Exploits/Authentication Weakness/Known Vulnerabilities

Cisco Data Center Network Manager HostEnclHandler getVmHostData SQL Injection Vulnerability Exploit Update

This module uses an authentication bypass and a SQL injection vulnerability in order to upload and execute a JSP file in the Wildfly virtual file system webapps directory. This update fixes OS detection when detecting DCNM version.

Cisco Data Center Network Manager HostEnclHandler getVmHostData SQL Injection Vulnerability Exploit

This module uses an authentication bypass and a SQL injection vulnerability in order to upload and execute a JSP file in the Wildfly virtual file system webapps directory.

Apache CouchDB Remote OS Command Injection Exploit

Apache CouchDB contains an Authentication Bypass vulnerability and a OS Command Injection vulnerability, which allows attackers to gain arbitrary code execution on the affected system.

Dell EMC Data Protection Advisor Remote OS Command Injection Exploit

Dell EMC Data Protection Advisor contains an Authentication Bypass vulnerability and a OS Command Injection vulnerability, which allows attackers to gain arbitrary code execution on the affected system.

Tp-link EAP Controller Exploit

Tp-link EAP Controller does not handle privilege management correctly so a non privileged user can execute privileged actions. This module will try to change the device's settings and enable ssh in order to take control of the managed Access Points.

Magento eCommerce Web Sites Deserialization Remote Code Execution Exploit

This module uses an unauthenticated deserialization vulnerability in Magento eCommerce Web Sites to perform an arbitrary write file to gain arbitrary PHP code execution on the affected system.

Magento eCommerce Web Sites Remote Code Execution Exploit

Magento eCommerce Web Sites suffers from a Authentication Bypass Vulnerability, a Blind SQL Injection Vulnerability and a Remote File Inclusion Vulnerability. These 3 vulnerabilities, allows an attacker to gain arbitrary code execution on the affected system.