Palo Alto OS Command Injection Proof Of Concept
April 17th, 2024 | π
iSpeechThis is a scanning script to validate vulnerable Palo Alto OS systems for the recent zero day command injection vulnerability.
Browsing the "command" Tag
Palo Alto OS Command Injection – Torchsec
April 17th, 2024 | π
iSpeech.org # CVE-2024-3400 CVE-2024-3400 Palo Alto OS Command Injection send this HTTP request: ```http POST /ssl-vpn/hipreport.esp HTTP/1.1Host: 127.0.0.1Cookie: SESSID=/../../../var/appweb/sslvpndocs/global-protect/portal/images/hellome1337.txt;Connection: closeContent-Type:
GLPI 10.x.x Remote Command Execution
April 15th, 2024 | π
iSpeechGLPI versions 10.x.x suffers from a remote command execution vulnerability via the shell commands plugin. Source link
Ray OS 2.6.3 Command Injection – Torchsec
April 12th, 2024 | π
https://www.ispeech.org*] # Exploit Title: Ray OS v2.6.3 - Command Injection RCE(Unauthorized)# Description:# The Ray Project dashboard contains a CPU profiling
GUnet OpenEclass E-learning 3.15 File Upload / Command Execution – Torchsec
April 11th, 2024 | π
german tts import requestsimport argparseimport zipfileimport osimport sys RED = '\03391m'GREEN = '\03392m'YELLOW = '\03393m'RESET = '\0330m'ORANGE = '\03338;5;208m' MALICIOUS_PAYLOAD
CHAOS RAT 5.0.1 Remote Command Execution – Torchsec
April 10th, 2024 | π
iSpeech # Exploit Title: CHAOS RAT v5.0.1 RCE# Date: 2024-04-05# Exploit Author: @_chebuya# Software Link: https://github.com/tiagorlampert/CHAOS# Version: v5.0.1 # Tested
Backdoor.Win32.Agent.ju (PSYRAT) MVID-2024-0677 Bypass / Command Execution – Torchsec
April 3rd, 2024 | π
uk text to speech Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source: https://malvuln.com/advisory/0e6e40aad3e8d46e3c0c26ccc6ab94b3.txtContact: malvuln13@gmail.comMedia: twitter.com/malvuln Threat: Backdoor.Win32.Agent.ju
FoF Pretty Mail 1.1.2 Command Injection – Torchsec
March 30th, 2024 | π
https://www.ispeech.org/text.to.speech Exploit Title: FoF Pretty Mail 1.1.2 Extension for Flarum Command InjectionDate: 03/28/2024Exploit Author: Chokri HammediVendor Homepage: https://flarum.org/Software Link: https://github.com/FriendsOfFlarum/pretty-mailVersion:
WatchGuard XTM Firebox Unauthenticated Remote Command Execution – Torchsec
March 29th, 2024 | π
https://www.ispeech.org/text.to.speech ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## require 'zlib' class MetasploitModule < Msf::Exploit::RemoteRank = GoodRankinginclude Msf::Exploit::Remote::HttpClientprepend Msf::Exploit::Remote::AutoCheck
Circontrol Raption Buffer Overflow / Command Injection
March 28th, 2024 | π
https://www.ispeech.orgThe server in Circontrol Raption versions through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain
Sharepoint Dynamic Proxy Generator Remote Command Execution – Torchsec
March 27th, 2024 | π
TTS ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## require 'securerandom' class MetasploitModule < Msf::Exploit::RemoteRank = ExcellentRanking include Msf::Exploit::Remote::HttpClientinclude
OpenNMS Horizon 31.0.7 Remote Command Execution – Torchsec
March 21st, 2024 | π
iSpeech ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::RemoteRank = ExcellentRanking include Msf::Exploit::Remote::HttpClientprepend Msf::Exploit::Remote::AutoCheck def
Nokia BMC Log Scanner 13 Command Injection – Torchsec
March 18th, 2024 | π
Text to Speech # Exploit Title: Nokia BMC Log Scanner Remote Code Execution# Google Dork: N/A# Date: November 29, 2023#
SolarView Compact 6.00 Command Injection – Torchsec
March 15th, 2024 | π
https://www.ispeech.org #- Exploit Title: SolarView Compact 6.00 - Command Injection#- Shodan Dork: http.html:"solarview compact"#- Exploit Author: ByteHunter#- Email: 0xByteHunter@proton.me#- Version:
-
Donate Via Wallets
-
MetaMask -
Trust Wallet -
Binance Wallet -
WalletConnect
-
-
Popular
Event Management 1.0 SQL Injection – Torchsec March 28, 2024 # Exploit Title: Event Management - SQL Injection# Application: Event… (11)- Artica Proxy Unauthenticated PHP Deserialization… March 27, 2024 ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule… (8)
- Siklu MultiHaul TG Series Credential Disclosure… March 29, 2024 # Exploit Title: Siklu MultiHaul TG series - unauthenticated credential… (8)
- WinRAR 6.22 Remote Code Execution – Torchsec March 29, 2024 ################################################################################################# Exploit Title : EXPLOIT WinRAR version 6.22 Vulnerability CVE-2023-38831… (8)
π₯Members
-
π Forum Groups
-
linktr.ee/obewyn
Gloss