mar 9, 2021
Authored by Daniel Moreno

OpenCMS version 11.0.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | c723d79a8297b3ce3ac3075416c8832f
Hotel And Lodge Management System 1.0 Shell Upload
Posted Mar 8, 2021
Authored by Christian Vierschilling

Hotel and Lodge Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | d2d8858d968c116baf2c562e946b308d
Online Ordering System 1.0 Shell Upload
Posted Mar 4, 2021
Authored by Suraj Bhosale

Online Ordering System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 05f808849bc20a2901c3aeb914582758
Zenphoto CMS 1.5.7 Shell Upload
Posted Feb 26, 2021
Authored by Abdulaziz Almisfer

Zenphoto CMS versions 1.5.7 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2020-36079
MD5 | a2953bf434e2c790793df43f6311240f
Simple Employee Records System 1.0 Shell Upload
Posted Feb 26, 2021
Authored by sML

Simple Employee Records System version 1.0 suffers from an unauthenticated remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | d0eef29666b46dd7390d7081cb53a6e9
TestLink 1.9.20 Shell Upload
Posted Feb 14, 2021
Authored by snovvcrash

TestLink version 1.9.20 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
advisories | CVE-2020-8639
MD5 | ae7a82dc9cd277f7eda03cb9961266ca
Online Car Rental 1.0 Shell Upload
Posted Feb 10, 2021
Authored by Richard Jones

Online Car Rental version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 16e7dbecfa2fc7c91e9c10a0ab80b747
Car Rental Project 2.0 Shell Upload
Posted Feb 3, 2021
Authored by Jannick Tiger

Car Rental Project version 2.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 931b1766d4fdd75c0bd8596b70a042b6
Online Reviewer System 1.0 SQL Injection / Shell Upload
Posted Feb 1, 2021
Authored by Richard Jones

Online Reviewer System version 1.0 remote shell upload exploit that also leverages a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, shell, sql injection
MD5 | 51109808c0a78c3656ec6d9759f49a77
Ubuntu Security Notice USN-4714-1
Posted Jan 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4714-1 - Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. Various other issues were also addressed.

tags | advisory, remote, arbitrary, shell, code execution
systems | linux, ubuntu
advisories | CVE-2020-26217, CVE-2020-26258, CVE-2020-26259
MD5 | 3cdeed73f8b46410b7481e928cd50ec1
PRTG Network Monitor Remote Code Execution
Posted Jan 28, 2021
Authored by Josh Berry, Julien Bedel | Site metasploit.com

This Metasploit module exploits an authenticated remote code execution vulnerability in PRTG Network Monitor. Notifications can be created by an authenticated user and can execute scripts when triggered. Due to a poorly validated input on the script name, it is possible to chain it with a user-supplied command allowing command execution under the context of privileged user. The module uses provided credentials to log in to the web interface, then creates and triggers a malicious notification to perform remote code execution using a Powershell payload. It may require a few tries to get a shell because notifications are queued up on the server. This vulnerability affects versions prior to 18.2.39.

tags | exploit, remote, web, shell, code execution
advisories | CVE-2018-9276
MD5 | 60bd8795d3c06d9bcbf5158034587215
Page 1 of 116
Back12345Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close