📄 Barracuda ESG Spreadsheet::ParseExcel Arbitrary Code Execution

This Metasploit module exploits CVE-2023-7102, an arbitrary code execution vulnerability in Barracuda Email Security Gateway ESG appliances. The vulnerability exists in how the Amavis scanner processes Excel attachments using the Perl Spreadsheet::ParseExcel library. The librarys Utility.pm...

Barracuda ESG Spreadsheet::ParseExcel Arbitrary Code Execution

This module exploits CVE-2023-7102, an arbitrary code execution vulnerability in Barracuda Email Security Gateway ESG appliances. The vulnerability exists in how the Amavis scanner processes Excel attachments using the Perl Spreadsheet::ParseExcel library. The library's Utility.pm contains an...

Linux Distros Unpatched Vulnerability : CVE-2016-7102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ownCloud Desktop before 2.2.3 allows local users to execute arbitrary code and possibly gain privileges via a Trojan library in a special path in the C: drive...

MAL-2025-7102 Malicious code in @avocado-team/app-center-app-widget (npm)

The package @avocado-team/app-center-app-widget was found to contain malicious code...

CVE-2025-7102

creationtimestamp| type| source ---|---|--- 2025-07-07 01:28:22+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114809353116365272 2025-07-07 04:40:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ltdxsjrzye2m...

CVE-2025-7102

A vulnerability was found in BoyunCMS up to 1.4.20. It has been declared as critical. This vulnerability affects unknown code of the file application/update/controller/Server.php. The manipulation of the argument phone leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2024-7102

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances...

CVE-2024-7102

creationtimestamp| type| source ---|---|--- 2025-02-13 01:16:05+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhzjaojbha2x 2025-02-13 02:48:41+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113994296216432932 2025-02-13 04:25:08+00:00| seen|...

CVE-2024-7102

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances...

CVE-2024-7102 Execution with Unnecessary Privileges in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances...

CVE-2024-7102

GitLab CVE-2024-7102 affects GitLab CE/EE versions 16.4 through before 17.5.0, allowing an attacker to trigger a pipeline as another user under certain circumstances. Multiple sources (NVD, Red Hat, Debian, OSV, etc.) corroborate the issue but do not publicly detail the root cause or exploit step...

CVE-2024-7102 Execution with Unnecessary Privileges in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances...

Ubuntu: Security Advisory (USN-7102-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious code in wlwz-2312-7102 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b15bdaa43b2678a8a94b04e02d9d2e83c9f5100d90178b3a084fad303ab4609 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-811 Malicious code in wlwz-2312-7102 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b15bdaa43b2678a8a94b04e02d9d2e83c9f5100d90178b3a084fad303ab4609 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-7102

creationtimestamp| type| source ---|---|--- 2023-12-24 23:26:31+00:00| seen| https://t.me/ctinow/159098 2023-12-26 14:20:06+00:00| exploited| https://t.me/truesecator/5247 2023-12-27 09:35:19+00:00| seen| MISP/3eeca3ec-69cf-4e93-9283-db148ac21b9b 2023-12-27 12:16:39+00:00| exploited|...

CVE-2023-7102

Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic...

CVE-2023-7102

CVE-2023-7102 is a Barracuda ESG Appliance vulnerability caused by a vulnerable third-party library that allowed parameter injection. Affected versions span 5.1.3.001–9.2.1.001; Barracuda removed the vulnerable logic to fix the issue. No explicit exploitation details are provided in the available...

CVE-2023-7102 Remote Code Execution (RCE) Vulnerability

Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic...

CVE-2019-7102

creationtimestamp| type| source ---|---|--- 2019-05-23 17:48:22+00:00| seen| https://t.me/cvemitreorg/221...