CVE-2025-15442

A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/productlist. This manipulation of the argument cateid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-15442

creationtimestamp| type| source ---|---|--- 2026-01-04 12:44:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mblxb2loph2o...

CVE-2025-15442

A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/productlist. This manipulation of the argument cateid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-15442 CRMEB product_list sql injection

A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/productlist. This manipulation of the argument cateid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...

WebEx Remote Command Execution Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebEx Remote Command Execution Utility', 'Description' = %q This module enables the execution of a single command as System by exploiting a remot...

CVE-2019-15442

creationtimestamp| type| source ---|---|--- 2024-02-20 10:21:52+00:00| seen| https://t.me/ctinow/188289...

CVE-2020-15442

...

CVE-2020-15442

CVE-2020-15442 entry is rejected/not used and does not represent an active vulnerability.

CVE-2019-15442

The Samsung on7xelteskt Android device with a build fingerprint of samsung/on7xelteskt/on7xelteskt:8.1.0/M1AJQ/G610SKSU2CSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app versionCode=7000100, versionName=7.0.1.0 that allows other...

CVE-2019-15442

CVE-2019-15442 affects Samsung on7xelteskt devices running Android 8.1.0. The issue stems from a pre-installed app, com.samsung.android.themecenter (version 7.0.1.0), which exposes an accessible component allowing other pre-installed apps to initiate app installations. This capability can be leve...

Cisco Webex Meetings Desktop App Update Service Command Injection (CVE-2018-15442)

A command injection vulnerability exists in Cisco Webex Meetings Desktop App. A remote authenticated attacker could exploit this vulnerability by invoking the update service command with a crafted argument. Successful exploitation results execution of arbitrary code in the security context of the...

Cisco WebEx Meetings Privilege Escalation

SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ Cisco WebEx Meetings Elevation of Privilege Vulnerability 1. Advisory Information Title: Cisco WebEx Meetings Elevation of Privilege Vulnerability Advisory ID: CORE-2018-0011 Advisory URL:...

WebExec Authenticated User Code Execution Exploit

This Metasploit module uses a valid username and password of any level or password hash to execute an arbitrary payload. This Metasploit module is similar to the "psexec" module, except allows any non-guest account by default. This module requires Metasploit: https://metasploit.com/download Curre...

WebEx Local Service Permissions Code Execution Exploit

This Metasploit module exploits a flaw in the 'webexservice' Windows service, which runs as SYSTEM, can be used to run arbitrary commands locally, and can be started by limited users in default installations. This module requires Metasploit: https://metasploit.com/download Current source:...

WebEx - Local Service Permissions Exploit (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebEx Local Service Permissions Exploit', 'Description' = %q This module exploits a flaw in the 'webexservice' Windows service, which runs as...

CVE-2018-15442

creationtimestamp| type| source ---|---|--- 2018-10-24 21:28:47+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/webexec.rb 2018-10-24 21:28:47+00:00| seen|...

CVE-2018-15442

CVE-2018-15442 concerns Cisco Webex Meetings Desktop App on Windows. The issue is a command-injection in the Update Service (WebExService) caused by insufficient validation of user-supplied parameters. An authenticated, local attacker could invoke the update command with a crafted argument and ex...

smb-vuln-webexec NSE Script

A critical remote code execution vulnerability exists in WebExService WebExec. See also: smb-webexec-exploit.nse Script Arguments smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername See the documentation for the smbauth library. randomseed, smbbasic, smbport, smbsign See the...

WebExec Authenticated User Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Windows XP systems that are not part of a domain default to treating all network logons as if they were Guest. This prevents SMB relay attacks from gaining administrativ...

WebEx Local Service Permissions Exploit

This module exploits a flaw in the 'webexservice' Windows service, which runs as SYSTEM, can be used to run arbitrary commands locally, and can be started by limited users in default installations. This module requires Metasploit: https://metasploit.com/download Current source:...