This module exploits an arbitrary file upload in Trend Micro Mobile Security for Enterprise to install an agent.
This module exploits a zip file upload directory traversal in ATutor AContent to install an agent.
This module exploits a directory traversal arbitrary file upload in Schneider Electric U.Motion Builder to install an agent.
Remote Code Execution when performing file upload based on Jakarta Multipart parser.
This module exploits a SQL Injection vulnerability in Joomla which allows gathering of users and password hashes by parsing SQL output errors
PHPMailer is prone to a abuse the mailSend function. This vulnerability allows remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property. The attack will not leave any trace. This exploit installs an OS Agent.
This module uses an arbitrary file upload vulnerability in Magento eCommerce Web Sites to gain arbitrary code execution on the affected system. Authentication is required to access the administrative panel.
This module uses a directory traversal vulnerability in the file import feature in Nuxeo Platform CMS to upload a JSP to gain arbitrary code execution on the affected system.
This module uses a file upload vulnerability in Elefant CMS to gain arbitrary code execution on the affected system.
This module exploits an authentication bypass and a file upload vulnerability in Boonex Dolphin to install an agent.