PHPMailer is prone to a abuse the mailSend function. This vulnerability allows remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Remote Code Execution when performing file upload based on Jakarta Multipart parser.
This module exploits an unauthenticated PHP Injection vulnerability abusing the unserialize() function.
phpMyAdmin is prone to a regexp abuse via an eval modifier which can be found in old PHP versions. This vulnerability allows authenticated attackers to run arbitrary php code on the affected server.
PHP versions 4.3.0-5.4.6 had a "feature" which allowed users to run a RegExp Pattern Modifier using PREG_REPLACE_EVAL and may lead to execute code.
phpMyAdmin had an issue in their code that can be exploited from a table replace call.
The general idea is to insert a crafted regexp eval record format, and then trigger it via a find and replace function with system commands
For that purpose, the exploit will try to use any existing cookies of that host, or the username and password provided.
Once logged in, if the user provided a database, it will be used. If not, we will search for existing databases.
The attack will not leave any trace.
This exploit installs an OS Agent.
PHP versions 4.3.0-5.4.6 had a "feature" which allowed users to run a RegExp Pattern Modifier using PREG_REPLACE_EVAL and may lead to execute code.
phpMyAdmin had an issue in their code that can be exploited from a table replace call.
The general idea is to insert a crafted regexp eval record format, and then trigger it via a find and replace function with system commands
For that purpose, the exploit will try to use any existing cookies of that host, or the username and password provided.
Once logged in, if the user provided a database, it will be used. If not, we will search for existing databases.
The attack will not leave any trace.
This exploit installs an OS Agent.
Action Pack in Ruby on Rails allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method.
RESTWS alters the default page callbacks for entities to provide additional functionality. A vulnerability in this approach allows an unauthenticated attacker to send specially crafted requests resulting in arbitrary PHP execution.
The REST plugin in the Apache Struts 2 framework is prone to a remote code execution vulnerability when evaluating OGNL expressions when Dynamic Method Invocation is enabled.
This vulnerability allows remote attackers to execute arbitrary Java code on the affected server.
This module exploits the vulnerability in any web application built on top of vulnerable versions of Apache Struts 2 making use of the REST plugin with the Dynamic Method Invocation feature enabled.
This vulnerability allows remote attackers to execute arbitrary Java code on the affected server.
This module exploits the vulnerability in any web application built on top of vulnerable versions of Apache Struts 2 making use of the REST plugin with the Dynamic Method Invocation feature enabled.
This module exploits a remote code execution vulnerability in Joomla. The session handling code is susceptible to PHP Object Injection attacks due to lack of sanitization in some HTTP headers that are saved to the database session backend.
This update fixes an issue which made the exploit abort before running.
This update fixes an issue which made the exploit abort before running.
This vulnerability allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method.
Combining this with log injection, remote code execution can be achieved.
Combining this with log injection, remote code execution can be achieved.
This module uses an unauthenticated deserialization vulnerability in Magento eCommerce Web Sites to perform an arbitrary write file to gain arbitrary PHP code execution on the affected system.