67 matches found
Exploit for SQL Injection in Agentejo Cockpit
Synthetic Test Case: CVE-2020-35846 CWE: CWE-89 Origi...
EUVD-2018-7416
Malware in sbrugna...
EUVD-2020-6547
Malware in sbrugna...
EUVD-2018-7415
Malware in sbrugna...
EUVD-2018-7414
Malware in sbrugna...
EUVD-2024-1810
Malicious code in bioql PyPI...
CVE-2020-35847
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function...
CVE-2020-35846
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function...
CVE-2020-14408
An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector...
CVE-2020-35848
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function...
Cockpit CMS contains an arbitrary file upload vulenrability
A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure...
CVE-2024-4825
A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure...
CVE-2024-4825
A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure...
Agentejo Cockpit 代码问题漏洞
Agentejo Cockpit is a management system for managing structured content on websites from Agentejo, Germany. A code issue exists in Agentejo Cockpit CMS version v0.5.5, which originates from an unlimited file upload from /media/api...
CVE-2024-4825
Summary: CVE-2024-4825 affects Agentejo Cockpit CMS v0.5.5. A flaw in the POST /media/api endpoint allows arbitrary file uploads, enabling an attacker to store files on the server and potentially compromise the entire infrastructure. The issue is consistently described across multiple sources (Ve...
PT-2024-33056 · Agentejo · Agentejo Cockpit Cms
Name of the Vulnerable Software and Affected Versions: Agentejo Cockpit CMS version 0.5.5 Description: A vulnerability has been discovered that consists of an arbitrary file upload in the /media/api endpoint via a post request. An attacker could upload files to the server, compromising the entire...
Agentejo Cockpit NoSQL Injection (CVE-2020-35846)
A NoSQL Injection vulnerability exists in Agentejo Cockpit. Successful exploitation of this vulnerability could allow attackers to inject commands and execute arbitrary code on the affected system...
Exploit for SQL Injection in Agentejo Cockpit
Cockpit CMS NoSQL Injection to Remote Code Execution : CVE-202...
Exploit for SQL Injection in Agentejo Cockpit
CVE-2020-35846 - Leak Cockpit Usernames PoC John Hammond...
CVE-2020-35850
An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: this is unrelated to the Agentejo Cockpit product. NOTE: the vendor states "I don't think it is a big real-life issue...