what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 3,335 RSS Feed

Shell Files

Red Hat Security Advisory 2024-9976-03
Posted Nov 25, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9976-03 - An update for python-werkzeug is now available for Red Hat OpenStack Platform 17.1. Issues addressed include a remote shell upload vulnerability.

tags | advisory, remote, shell, python
systems | linux, redhat
advisories | CVE-2024-34069
SHA-256 | 755e3f7fd3a32e239d9a8e79f9b2bd32c56c1499b3152634192c8405d374b1a0
Red Hat Security Advisory 2024-9975-03
Posted Nov 25, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9975-03 - An update for python-werkzeug is now available for Red Hat OpenStack Platform 17.1. Issues addressed include a remote shell upload vulnerability.

tags | advisory, remote, shell, python
systems | linux, redhat
advisories | CVE-2024-34069
SHA-256 | 606dbbccfc1abbfc6325944757b4c621aff1bfa2dff0fcf6e7bc64c779e522a0
Red Hat Security Advisory 2024-9923-03
Posted Nov 25, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9923-03 - An update for python3.12-urllib3 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a remote shell upload vulnerability.

tags | advisory, remote, shell
systems | linux, redhat
advisories | CVE-2024-37891
SHA-256 | ac3b4900168ba2084e3ad8318e664384985ddb8ae1864c72c0e264af4e5a06af
Red Hat Security Advisory 2024-9915-03
Posted Nov 25, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9915-03 - An update for gnome-shell is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a code execution vulnerability.

tags | advisory, shell, code execution
systems | linux, redhat
advisories | CVE-2024-36472
SHA-256 | 7c38c86be0147ffda65ea56f2165d3836b6417399eb96f625c921555b4f4da98
Debian Security Advisory 5816-1
Posted Nov 20, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5816-1 - The Qualys Threat Research Unit discovered that libmodule-scandeps-perl, a Perl module to recursively scan Perl code for dependencies, allows an attacker to execute arbitrary shell commands via specially crafted file names.

tags | advisory, arbitrary, shell, perl
systems | linux, debian
advisories | CVE-2024-10224
SHA-256 | be57e41b4a34c57cf7b234b08605df86cb03fd9a15befc05712e6544727af3bb
Ubuntu Security Notice USN-7117-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7117-1 - Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands.

tags | advisory, arbitrary, shell, local, root, perl
systems | linux, ubuntu
advisories | CVE-2024-10224, CVE-2024-11003, CVE-2024-48990, CVE-2024-48991, CVE-2024-48992
SHA-256 | 243f9908492121d33be291aab7ae169001482e1d128c0417a2f83b5ed1d56c6e
Ubuntu Security Notice USN-7108-1
Posted Nov 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7108-1 - Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the extension info message. An attacker able to intercept communications could possibly use this issue to downgrade the algorithm used for client authentication. Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the user authentication request message. An attacker could possibly use this issue to control the remote end of an SSH client session via packet injection/removal and shell emulation.

tags | advisory, remote, shell
systems | linux, ubuntu
advisories | CVE-2023-46445, CVE-2023-46446
SHA-256 | 879c1bba1c6e49f095f223b8a2b416c8ae15269b5259350aefb2b128068cebe4
Red Hat Security Advisory 2024-9457-03
Posted Nov 13, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9457-03 - An update for python3.12-urllib3 is now available for Red Hat Enterprise Linux 9. Issues addressed include a remote shell upload vulnerability.

tags | advisory, remote, shell
systems | linux, redhat
advisories | CVE-2024-37891
SHA-256 | 8227c87ea3c4a2d6d25c74d77bc24b194c3a6bf80fbb99081bf8a9064998e024
Red Hat Security Advisory 2024-9114-03
Posted Nov 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9114-03 - An update for gnome-shell and gnome-shell-extensions is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.

tags | advisory, shell, code execution
systems | linux, redhat
advisories | CVE-2024-36472
SHA-256 | 1d6730f189c823a485237f81d05d3aaac88a9d4de629ecb7b8e5e627d3bdfc7b
Red Hat Security Advisory 2024-8842-03
Posted Nov 5, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-8842-03 - An update for python3.12-urllib3 is now available for Red Hat Enterprise Linux 8. Issues addressed include a remote shell upload vulnerability.

tags | advisory, remote, shell
systems | linux, redhat
advisories | CVE-2024-37891
SHA-256 | ae91c8664deb819fc4ddcbf4831200d22f81218eccceadff115c6156faa9ac05
Grafana Remote Code Execution
Posted Oct 24, 2024
Authored by z3k0sec | Site github.com

This repository contains a Python script that exploits a remote code execution vulnerability in Grafana's SQL Expressions feature. By leveraging insufficient input sanitization, this exploit allows an attacker to execute arbitrary shell commands on the server. This is made possible through the shellfs community extension, which can be installed and loaded by an attacker to facilitate command execution.

tags | exploit, remote, arbitrary, shell, code execution, python
advisories | CVE-2024-9264
SHA-256 | 6c3c16d85296d769a797c9f8ac23b3a50fdbb1f53c416a6022ded19352c4bb10
ABB Cylon Aspect 3.08.01 persistenceManagerAjax.php Command Injection
Posted Oct 22, 2024
Authored by LiquidWorm | Site zeroscience.mk

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the directory HTTP POST parameter called by the persistenceManagerAjax.php script.

tags | exploit, web, arbitrary, shell, php
SHA-256 | 94b9c452c40fa97359bd14766458b08e7dbabab381af5bfc9f983be77b4e1601
Helper 0.1
Posted Oct 21, 2024
Authored by Emiliano Febbi | Site nullsite.altervista.org

