jheysel-r7
jheysel-r7
The [original advisory](https://blog.exodusintel.com/2022/06/09/salesagility-suitecrm-export-request-sql-injection-vulnerability/) by Exodus Intelligence mentions a unauthenticated RCE vulnerability in SuiteCRM. After some enumeration I wasn't able to find an unauthenticated entry point, or an RCE. However I...
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. More info: https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/ This PR adds a fairly...
Exploits a default Erlang cookie vulnerability in Apache CouchDB which allows for RCE as the user running the application. ## Verification Follow the setup instructions for installing on windows (easier...
## Summary PoC for an RCE in Apache CouchDB is publicly available, would make a great metasploit module. ### Basic example [If you have a POC, blog post or any...
https://docs.fortinet.com/document/fortigate/7.2.2/fortios-release-notes/289806/resolved-issues https://docs.fortinet.com/document/fortigate/7.0.7/fortios-release-notes/289806/resolved-issues ## Summary I have a vulnerable target but haven't been able to find any patch details yet. ### Motivation FortiGate instances are widely deployed. I think I module...
This PR makes use of the following CVE-2022-3699 [PoC](https://github.com/alfarom256/CVE-2022-3699) in combination with the Reflective DLL module template. ## Verification List the steps needed to make sure this thing works -...
## Steps to reproduce Run the `wp_bookingpress_category_services_sqli` module and set `RHOSTS` to `localhost` ``` msf6 auxiliary(gather/wp_bookingpress_category_services_sqli) > run [*] Running module against 0.0.0.1 [*] Running automatic check ("set AutoCheck false"...
Currently working on this, using as a placeholder ## Summary More info here: https://github.com/alfarom256/CVE-2022-3699/ ### Basic example If you have a POC, blog post or any other useful references please...
## Summary Apache Solr Backup/Restore APIs RCE ### Basic example [PoC](https://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC)
## Summary A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0...