Lucene search
K

9829 matches found

Metasploit
Metasploit
added 2015/05/03 4:9 p.m.40 views

Realtek SDK Miniigd UPnP SOAP Command Execution

Different devices using the Realtek SDK with the miniigd daemon are vulnerable to OS command injection in the UPnP SOAP interface. Since it is a blind OS command injection vulnerability, there is no output for the executed command. This module has been tested successfully on a Trendnet TEW-731BR...

9.8CVSS7.5AI score0.99975EPSS
Exploits6
Kitploit
Kitploit
added 2015/04/04 11:6 p.m.22 views

Commix - Automated All-in-One OS Command Injection and Exploitation Tool

Commix short for command injection exploiter has a simple environment and it can be used, from web developers, penetration testers or even security researchers to test web applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, ...

8.4AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2015/03/14 1:59 a.m.1 views

CVE-2015-2107

HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS commands by leveraging SAP administrative privileges...

6.8CVSS5.7AI score0.0033EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/03/14 1:0 a.m.27 views

CVE-2015-0660

Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which allows local users to execute arbitrary OS commands as root by leveraging vSphere controller administrative privileges, aka Bug ID CSCus61123...

7.2AI score0.00352EPSS
Exploits0References2
CVE
CVE
added 2015/03/14 1:0 a.m.39 views

CVE-2015-2107

CVE-2015-2107 affects HP Operations Manager i Management Pack for SAP (1.x) prior to 1.01. The vulnerability allows local users to execute OS commands by leveraging SAP administrative privileges. The available documents do not provide additional details on root cause specifics, affected versions ...

6.8CVSS7.1AI score0.0033EPSS
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2015/03/13 12:0 a.m.38 views

ArcSight Logger - Arbitrary File Upload Code Execution

ArcSight Logger - Arbitrary File Upload Code Execution Exploit Title: ArcSight Logger - Arbitrary File Upload Code Execution Date: 13.03.2015 Exploit Author: Julian Horoszkiewicz Vendor Homepage: www.hp.com Software Link:...

9CVSS0.2AI score0.117EPSS
Exploits2
Exploit DB
Exploit DB
added 2015/03/13 12:0 a.m.51 views

ArcSight Logger - Arbitrary File Upload / Code Execution

Exploit Title: ArcSight Logger - Arbitrary File Upload Code Execution Date: 13.03.2015 Exploit Author: Julian Horoszkiewicz Vendor Homepage: www.hp.com Software Link: http://www8.hp.com/us/en/software-solutions/arcsight-logger-log-management/try-now.html Version: ArcSight Logger 5.3.1.6838.0 and...

9CVSS6.6AI score0.117EPSS
Exploits2
Prion
Prion
added 2015/03/12 10:59 a.m.17 views

Design/Logic Flaw

The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition ESRS VE 3.02 and 3.03 allows remote attackers to execute arbitrary OS commands via unspecified vectors...

7.5CVSS8.2AI score0.03656EPSS
Exploits2References5Affected Software1
CVE
CVE
added 2015/03/12 10:0 a.m.44 views

CVE-2015-0525

The ESRS VE Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (versions 3.02 and 3.03) contains a command injection flaw that could allow an unauthenticated remote attacker to execute arbitrary OS commands. The vulnerability is tied to the Gateway Provisioning component; ...

7.5CVSS7.8AI score0.03656EPSS
Exploits2References5Affected Software1
Prion
Prion
added 2015/02/20 2:59 a.m.14 views

Design/Logic Flaw

The image-upgrade implementation on Cisco Desktop Collaboration Experience aka Collaboration Desk Experience or DX DX650 endpoints allows local users to execute arbitrary OS commands via an unspecified parameter, aka Bug ID CSCus38947...

7.2CVSS7.8AI score0.00323EPSS
Exploits0References2
Cvelist
Cvelist
added 2015/02/07 3:0 p.m.25 views

CVE-2015-0589

The administrative web interface in Cisco WebEx Meetings Server 1.0 through 1.5 allows remote authenticated users to execute arbitrary OS commands with root privileges via unspecified fields, aka Bug ID CSCuj40460...

