Lucene search
MitreCVELIST:CVE-2019-19609HistoryDec 05, 2019 - 7:44 p.m.
CVE-2019-19609
2019-12-0519:44:28
mitre
www.cve.org
The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.
Related
githubexploit
githubexploit
Exploit for OS Command Injection in Strapi
2021-08-30 03:05:16
Exploit for OS Command Injection in Strapi
2021-08-29 16:18:27
Exploit for OS Command Injection in Strapi
2021-08-29 17:57:08
checkpoint_advisories
checkpoint_advisories
Strapi Remote Code Execution (CVE-2019-19609)
2021-10-10 00:00:00
prion
prion
Remote code execution
2019-12-05 20:15:00
packetstorm
packetstorm
Strapi 3.0.0-beta.17.7 Remote Code Execution
2021-08-30 00:00:00
Strapi CMS 3.0.0-beta.17.4 Remote Code Execution
2021-08-30 00:00:00
veracode
veracode
OS Command Injection
2019-12-04 01:08:21
github
github
OS Command Injection in Strapi
2021-12-10 17:22:12
nvd
nvd
CVE-2019-19609
2019-12-05 20:15:10
osv
osv
OS Command Injection in Strapi
2021-12-10 17:22:12
CVE-2019-19609
2019-12-05 20:15:10
cve
cve
CVE-2019-19609
2019-12-05 20:15:10
zdt
zdt
Strapi 3.0.0-beta.17.7 - Remote Code Execution (Authenticated) Exploit
2021-08-30 00:00:00
Strapi CMS 3.0.0-beta.17.4 - Remote Code Execution (Unauthenticated) Exploit
2021-08-30 00:00:00
exploitdb
exploitdb
Strapi 3.0.0-beta.17.7 - Remote Code Execution (RCE) (Authenticated)
2021-08-30 00:00:00
Strapi CMS 3.0.0-beta.17.4 - Remote Code Execution (RCE) (Unauthenticated)
2021-08-30 00:00:00