Search the Community
Showing results for tags 'apache'.
-
Features Fast bruteforce Low RAM and CPU usage Open-Source Python [hide][Hidden Content]]
-
Exploits Apache Solr 8.2.0 Remote Code Execution
1337day-Exploits posted a topic in Updated Exploits
Apache Solr version 8.2.0 suffers from a remote code execution vulnerability. View the full article -
Exploits Apache Tika 1.17 Header Command Injection
1337day-Exploits posted a topic in Updated Exploits
This Metasploit module exploits a command injection vulnerability in Apache Tika versions 1.15 through 1.17 on Windows. A file with the image/jp2 content-type is used to bypass magic byte checking. When OCR is specified in the request, parameters can be passed to change the parameters passed at command line to allow for arbitrary JScript to execute. A JScript stub is passed to execute arbitrary code. This module was verified against version 1.15 through 1.17 on Windows 2012. While the CVE and finding show more versions vulnerable, during testing it was determined only versions greater than 1.14 were exploitable due to jp2 support being added. View the full article -
Apache Axis version 1.4 suffers from a remote code execution vulnerability. View the full article
-
Exploits Apache 2.4.38 Root Privilege Escalation
1337day-Exploits posted a topic in Updated Exploits
Apache versions 2.4.17 through 2.4.38 suffer from a local root privilege escalation vulnerability due to an out-of-bounds array access leading to an arbitrary function call. View the full article -
Apache UNO with LibreOffice version 6.1.2 and OpenOffice version 4.1.6 API remote code execution exploit. View the full article
-
Apache Tika Server versions prior to 1.18 suffer from a command injection vulnerability. View the full article
-
Exploits Apache CouchDB 2.3.0 Cross Site Scripting
1337day-Exploits posted a topic in Updated Exploits
Apache CouchDB version 2.3.0 suffers from multiple cross site scripting vulnerabilities. View the full article -
Exploits Apache OFBiz 16.11.05 Cross Site Scripting
1337day-Exploits posted a topic in Updated Exploits
Apache OFBiz version 16.11.05 suffers from a cross site scripting vulnerability. View the full article -
Exploits Apache Superset 0.23 Remote Code Execution
1337day-Exploits posted a topic in Updated Exploits
Apache Superset version 0.23 suffers from a remote code execution vulnerability. View the full article -
Apache OFBiz version 16.11.04 suffers from an XML external entity injection vulnerability. View the full article
-
Exploits Apache Syncope 2.0.7 Remote Code Execution
1337day-Exploits posted a topic in Updated Exploits
Apache Syncope version 2.7 suffers from a remote code execution vulnerability. View the full article -
This Metasploit module exploits a remote code execution vulnerability in Apache Struts versions 2.3 through 2.3.4, and 2.5 through 2.5.16. Remote code execution can be performed via an endpoint that makes use of a redirect action. Native payloads will be converted to executables and dropped in the server's temp dir. If this fails, try a cmd/* payload, which won't have to write to the disk. View the full article