8703 matches found
Webmin /file/show.cgi Remote Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Solaris <= 8.0 - LPD Command Execution
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
IkonBoard 3.1 Lang Cookie Arbitrary Command Execution Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data. An attacker may exploit...
HP Web Jetadmin 7.5.2456 Remote Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9973/info Reportedly HP web Jetadmin is prone to a remote arbitrary command execution vulnerability. This issue is due to a failure of the application to properly validate and sanitize user supplied input. Successful...
JamMail 1.8 Jammail.pl Remote Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13937/info JamMail is prone to a remote arbitrary command execution vulnerability. This vulnerability may allow an attacker to supply arbitrary commands through the 'jammail.pl' script. This can lead to various attacks...
JAVA Web Start Arbitrary command-line injection
No description provided by source. Bye bye my little 0day :, Tavis Ormandy did a great job uncovering a big logic flaw within Java JRE. I discovered that bug and other that affects every browser few weeks ago and I posted the common 0day++ tweet. The method in which Java Web Start support has bee...
Mambo Open Source 4.5.1 (1.0.9) - Function.php Arbitrary Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/11220/info Mambo open source is reportedly affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly validate user-supplied URI parameters. An attacker may...
Veritas NetBackup - Remote Command Execution
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
Cacti graph_view.php Remote Command Execution
No description provided by source. $Id: cactigraphimageexec.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
E-Guest 1.1 Server Side Include Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5129/info E-Guest guest book is a freely available, open source guest book. It is designed for Unix and Linux operating systems. E-Guest does not adequately sanitize user-supplied input in guest book entries. Because of...
Emacs 2.1 - Local Variable Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15375/info Emacs is susceptible to an arbitrary command execution vulnerability with local variables. This issue is due to insufficient sanitization of user-supplied input. By modifying a text file to include local...
Caldera UnixWare 7.1.1 WebTop SCOAdminReg.CGI Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3936/info UnixWare is a commercial Unix implementation distributed originally developed by SCO. It is now maintained and distributed by Caldera. The scoadminreg.cgi program does not properly validate user input when...
Autodesk 3ds Max Application Callbacks Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36634/info Autodesk 3ds Max is prone to a vulnerability that lets attackers execute arbitrary commands in the context of the vulnerable application. This issue affects the following: 3ds Max 6 through 9 3ds Max 2008 throu...
Micro Focus Cobol 4.1 Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2359/info Micro Focus Cobol is a development suite for unix platforms offered by Merant. It is typically licensed on a per-user basis. If Micro Focus Cobol is installed with the 'Apptrack' feature enabled, local users may...
MobileIron Virtual Smartphone Platform Privilege Escalation Exploit
No description provided by source. MobileIron Virtual Smartphone Platform Privilege Escalation Exploit 0day ======================================================================== The MobileIron Virtual Smartphone Platform is the first solution to combine data-driven smartphone and tablet...
Leif M. Wright everythingform.cgi 2.0 Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2101/info An input validation vulnerability exists in Leif M. Wright's everything.cgi, a Perl-based form design tool. The script fails to properly filter shell commands from user-supplied input to the 'config' field. As a...
E-theni Remote Include Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6970/info E-theni may allow inclusion of malicious remote files. This is due to remote users being able to influence the include path of an external file 'paralangue.php' referenced by the 'afflistelangue.php' script. Thi...
CGIScript.NET csMailto Hidden Form Field Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4579/info CGIScript.NET csMailto is a Perl script designed to support multiple mailto: forms. A vulnerability has been reported in some versions of this script. Reportedly, configuration values used by the script are...
AWStats Totals <= 1.14 multisort - Remote Command Execution
No description provided by source. $Id: awstatstotalsmultisort.rb 12715 2011-05-25 10:45:36Z patrickw $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing an...
Novell Identity Manager Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19688/info Novell Identity Manager is prone to an arbitrary command-execution vulnerability. A local attacker can exploit this issue to execute arbitrary commands with superuser privileges. Exploiting this issue allows...