47 matches found
CVE-2018-20908
cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling SEC-435...
HPE Intelligent Management Center (IMC) customTemplateSelect Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A customTemplateSelect expression language injection remote code execution vulnerability exists in HPE...
Security update for python-Django (moderate)
This update for python-Django to version 2.08 fixes the following issues: The following security vulnerability was fixed: - CVE-2018-14574: Fixed an redirection vulnerability in CommonMiddleware boo1102680 The following other bugs were fixed: - Fixed a regression in Django 2.0.7 that broke the...
openSUSE Security Update : python-Django (openSUSE-2018-914)
This update for python-Django to version 2.08 fixes the following issues : The following security vulnerability was fixed : - CVE-2018-14574: Fixed an redirection vulnerability in CommonMiddleware boo1102680 The following other bugs were fixed : - Fixed a regression in Django 2.0.7 that broke the...
The vulnerability of the customTemplateSelect.xhtml component in the HPE Intelligent Management Center PLAT software platform allows a perpetrator to execute arbitrary code.
The vulnerability of the customTemplateSelect.xhtml component in the HPE Intelligent Management Center PLAT software platform is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using the beanName parameter...
McAfee SaaS MyCioScan ShowReport Remote Command Execution
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...
discuz! 7.0 and below the version background get webshell-vulnerability warning-the black bar safety net
Don't need the founder, you'll need administrator. http://www.fuck.com/admincp.php?action=styles&operation=edit&id=1&adv=1 In the following there is a“custom template variables”, the variable in the fill: PHP code 1. OLDJUN', '9 9 9';eval$POSTcmd;// Replace the contents of whatever the input: 1 1...