Search: [rce] - Shared Bookmarks

Links per page: 20 50 100

◄Older

page 2 / 3

50 results tagged rce x

elFinder - A Case Study of Web File Manager Vulnerabilities
August 19, 2021 at 1:47:56 PM UTC - permalink -

- https://blog.sonarsource.com/elfinder-case-study-of-web-file-manager-vulnerabilities

elfinder rce rapid7 lfi wordpress prowebce
Attacking RMI based JMX services | MOGWAI LABS GmbH
July 13, 2021 at 2:33:30 PM UTC - permalink -

- https://mogwailabs.de/en/blog/2019/04/attacking-rmi-based-jmx-services/

jmx rmi attack rce
How we found Unintended bypass to exploiting entire CyberThreatForce discord server | by Muhammad Faqih Jihan Insani | Jul, 2021 | Medium
July 7, 2021 at 10:12:22 AM UTC * - permalink -

- https://hanasuru.medium.com/how-we-found-unintended-bypass-to-exploiting-entire-cyberthreatforce-discord-server-d93951b9efab

cyberthreatforce ctf writeup discord bot rce python jail
Pre-auth RCE in ForgeRock OpenAM (CVE-2021-35464) | PortSwigger Research
June 29, 2021 at 1:03:41 PM UTC - permalink -

- https://portswigger.net/research/pre-auth-rce-in-forgerock-openam-cve-2021-35464

unserialize deserialization java ysoserial openam portswigger gadget chain custom rce oauth
CVE-2021-27651-PoC/RCE.md at main · samwcyo/CVE-2021-27651-PoC
May 28, 2021 at 10:00:44 AM UTC - permalink -

- https://github.com/samwcyo/CVE-2021-27651-PoC/blob/main/RCE.md

pega rce preauth
RootedCON 2015 - Deep inside the Java framework Apache Struts
March 2, 2021 at 10:09:57 AM UTC * - permalink -

- https://www.slideshare.net/testpurposes/deep-inside-the-java-framework-apache-struts

tomcat jmx valve rce jolokia bean
Compromising Apache Tomcat via JMX access
March 2, 2021 at 10:09:13 AM UTC * - permalink -

- https://webcache.googleusercontent.com/search?q=cache:KLTw4S74sWwJ:https://www.nccgroup.com/uk/about-us/newsroom-and-events/blogs/2017/february/compromising-apache-tomcat-via-jmx-access/+&cd=1&hl=fr&ct=clnk&gl=frgs/2017/february/compromising-apache-tomcat-via-jmx-access/+&cd=1&hl=fr&ct=clnk&gl=fr

tomcat jmx rce jolokia
The Secret Parameter, LFR, and Potential RCE in NodeJS Apps
February 1, 2021 at 10:59:48 AM UTC - permalink -

- https://blog.shoebpatel.com/2021/01/23/The-Secret-Parameter-LFR-and-Potential-RCE-in-NodeJS-Apps/

nodejs lfr rce express handlebars layout param minter
poc/dwrcs_dwDrvInst_rce.py at master · tenable/poc
December 17, 2020 at 1:25:49 PM UTC * - permalink -

- https://github.com/tenable/poc/blob/master/Solarwinds/Dameware/dwrcs_dwDrvInst_rce.py

dameware rce tenable remote manager
(325) Exploitation of a Samsung Galaxy Note 10+ Zero-Click RCE Bug via MMS - YouTube
December 10, 2020 at 5:08:48 PM UTC - permalink -

- https://www.youtube.com/watch?v=nke8Z3G4jnc&ab_channel=MateuszJurczyk

0click samsung exploit rce mms
InsertScript: ImageMagick - Shell injection via PDF password
November 23, 2020 at 2:15:09 PM UTC - permalink -

- https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html

imagemagick image magick rce pdf shell injection
CSM_pocs.md
November 18, 2020 at 1:31:54 PM UTC - permalink -

- https://gist.github.com/Frycos/8bf5c125d720b3504b4f28a1126e509e

cisco security manager rce poc gist twitter
HoangKien1020/CVE-2020-10239: CVE-2020-10239: Incorrect Access Control in com_fields SQL field-RCE- PoC

3.7.0 to 3.9.15
November 12, 2020 at 9:30:30 AM UTC - permalink -

- https://github.com/HoangKien1020/CVE-2020-10239

joomla sqli rce
Orange: 十月 2018

" OK, by chaining above techniques(session upload progress + race condition + PHP wrappers), we can get the shell back!"
November 10, 2020 at 6:38:26 PM UTC - permalink -

- http://blog.orange.tw/2018/10/

php lfi upload rce sessions
Exploit with PHP Protocols / Wrappers - cdxy
November 10, 2020 at 4:41:29 PM UTC - permalink -

- https://www.cdxy.me/?p=752

php wrapper exploitation filters url include lfi rfi rce
jas502n/CVE-2020-14882: CVE-2020–14882、CVE-2020–14883
November 2, 2020 at 2:57:38 PM UTC - permalink -

- https://github.com/jas502n/CVE-2020-14882

rce weblogic oracle

The hidden dangers of XSLTProcessor - Remote XSL injection | Acunetix

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:php="http://php.net/xsl">
  <xsl:template match="/">
  <script>confirm("We're good");</script>
   <!--
   <xsl:value-of select="php:function('exec','id')"/>
   <xsl:value-of select="php:function(‘passthru’,’ls -la /’)"/>
   <xsl:copy-of select="document('/etc/passwd')"/>
   <xsl:value-of select="php:function('passthru','ls -la /')"/>
   -->
   <xsl:value-of select="php:function('passthru','ls -la /')"/>

  </xsl:template>
</xsl:stylesheet>

October 16, 2020 at 3:57:50 PM UTC * - permalink -

- https://www.acunetix.com/blog/articles/the-hidden-dangers-of-xsltprocessor-remote-xsl-injection/

xslt injection command execution rce lfi

jackson_deserialization.pdf
September 1, 2020 at 3:23:05 PM UTC - permalink -

- https://www.nccgroup.com/globalassets/our-research/us/whitepapers/2018/jackson_deserialization.pdf

jackson unmarshalling deserialization java rce
Attack Spring Boot Actuator via jolokia Part 2
June 26, 2020 at 1:54:48 PM UTC * - permalink -

- https://paper.seebug.org/851/

jolokia actuator spring boot rce
Exploiting ViewState Deserialization using Blacklist3r and YSoSerial.Net - NotSoSecure
June 26, 2020 at 9:26:55 AM UTC - permalink -

- https://www.notsosecure.com/exploiting-viewstate-deserialization-using-blacklist3r-and-ysoserial-net/

viewstate pentest blacklist3r ysoserial rce unserialize

Links per page: 20 50 100

◄Older

page 2 / 3

Newer►