Jump to content
LeVeL23HackTools
  • Sign Up

Search the Community

Showing results for tags 'command'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Cracking Zone
    • Cracking Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
    • Windows Phone
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Premium Accounts
    • Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Cracking Zone PRIV8
    • Cracking Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Location


Interests


Occupation


TeamViewer


Tox

Found 112 results

  1. GNU patch suffers from command injection and various other vulnerabilities when handling specially crafted patch files. View the full article
  2. EyesOfNetwork version 5.1 authenticated remote command execution exploit. View the full article
  3. This Metasploit module exploits SQL injection and command injection vulnerabilities in the ManageEngine Application Manager versions 14.2 and below. View the full article
  4. This Metasploit module exploits SQL injection and command injection vulnerability in the OpManager versions 12.4.034 and below. View the full article
  5. This Metasploit module bypasses the user password requirement in the OpManager versions 12.4.034 and below. It performs authentication bypass and executes commands on the server. View the full article
  6. Mitel 6869i Voip Deskphone version 4.2.2032 suffer from an unauthenticated command injection vulnerability. View the full article
  7. CentOS Control Web Panel (CWP) version 0.9.8.836 suffers from a remote command execution vulnerability. View the full article
  8. KDE 4/5 is vulnerable to a command injection vulnerability in the KDesktopFile class. When a .desktop or .directory file is instantiated, it unsafely evaluates environment variables and shell expansions using KConfigPrivate::expandString() via the KConfigGroup::readEntry() function. Using a specially crafted .desktop file a remote user could be compromised by simply downloading and viewing the file in their file manager, or by drag and dropping a link of it into their documents or desktop. Versions 5.60.0 and below are affected. View the full article
  9. ATutor version 2.2.4 suffers from a language_import arbitrary file upload that allows for command execution. View the full article
  10. Opencart versions 2.3.0.2 and below suffer from an insecure OCMod generation remote command execution vulnerability. View the full article
  11. ATutor version 2.2.4 suffers from a backup functionality remote command execution vulnerability. View the full article
  12. This Metasploit module exploits a command injection vulnerability in Apache Tika versions 1.15 through 1.17 on Windows. A file with the image/jp2 content-type is used to bypass magic byte checking. When OCR is specified in the request, parameters can be passed to change the parameters passed at command line to allow for arbitrary JScript to execute. A JScript stub is passed to execute arbitrary code. This module was verified against version 1.15 through 1.17 on Windows 2012. While the CVE and finding show more versions vulnerable, during testing it was determined only versions greater than 1.14 were exploitable due to jp2 support being added. View the full article
  13. Microsoft Windows suffers from a PowerShell unsanitized filename command execution vulnerability. View the full article
  14. Sar2HTML version 3.2.1 suffers from a remote code execution vulnerability. View the full article
  15. There exists a command injection vulnerability in the Wordpress plugin wp-database-backup for versions less than 5.2. For the backup functionality, the plugin generates a mysqldump command to execute. The user can choose specific tables to exclude from the backup by setting the wp_db_exclude_table parameter in a POST request to the wp-database-backup page. The names of the excluded tables are included in the mysqldump command unsanitized. Arbitrary commands injected through the wp_db_exclude_table parameter are executed each time the functionality for creating a new database backup are run. Authentication is required to successfully exploit this vulnerability. View the full article
  16. This Metasploit module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x up to 5.6.29. Remote command execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in Illuminate/Encryption/Encrypter.php. Authentication is not required, however exploitation requires knowledge of the Laravel APP_KEY. Similar vulnerabilities appear to exist within Laravel cookie tokens based on the code fix. In some cases the APP_KEY is leaked which allows for discovery and exploitation. View the full article
  17. Citrix SD-WAN Appliance version 10.2.2 suffers from authentication bypass and remote command execution vulnerabilities. View the full article
  18. 1337day-Exploits

    Xymon useradm Command Execution

    This Metasploit module exploits a command injection vulnerability in Xymon versions before 4.3.25 which allows authenticated users to execute arbitrary operating system commands as the web server user. When adding a new user to the system via the web interface with useradm.sh, the user's username and password are passed to htpasswd in a call to system() without validation. This module has been tested successfully on Xymon version 4.3.10 on Debian 6. View the full article
  19. This Metasploit module exploits a vulnerability within the "ghelp", "help" and "man" URI handlers within Linux Mint's "ubuntu-system-adjustments" package. Invoking any one the URI handlers will call the python script "/usr/local/bin/yelp" with the contents of the supplied URI handler as its argument. The script will then search for the strings "gnome-help" or "ubuntu-help" and if doesn't find either of them it'll then execute os.system("/usr/bin/yelp %s" % args). User interaction is required to exploit this vulnerability. Versions 18.3 through 19.1 are affected. View the full article
  20. This Metasploit module exploits a command injection in TimeMachine on macOS <= 10.14.3 in order to run a payload as root. The tmdiagnose binary on OSX <= 10.14.3 suffers from a command injection vulnerability that can be exploited by creating a specially crafted disk label. The tmdiagnose binary uses awk to list every mounted volume, and composes shell commands based on the volume labels. By creating a volume label with the backtick character, we can have our own binary executed with root privileges. View the full article
  21. FaceSentry Access Control System version 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' and 'strInPort' parameters (POST) in pingTest and tcpPortTest PHP scripts. View the full article
  22. Fortinet FCM-MB40 suffers from remote command execution and cross site request forgery vulnerabilities. View the full article
  23. SAPIDO RB-1732 version 2.0.43 suffers from a remote command execution vulnerability. View the full article
  24. 1337day-Exploits

    SeedDMS Remote Command Execution

    SeedDMS versions prior to 5.1.11 suffers from a remote shell upload vulnerability. View the full article
  25. FusionPBX versions 4.4.3 and below suffer from a remote code execution vulnerability via cross site scripting. View the full article
×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.