Microsoft Edge JavaScript eval Function Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge and Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

foreman: Missing input validation in Smart Proxy allows RCE via TFTP file variant parameter

It was found that the “variant” parameter in the TFTP API of Foreman was passed to the eval function. An attacker could possibly use this flaw to execute arbitrary code with the privileges of the Foreman user...

PHP gettext 1.0.12 Code Execution

CVE-2016-6175 gettext.php | @kmkzsecurity Project Homepage: https://launchpad.net/php-gettext/ Download: https://launchpad.net/php-gettext/trunk/1.0.12/+download/php-gettext-1.0.12.tar.gz Version: 1.0.12 latest release Tested on: Linux Debian, PHP 5.6.19-2+b1 CVSS: 7.1 OVE ID: OVE-20160705-0004 C...

PHP Utility Belt remote code execution vulnerability verification and analysis-vulnerability warning-the black bar safety net

! PHP Utility Belt is a tool for PHP application developers use a set of tools that can be used to test regular expressions and observed with pregmatch and pregmatchall function to match the observed pregreplate the result of the function; contains two words, two numbers with a capital letter and...

phpcms front Desk arbitrary code execution php must be less than 5. 3-the vulnerabilities and early warning-the black bar safety net

phpcms v9 string2arrayfunction using the eval function,in more than one place may cause code execution vulnerability /phpssoserver/phpcms/libs/functions/global.func.php | 1 2 3 4 5 6 7 8 9 1 0 1 1 | / Converts a string to an array @param string $data the string @return array returns the array...

MongoDB management tool exposure remote code execution vulnerability-vulnerability warning-the black bar safety net

MongoDB, the IT sector mainstream non-relational database NoSQL platform is one that is based on a table of a relational database of the popular alternatives. Recently, the management for MongoDB is a GUI tool phpMoAdmin is the storm has a very serious security vulnerability, once exploited, this...

PHPMyWind 5.1 /include/common.func.php 代码执行漏洞

/include/common.func.php/字符串转数组/ if!functionexists'String2Array' function String2Array$data if$data == '' return array; @eval"$array = $data;"; return $array; $data变量进入eval执行，当传入$data为：111|222$phpinfo执行的PHP语句为：@eval"$array = array"1"="111|222$phpinfo","2"="";;"页面返回：...

Php-Stats 0.1.9.2 - Multiple Vulnerabilities Exploit

No description provided by source. ?php / Php-Stats 0.1.9.2 Multiple Vulnerabilities Exploit Blind SQL Injection / Remote Code Execution P.o.C. author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://php-stats.com/downloads details..: works with magicquotesruntime = off 1 Blind SQL...

Wordpress Plugin Is-human <= 1.4.2- Remote Command Execution Vulnerability

No description provided by source. Exploit Title: is-human 1.4.2 and prior Worpdress plugin. Date: 16.05.2011 Author: neworder www.neworder-ind.net Software Link: http://wordpress.org/extend/plugins/is-human/ Version: 1.4.2 Tested on: Linux Platform The vulnerability exists in /is-human/engine.ph...

ig shop 1.0 (eval/SQL Injection) Multiple Vulnerabilities

No description provided by source. If eval is the answer, then you are asking the wrong question. --Unknowen ig-shop suffers from two eval's that can be controlled by an attacker: http://127.0.0.1/igshop/cart.php?action=;phpinfo;// ./cart.php line 692: eval cart$action;;...

NETGEAR ReadyNAS Perl Code Evaluation

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'NETGEAR ReadyNAS Perl Code Evaluation', 'Description' = %q This module exploits a Perl code injection on NETGEAR ReadyNAS 4.2.23 and...

Amazon Linux AMI : perl (ALAS-2011-19)

A heap-based buffer overflow flaw was found in the way Perl decoded Unicode strings. An attacker could create a malicious Unicode string that, when decoded by a Perl program, would cause the program to crash or, potentially, execute arbitrary code with the permissions of the user running the...

eval

This plugin finds eval input injection vulnerabilities. These vulnerabilities are found in web applications, when the developer passes user controled data to the eval function. To check for vulnerabilities of this kind, the plugin sends an echo function with two randomized strings as a parameters...

akcms code execution vulnerability-vulnerability warning-the black bar safety net

Last week digging out of the akcms background stencil getshell feeling nothing new, and then carefully looked at the code, found a comparison with“the future”of the hole, the code execution vulnerability, and the problem function is that the authors provided to the station user for secondary...

Slackware: Security Advisory (SSA:2005-251-04)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Eaton Network Shutdown Module view_list.php paneStatusListSortBy Parameter eval() Call Remote PHP Code Execution

The version of the Eaton Network Shutdown Module hosted on the remote web server does not sanitize user input to the 'paneStatusListSortBy' parameter of the 'viewlist.php' script before using it as part of a command to be executed via PHP's 'eval' function. An unauthenticated, remote attacker can...

MySQLDumper 1.24.4 - &#039;menu.php&#039; PHP Remote Code Execution

source: https://www.securityfocus.com/bid/53310/info MySQLDumper is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary PHP code within the context of the...

glibc: insufficient quoting in the locale command output

locale/programs/locale.c in locale in the GNU C Library aka glibc or libc6 before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function...

PHP168 arbitrary code execution GET SHELL vulnerability-vulnerability warning-the black bar safety net

Vulnerability description: PHP168 whole Station is the PHP field of the current most powerful build system, The code is all open source, can be extremely convenient for secondary development, all modules can be freely installed and removed, the individual user is completely free to use. PHP168 V6...

PHP168 V6. 0 2 vulnerability-vulnerability warning-the black bar safety net

PHP168 V6. 0 2 vulnerability 0day details Brief description: PHP168 in some function using the eval function,but an array is not the first test of the,the result can be submitted to arbitrary code execution. Detailed description: ----------------------------- Registration. I don't know Brother,...