8703 matches found
Spreecommerce < 0.50.0 Arbitrary Command Execution
No description provided by source. $Id: spreesearchlogicexec.rb 12397 2011-04-21 19:38:42Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
TWiki Search Function Arbitrary Command Execution
No description provided by source. $Id: twikisearch.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Matt Wright guestbook.pl Arbitrary Command Execution
No description provided by source. $Id: guestbookssiexec.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
IkonBoard 3.1 Lang Cookie Arbitrary Command Execution Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data. An attacker may exploit...
WordPress 2.1.1 wp-includes/feed.php ix Variable Arbitrary Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/22797/info An attacker compromised the source code for Wordpress 2.1.1 and altered it to include a malicious backdoor. This backdoor introduces a code-execution vulnerability that will let remote users inject PHP code or...
BSD/OS 2.1,FreeBSD <= 2.1.5,NeXTstep 4.x,IRIX <= 6.4,SunOS 4.1.3/4.1.4 lpr Buffer Overrun(2)
No description provided by source. source: http://www.securityfocus.com/bid/707/info Due to insufficient bounds checking on arguments in this case -C which are supplied by users, it is possible to overwrite the internal stack space of the lpr program while it is executing. This can allow an...
Halloween Linux 4.0,RedHat Linux 6.1/6.2 imwheel Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string...
Lunar CMS 3.3 Unauthenticated Remote Command Execution Exploit
No description provided by source. ?!/usr/bin/env python Lunar CMS 3.3 Unauthenticated Remote Command Execution Exploit Vendor: Lunar CMS Product web page: http://www.lunarcms.com Affected version: 3.3 Summary: Lunar CMS is a freely distributable open source content management system written for...
WordPress 2.1.1 wp-includes/theme.php iz Variable Arbitrary Command Execution
No description provided by source...
GFax 0.7.6 Temporary Files Local Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24780/info GFAX is prone to a vulnerability that lets local attackers execute arbitrary commands with superuser privileges. Successful attacks will result in the complete compromise of affected computers. GFAX 0.7.6 is...
PHPX 3.x admin/page.php CSRF Arbitrary Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properly validate access to administrative command...
PHPX 3.x admin/news.php CSRF Arbitrary Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properly validate access to administrative command...
PHPX 3.x admin/user.php CSRF Arbitrary Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properly validate access to administrative command...
Microsoft Internet Explorer 5 ShowHelp Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6780/info Microsoft Internet Explorer implements the showHelp function as a means of displaying help content contained in HTML pages. However, this function is capable of performing too many other actions outside of its...
PALS Library System WebPALS 1.0 pals-cgi Arbitrary Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/2372/info A specially crafted URL composed of a known filename, will disclose the requested file residing on a machine running WebPALS. This vulnerability will also allow an attacker to execute arbitrary code with root...
PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
PineApp Mail-SeCure livelog.html Arbitrary Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
SkyBlueCanvas CMS - Remote Code Execution
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def...
Adobe Acrobat Reader (UNIX) 5.0 6,Xpdf 0.9x Hyperlinks Arbitrary Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled within the viewer. Allegedly, by placing a specially...
YaBB 9.11.2000 search.pl Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1921/info YaBB Yet Another Bulletin Board is a popular perl-based bulletin board scripting package. search. pl, one of several perl scripts which comprise YaBB, fails to properly validate user input which arguments a call...