Helper is an enumerator written in PHP that helps identify directories on webservers that could be targets for things like cross site scripting, local file inclusion, remote shell upload, and remote SQL injection vulnerabilities.

tags | tool, remote, shell, local, scanner, php, vulnerability, xss, sql injection, file inclusion
systems | unix
SHA-256 | d393a8fbc83a7853129734872e32346a0060fce6cc2859479ba80540d7ca06af
ABB Cylon Aspect 3.08.01 databaseFileDelete.php Command Injection
Posted Oct 18, 2024
Authored by LiquidWorm | Site zeroscience.mk

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the file HTTP POST parameter called by the databaseFileDelete.php script.

tags | exploit, web, arbitrary, shell, php
SHA-256 | cb2141122e64c71654606a390db65e7c398f5ec9a8b5883f4b4d4e29437c9eac
SofaWiki 3.9.2 Shell Upload
Posted Oct 17, 2024
Authored by Chokri Hammedi

SofaWiki version 3.9.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | c48a64660d81765425afab3efa1b001a89e8396b5af5e3e6f44922da04352042
ABB Cylon Aspect 3.08.00 sslCertAjax.php Remote Command Execution
Posted Oct 15, 2024
Authored by LiquidWorm | Site zeroscience.mk

ABB Cylon Aspect version 3.08.00 suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the country, state, locality, organization, and hostname HTTP POST parameters called by the sslCertAjax.php script.

tags | exploit, web, arbitrary, shell, php
SHA-256 | c9e65d912e7544e112d86ab5bdaf919b72100eb3203885121a442e427d5ebd32
ABB Cylon Aspect 3.08.00 yumSettings.php Command Injection
Posted Oct 14, 2024
Authored by LiquidWorm | Site zeroscience.mk

ABB Cylon Aspect version 3.08.00 suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the PROXY HTTP POST parameter called by the yumSettings.php script.

tags | exploit, web, arbitrary, shell, php
SHA-256 | 745fecf29b9b2473e58492b59fb0c9e867cdd58cc5a3ecbb448313aaa681f34e
Vivo Fibra Askey RTF8225VW Command Execution
Posted Oct 14, 2024
Authored by takashi

The Vivo Fibra Askey RTF8225VW modem suffers from an input validation vulnerability that allows for full escalation to a functioning shell once logged in and using the restricted aspsh shell.

tags | exploit, shell
SHA-256 | edf855b06c71dfe99f294649be53aad56d922600786e0dd75e802740e673d599
WordPress File Manager Advanced Shortcode 2.3.2 Code Injectin / Shell Upload
Posted Oct 14, 2024
Authored by indoushka

WordPress File Manager Advanced Shortcode plugin version 2.3.2 suffers from a code injection vulnerability that allows for remote shell upload.

tags | exploit, remote, shell
SHA-256 | c3c91c881eefe624d3d7dfab709897221d26c0579d2ee6152e7b82b5bc372b7c
ABB Cylon Aspect 3.08.00 dialupSwitch.php Remote Code Execution
Posted Oct 11, 2024
Authored by LiquidWorm | Site zeroscience.mk

ABB Cylon Aspect version 3.08.00 suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the MODEM HTTP POST parameter called by the dialupSwitch.php script.

tags | exploit, web, arbitrary, shell, php
SHA-256 | a4086eec7a5ee5c9db9cd5f10469f947a7061c1d4d1d322d7820c84737b04b5e
Artica Proxy 4.40 Code Injection
Posted Oct 11, 2024
Authored by indoushka

Artica Proxy version 4.40 suffers from a code injection vulnerability that provides a reverse shell.

tags | exploit, shell
SHA-256 | c1517d7efd5b58efb0947f3e574c94e4dff36e9127ec54ebd5658e96d60b3efb
ABB Cylon Aspect 3.08.00 syslogSwitch.php Remote Code Execution
Posted Oct 7, 2024
Authored by LiquidWorm | Site zeroscience.mk

ABB Cylon Aspect versions 3.08.00 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the SYSLOG HTTP POST parameter called by the syslogSwitch.php script.

tags | exploit, web, arbitrary, shell, php
SHA-256 | bd108fa7ce900744b1676f5426423c1034cfcf86df1a6c72f006197b3c7c4616
ABB Cylon Aspect 3.08.01 caldavUtil.php Remote Code Execution
Posted Oct 7, 2024
Authored by LiquidWorm | Site zeroscience.mk

ABB Cylon Aspect versions 3.08.01 and below suffer from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the Footer HTTP POST parameter called by the caldavUtil.php script.

tags | exploit, web, arbitrary, shell, php
SHA-256 | 8a578a88dc628bdf9030f24dfeb5efed5a2916122d7b2c6617ee5215c5c7a0d4
ABB Cylon Aspect 3.08.00 setTimeServer.php Remote Code Execution
Posted Oct 7, 2024
Authored by LiquidWorm | Site zeroscience.mk

ABB Cylon Aspect versions 3.08.00 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the timeserver HTTP POST parameter called by the setTimeServer.php script.

tags | exploit, web, arbitrary, shell, php
SHA-256 | 7a951ff7fa25dce192577e79009a2ecc161d07c5d3e93a4698034aee54606ea7
MD-Pro 1.0.76 Shell Upload / SQL Injection
Posted Oct 4, 2024
Authored by Emiliano Febbi

MD-Pro version 1.0.76 suffers from remote SQL injection and shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | b641856919de4d5b0a61bc35a8e30fb6042f78f529af33b52af81ec5d5f73c4e
Page 1 of 134
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close