adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dfe73bb4c52640d1cb2a08620ccf8f94a053acbf
metasploit-gs/documentation/modules/exploit
T
History
Valentin Lobstein dfe73bb4c5 Add exploit for AVideo Encoder getImage.php command injection (CVE-2026-29058) 
Unauthenticated OS command injection via the base64Url parameter in
getImage.php. The URL is interpolated into an ffmpeg shell command
without escapeshellarg(), and FILTER_VALIDATE_URL does not block
shell metacharacters in the URL path.
2026-03-06 21:30:12 +01:00
..
aix/local
replace bold options with h3
2025-11-07 15:42:23 -05:00
android
replace bold options with h3
2025-11-07 15:42:23 -05:00
apple_ios/browser
Updates msf5 as well
2025-07-17 11:51:29 +01:00
bsd/finger
Updates msf5 as well
2025-07-17 11:51:29 +01:00
freebsd
Improvements from PR
2025-12-22 05:34:40 -05:00
linux
Add exploit for AVideo Encoder getImage.php command injection (CVE-2026-29058)
2026-03-06 21:30:12 +01:00
mainframe/ftp
spelling fixes on docs
2023-10-10 14:46:18 -04:00
multi
Fix: Bootstrap cycle tables and update lab documentation
2026-02-27 14:33:04 +01:00
openbsd/local
replace bold options with h3
2025-11-07 15:42:23 -05:00
osx
remove 4 space indents in options
2025-11-07 15:42:27 -05:00
qnx/local
replace bold options with h3
2025-11-07 15:42:23 -05:00
solaris
replace bold options with h3
2025-11-07 15:42:23 -05:00
unix
Merge pull request #20857 from msutovsky-r7/exploit/freepbx/sql_to_rce_chain
2026-01-28 20:03:17 -08:00
windows
Land #20841, adds persistence module for Windows feature active setup
2026-02-20 10:46:45 +01:00