HP ThinPro Linux Arbitrary Code Execution Vulnerability

HP ThinPro Linux is an operating system for HP thin clients from Hewlett-Packard HP in the United States. A security vulnerability exists in HP ThinPro Linux that stems from the Citrix Receiver wrapper function not securely handling user-submitted input. An attacker could exploit the vulnerabilit...

Command Execution Vulnerability in EyouCMS v1.4.1

EyouCms is based on TP5.0 framework for the core development of free + open source enterprise content management system , focusing on enterprise station user needs . EyouCMS v1.4.1 there is a command execution vulnerability , attackers can exploit the vulnerability to execute any system command t...

Cisco DNA Spaces:Connector Privilege Permission and Access Control Issues Vulnerability

Cisco DNA Spaces is a set of indoor location services platform from Cisco.Cisco DNA Spaces:Connector is one of the connectors used to support the communication of Cisco wireless controllers. A Privilege Permission and Access Control Error vulnerability exists in versions prior to Cisco DNA Spaces...

Command Execution Vulnerability in LJCMSSHOP

Beijing Liangjing Zhicheng Technology Co., Ltd. is a company engaged in enterprise website construction, enterprise application development, web design, web hosting, UI design and other services. A command execution vulnerability exists in LJCMSSHOP, which can be exploited by an attacker to gain...

Command Execution Vulnerability in LeShang Mall v2.4.2

Good user experience, good stability, scalability and security, can provide mall construction solutions for small and medium-sized sites. LeShang Mall v2.4.2 there are code execution vulnerabilities , attackers can use this vulnerability to obtain server privileges...

Command Execution Vulnerability in LJCMS

LJCMS using PHP + Mysql architecture, is a very SEO-friendly, full-featured, safe and stable, support for multi-terminal display and extremely simple to use enterprise station-building system. LJCMS command execution vulnerabilities, attackers can use the vulnerability to obtain server system...

Command Execution Vulnerability in Apache Flink Web Dashboard

Apache Flink is another emerging framework in the Big Data space. It is the use of streaming processing to simulate batch processing , and therefore can provide sub-second , consistent with Exactly-once semantics of real-time processing capabilities . A command execution vulnerability exists in...

Multiple D-Link Products Trust Management Issue Vulnerabilities

The D-Link DIR-600 B1, among others, is a wireless router from AUO D-Link of Taiwan, China. A trust management issue vulnerability exists in multiple D-Link products, which originates from a program with a hard-coded account that can be exploited by an attacker to obtain a remote /bin/sh shell an...

POC-T

This is a Python-based penetration testing framework called POC-T. It is designed to facilitate concurrent testing and provides a variety of features for vulnerability scanning and exploitation. The framework includes a range of built-in scripts for testing various vulnerabilities, including SQL...

Command Execution Vulnerability in MyuCMS v2.1.1020

MyuCMS is a content management system developed using ThinkPHP. A command execution vulnerability exists in MyuCMS v2.1.1020, which can be exploited by an attacker to gain control of a web server...

PT-2019-13873 · Mitsubishi · Me-Rtu

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Europe B.V. ME-RTU devices versions 2.02 and earlier INEA ME-RTU devices versions 3.0 and earlier Description: An unauthenticated remote OS Command Injection issue allows an attacker to execute arbitrary commands on the RT...

Command Execution Vulnerability in Deepsix Remote Copy Tool

DeepSign Technology Co., Ltd. is a product and service provider specializing in enterprise-level security, cloud computing and IT infrastructure. A command execution vulnerability exists in the DeepService Remote Copy Tool, which can be exploited by an attacker to gain server privileges...

Command Execution Vulnerability in Coppermine

Coppermine Photo Gallery is a WEB-based graphics gallery management program. Coppermine suffers from a command execution vulnerability that can be exploited by an attacker to execute system commands...

Chunghwa Telecom HiNet GPON Arbitrary File Read Vulnerability (CNVD-2019-38472)

Chunghwa Telecom HiNet GPON is an optical modem from Chunghwa Telecom in Taiwan, China. A security vulnerability exists in the Chunghwa Telecom HiNet GPON using firmware prior to I040GWR190731. The vulnerability can be exploited by an attacker to execute commands and read arbitrary files via a...

CVE-2019-15275

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint CE Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by...

Sophos Cyberoam firewall appliance shell injection vulnerability

Sophos Cyberoam firewall appliance is a firewall appliance from Sophos UK.CyberoamOS is the set of operating systems that run on it. A security vulnerability exists in the Sophos Cyberoam firewall appliance running CyberoamOS versions prior to 10.6.6 MR-6. The vulnerability can be exploited by an...

Cisco Firepower Management Center SQL Injection Vulnerability (CNVD-2019-34738)

Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. A SQL injection vulnerability exists in the web-based management interface in Cisco FMC, which results from the program failing to properly validate input. A remote attacker could exploit...

Cisco Firepower Management Center SQL Injection Vulnerability (CNVD-2019-34732)

Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. A SQL injection vulnerability exists in the web-based management interface in Cisco FMC, which stems from the program's failure to properly validate input. A remote attacker could exploit...

pfSense Cross-Site Request Forgery Vulnerability (CNVD-2019-43356)

pfsense is an open source routing and firewall software , based on freebsd system customization and development . pfSense 2.4.4-p3 in diagcommand.php cross-site request forgery vulnerability. An attacker can exploit this vulnerability to execute OS commands via the txtCommand or txtRecallBuffer...

CVE-2019-12650

Multiple vulnerabilities in the web-based user interface Web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory...