webapps exploits
Page 1 of 33988 exploits
 |
Title | Author | Platform | Source | Description | Date |
|---|---|---|---|---|---|---|
|
D-Link DIR615h OS Command Injection | Michael Messner | na | juan vazquez | Some D-Link Routers are vulnerable to an authenticated OS command injection on their web interface, where default credentials are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. This Metasploit module was tested against a DIR-615 hardware revision H1 - firmware version 8.04. A ping command against a controlled system could be used for testing purposes. The exploit uses the wget client from the device to convert the command injection into an arbitrary payload execution. | 18 hours ago |
|
|
Moxiecode Image Manager 3.1.5 Shell Upload | MustLive | na | packetstormsecurity.org | Moxiecode Image Manager (MCImageManager) versions 3.1.5 and below suffer from a remote shell upload vulnerability. Moxiecode is a commercial plugin for TinyMCE. | yesterday |
|
|
php-Charts 1.0 - Code Execution Vulnerability | fizzle stick | php | exploit-db.com | Exploit Title: PHP-CHARTS v1.0 code execution vulnerability Date: 05/15/2013 Exploit Author: fizzle stick Vendor Homepage: http://php-charts.com/ Software Link: http://php-charts.com/downloads/php-chart_v1.0.zip Version: v1.0 Tested on: Windows Summary: PHP-charts v1.0 suffers | Friday |
|
|
Glibc 2.11.3 / 2.12.x LD_AUDIT libmemusage.so Local Root | Todor Donev | na | packetstormsecurity.org | Local root exploit for Glibc versions 2.11.3 and 2.12.x utilizing LD_AUDIT libmemusage.so. | Friday |
|
|
Moxiecode File Manager 3.1.5 Shell Upload | MustLive | na | packetstormsecurity.org | Moxiecode File Manager (MCFileManager) versions 3.1.5 and below suffer from a remote shell upload vulnerability. Moxiecode is a commercial plugin for TinyMCE. | Friday |
|
|
Nginx 1.3.9 / 1.4.0 Denial Of Service | Mert SARICA | na | mertsarica.com | Nginx versions 1.3.9 through 1.4.0 suffer from a denial of service vulnerability. | Friday |
|
|
Glibc 2.12.x, 2.11.3, 2.12.2 LD_AUDIT libmemusage.so Local Root | Todor Donev | na | packetstormsecurity.org | Local root exploit for Glibc versions 2.11.3 and 2.12.x utilizing LD_AUDIT libmemusage.so. | Friday |
|
|
Exponent CMS 2.2.0 beta 3 - Multiple Vulnerabilities | High-Tech Bridge . | php | exploit-db.com | Advisory ID: HTB23154 Product: Exponent CMS Vendor: Online Innovative Creations Vulnerable Version(s): 2.2.0 beta 3 and probably prior Tested Version: 2.2.0 beta 3 Vendor Notification: April 24, 2013 Vendor Patch: May 3, 2013 Public Disclosure: May 15, 2013 Vulnerability Type: SQL Injecti | Friday |
|
|
CKEditor < 4.1 Drupal 6.x & 7.x - Persistent XSS Vulnerability | r0ng | php | exploit-db.com | Exploit Title: Persistent XSS in wysiwyg CKEditor <4.1 Drupal 6.x & 7.x Date: 15/05/2013 Exploit Author: r0ng Vendor Homepage: http://www.websitesecurityscan.net, http://www.hackers2devnull.blogspot.co.uk Software Links: http://ckeditor.com/release/CKEditor-4.0.3, http://drupal.org/dow | Friday |
|
|
Mutiny 5 Arbitrary File Upload | juan vazquez | na | metasploit.com | This Metasploit module exploits a code execution flaw in the Mutiny 5 appliance. The EditDocument servlet provides a file upload function to authenticated users. A directory traversal vulnerability in the same functionality allows for arbitrary file upload, which results in arbitrary code execution with root privileges. In order to exploit the vulnerability a valid user (any role) in the web frontend is required. The module has been tested successfully on the Mutiny 5.0-1.07 appliance. | Thursday |
|
|
WordPress wp-FileManager File Download | ByEge | na | packetstormsecurity.org | WordPress wp-FileManager plugin suffers from an arbitrary file download vulnerability. | May 15 |
|
|
Exponent CMS 2.2.0 Beta 3 LFI / SQL Injection | High-Tech Bridge SA | na | htbridge.com | Exponent CMS version 2.2.0 beta 3 suffers from local file inclusion and remote SQL injection vulnerabilities. | May 15 |
|
|
SSH User Code Execution | Spencer McIntyre | na | metasploit.com | This Metasploit module utilizes a stager to upload a base64 encoded binary which is then decoded, chmod'ed and executed from the command shell. | May 15 |
|
|
Kloxo 6.1.12 Privilege Escalation | juan vazquez | na | HTP | Kloxo versions 6.1.12 and below contain two setuid root binaries. lxsuexec and lxrestart allow local privilege escalation to root from uid 48, Apache by default on CentOS 5.8, the operating system supported by Kloxo. This Metasploit module has been tested successfully with Kloxo 6.1.12 and 6.1.6. | May 15 |
|
|
Wordpress wp-FileManager - Arbitrary File Download Vulnerability | ByEge | php | exploit-db.com | Title: Wordpress wp-FileManager Local File Download Vulnerability Author: ByEge Download: http://wordpress.org/extend/plugins/wp-filemanager/ Test Platform: Linux Images: http://j1305.hizliresim.com/19/f/n0xxf.jpg Vuln. Plat.: Web Application Google Dorks: inurl:wp-content/plugins/wp-fil | May 14 |