Lucene search
MitreCVELIST:CVE-2019-19609HistoryDec 05, 2019 - 7:44 p.m.
CVE-2019-19609
2019-12-0519:44:28
mitre
www.cve.org
The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.
Related
packetstorm
packetstorm
Strapi 3.0.0-beta.17.7 Remote Code Execution
2021-08-30 00:00:00
Strapi CMS 3.0.0-beta.17.4 Remote Code Execution
2021-08-30 00:00:00
githubexploit
githubexploit
Exploit for OS Command Injection in Strapi
2021-08-29 16:18:27
Exploit for OS Command Injection in Strapi
2021-08-30 03:05:16
Exploit for OS Command Injection in Strapi
2021-08-29 17:57:08
prion
prion
Remote code execution
2019-12-05 20:15:00
checkpoint_advisories
checkpoint_advisories
Strapi Remote Code Execution (CVE-2019-19609)
2021-10-10 00:00:00
veracode
veracode
OS Command Injection
2019-12-04 01:08:21
nvd
nvd
CVE-2019-19609
2019-12-05 20:15:10
github
github
OS Command Injection in Strapi
2021-12-10 17:22:12
osv
osv
CVE-2019-19609
2019-12-05 20:15:10
OS Command Injection in Strapi
2021-12-10 17:22:12
zdt
zdt
Strapi 3.0.0-beta.17.7 - Remote Code Execution (Authenticated) Exploit
2021-08-30 00:00:00
Strapi CMS 3.0.0-beta.17.4 - Remote Code Execution (Unauthenticated) Exploit
2021-08-30 00:00:00
cve
cve
CVE-2019-19609
2019-12-05 20:15:10
exploitdb
exploitdb
Strapi 3.0.0-beta.17.7 - Remote Code Execution (RCE) (Authenticated)
2021-08-30 00:00:00
Strapi CMS 3.0.0-beta.17.4 - Remote Code Execution (RCE) (Unauthenticated)
2021-08-30 00:00:00