12 matches found
elFinder <= 2.1.31 XSS Vulnerability
elFinder is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:std42:elfinder";...
CVE-2019-25066
A vulnerability has been found in ajenti 2.1.31 and classified as critical. This vulnerability affects unknown code of the component API. The manipulation leads to privilege escalation. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading t...
CVE-2019-25066
A vulnerability has been found in ajenti 2.1.31 and classified as critical. This vulnerability affects unknown code of the component API. The manipulation leads to privilege escalation. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading t...
Code injection
A vulnerability has been found in ajenti 2.1.31 and classified as critical. This vulnerability affects unknown code of the component API. The manipulation leads to privilege escalation. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading t...
ajenti 操作系统命令注入漏洞
ajenti is a Linux and BSD modular server management panel from ajenti open source. A security vulnerability exists in ajenti version 2.1.31, which stems from a problem with the component API. An attacker can exploit the vulnerability to achieve privilege escalation...
Studio 42 elFinder 跨站脚本漏洞
Studio 42 elFinder is an open source web file manager that uses jQuery and jQuery UI and is written in JavaScript. A cross-site scripting vulnerability exists in Studio 42 elFinder that stems from the product's failure to securely handle SVG document data. The vulnerability can be exploited to...
mailman: arbitrary content injection via the options login page
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection...
CVE-2020-12108
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection...
CVE-2020-12108
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection...
Ajenti 2.1.31 Command Injection Exploit
This Metasploit module exploits a command injection in Ajenti version 2.1.31. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned. This module requires Metasploit: https://metasploit.com/download Current source:...
Ajenti 2.1.31 Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ajenti auth username Command Injection', 'Description' = %q This module exploits a command injection in Ajenti == 2.1.31. By injecting a command...
Ajenti 2.1.31 - Remote Code Execution Exploit
Exploit for python platform in category web applications Title: Ajenti 2.1.31 - Remote Code Execution Author: Jeremy Brown Software Link: https://github.com/ajenti/ajenti CVE: N/A Tested on: Ubuntu Linux !/usr/bin/python ajentix.py Ajenti Remote Command Execution Exploit ------- Details -------...