7.3AI score0.03439EPSS
Exploits0References5
exploitpack
exploitpack
added 2015/02/04 12:0 a.m.67 views

AVG Internet Security 2015.0.5315 - Arbitrary Write Privilege Escalation

AVG Internet Security 2015.0.5315 - Arbitrary Write Privilege Escalation / Exploit Title - AVG Internet Security 2015 Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.avg.com/ Tested Version - 2015.0.5315 Driver...

7.2CVSS0.5AI score0.01458EPSS
Exploits5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/01/27 12:0 a.m.50 views

JVN#77792759: Multiple ASUS wireless LAN routers vulnerable to OS command injection

Multiple wireless LAN routers provided by ASUS JAPAN Inc. contain an OS command injection vulnerability. Impact An arbitrary OS command may be executed by an authenticated attacker. In addition, when this vulnerability is exploited along with the vulnerability stated in JVN32631078, an arbitrary ...

6.5CVSS7AI score0.01911EPSS
Exploits0
0day.today
0day.today
added 2015/01/22 12:0 a.m.128 views

Arris VAP2500 Command Execution Exploit

Arris VAP2500 access points are vulnerable to OS command injection in the web management portal via the toolscommand.php page. Though authentication is required to access this page, it is trivially bypassed by setting the value of a cookie to an md5 hash of a valid username. This module requires...

10CVSS7.1AI score0.62476EPSS
Exploits5
Packet Storm
Packet Storm
added 2015/01/22 12:0 a.m.57 views

Arris VAP2500 tools_command.php Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Arris VAP2500 toolscommand.php Command Execution', 'Description' = %q Arris VAP2500 access points are vulnerable to OS command...

10CVSS0.3AI score0.62476EPSS
Exploits5
0day.today
0day.today
added 2015/01/01 12:0 a.m.42 views

Symantec Web Gateway 5.2.1 OS Command Injection Vilnerability

Symantec Web Gateway versions 5.2.1 and below suffer from a remote OS command injection vulnerability. ------------------------------------------------------------------------------ Symantec Web Gateway = 5.2.1 restore.php OS Command Injection Vulnerability...

6.5CVSS9AI score0.50324EPSS
Exploits6
Exploit DB
Exploit DB
added 2014/12/23 12:0 a.m.49 views

GParted 0.14.1 - OS Command Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: OS Command Execution product: GParted - Gnome Partition Editor vulnerable version: =0.15.0, =0.14.1 with fix for CVE-2014-7208 applied CVE number: CVE-2014-7208 impact:...

7.2CVSS6.4AI score0.01113EPSS
Exploits5
exploitpack
exploitpack
added 2014/12/23 12:0 a.m.46 views

GParted 0.14.1 - OS Command Execution

GParted 0.14.1 - OS Command Execution SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: OS Command Execution product: GParted - Gnome Partition Editor vulnerable version: =0.15.0, =0.14.1 with fix for CVE-2014-7208 appli...

7.2CVSS0.4AI score0.01113EPSS
Exploits5
0day.today
0day.today
added 2014/12/23 12:0 a.m.51 views

GParted 0.14.1 - OS Command Execution Vulnerability

Exploit for linux platform in category local exploits title: OS Command Execution product: GParted - Gnome Partition Editor vulnerable version: =0.15.0, =0.14.1 with fix for CVE-2014-7208 applied CVE number: CVE-2014-7208 impact: medium homepage: http://gparted.org/ found: 2014-07 by: W. Ettlinge...

7.2CVSS0.2AI score0.01113EPSS
Exploits5
securityvulns
securityvulns
added 2014/12/22 12:0 a.m.45 views

SEC Consult SA-20141218-1 :: OS command execution vulnerability in GParted

SEC Consult Vulnerability Lab Security Advisory 20141218-1 ======================================================================= title: OS Command Execution product: GParted - Gnome Partition Editor vulnerable version: =0.14.1 fixed version: =0.15.0, =0.14.1 with fix for CVE-2014-7208 applied C...

7.2CVSS0.1AI score0.01113EPSS
Exploits5
Rows per page
Query Builder