Lucene search
K

5 matches found

CNVD
CNVD
added 2019/03/25 12:0 a.m.2 views

Input Validation Vulnerability in Caret

Caret is a software package for plotting classification and regression models. An input validation vulnerability exists in versions of Caret prior to 2019-02-22 that originates from a networked system or product that does not properly validate incoming data. An attacker could exploit the...

9.8CVSS6.9AI score0.03614EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/03/22 7:6 a.m.19 views

CVE-2019-9927

Caret before 2019-02-22 allows Remote Code Execution...

9.7AI score0.03614EPSS
Exploits0References1
CVE0DAY
CVE0DAY
added 2019/03/07 2:6 p.m.282 views

Drupal CVE-2019-6340 Remote Code Execution EXP

Description This Metasploit module exploits a PHP unserialize vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also...

6.8CVSS0.9AI score0.91919EPSS
Exploits22
Packet Storm
Packet Storm
added 2019/03/06 12:0 a.m.75 views

Drupal RESTful Web Services unserialize() Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal RESTful Web Services unserialize RCE', 'Description' = %q This module exploits a PHP unserialize vulnerability in Drupal RESTful Web...

6.8CVSS0.5AI score0.91919EPSS
Exploits22
Metasploit
Metasploit
added 2019/03/05 7:26 p.m.84 views

Drupal RESTful Web Services unserialize() RCE

This module exploits a PHP unserialize vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also vulnerable albeit cached...

8.1CVSS0.3AI score0.91919EPSS
Exploits22
Rows per page
Query Builder