1799 matches found
TWiki Search.pm shell command injection
Added: 04/06/2006 CVE: CVE-2004-1037 BID: 11674 OSVDB: 11714 Background TWiki is a web-based collaboration platform written in PERL. Problem The Search.pm module does not sufficiently check search strings for illegal characters, allowing remote attackers to execute commands using search strings...
TWiki revision control shell command injection
Added: 04/06/2006 CVE: CVE-2005-2877 BID: 14834 OSVDB: 19403 Background TWiki is a web-based collaboration platform written in PERL. Problem The revision control function in TWiki does not sufficiently check the rev parameter before using it in a shell command call. This allows remote attackers t...
TWiki revision control shell command injection
Added: 04/06/2006 CVE: CVE-2005-2877 BID: 14834 OSVDB: 19403 Background TWiki is a web-based collaboration platform written in PERL. Problem The revision control function in TWiki does not sufficiently check the rev parameter before using it in a shell command call. This allows remote attackers t...
TWiki Search.pm shell command injection
Added: 04/06/2006 CVE: CVE-2004-1037 BID: 11674 OSVDB: 11714 Background TWiki is a web-based collaboration platform written in PERL. Problem The Search.pm module does not sufficiently check search strings for illegal characters, allowing remote attackers to execute commands using search strings...
[SA19453] v-creator VCEngine.php Shell Command Injection Vulnerability
TITLE: v-creator VCEngine.php Shell Command Injection Vulnerability SECUNIA ADVISORY ID: SA19453 VERIFY ADVISORY: http://secunia.com/advisories/19453/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: v-creator 1.x http://secunia.com/product/9080/ DESCRIPTION: A...
[SECURITY] [DSA 1006-1] New wzdftpd packages fix arbitrary shell command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1006-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 16th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1006-1] New wzdftpd packages fix arbitrary shell command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1006-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 16th, 2005 http://www.debian.org/security/faq -...
Gallery <= 2.0.3 stepOrder[] Remote Commands Execution Exploit
Exploit for unknown platform in category web applications ============================================================== Gallery autisticiorg \r\n"; echo "site: http://retrogod.altervista.org \r\n\r\n"; echo "- works with registerglobals = On and magicquotesgpc = Off \r\n"; if $argc5 echo "Usage:...
EV0082.txt
New eVuln Advisory: Leif M. Wright's Blog Multiple Vulnerabilities http://evuln.com/vulns/82/summary.html --------------------Summary---------------- eVuln ID: EV0082 CVE: CVE-2006-0843 CVE-2006-0844 CVE-2006-0845 CVE-2006 Software: Leif M. Wright's Blog Sowtware's Web Site:...
[eVuln] Leif M. Wright's Blog Multiple Vulnerabilities
New eVuln Advisory: Leif M. Wright's Blog Multiple Vulnerabilities http://evuln.com/vulns/82/summary.html --------------------Summary---------------- eVuln ID: EV0082 CVE: CVE-2006-0843 CVE-2006-0844 CVE-2006-0845 CVE-2006 Software: Leif M. Wright's Blog Sowtware's Web Site:...
Admbook <= 1.2.2 (X-Forwarded-For) Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl -w use IO::Socket; print "\r\n"; print "| Admbook =1.2.2 X-Forwarded-For cmmnds xctn xploit |\r\n"; print "| By rgod rgodATautisticiDOTorg |\r\n"; print "| site: http://retrogod.altervista.org |\r\n"; print "| |\r\n"; print "| Sun-Tzu: "Rouse him,...
ImageMagick security update
CentOS Errata and Security Advisory CESA-2006:178-2 Updated ImageMagick packages that fix two security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagickTM is an image display and manipulation tool for the X...
ImageMagick security update
CentOS Errata and Security Advisory CESA-2006:0178 Updated ImageMagick packages that fix two security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagickTM is an image display and manipulation tool for the X...
[SECURITY] [DSA 957-2] New ImageMagick packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 957-2 [email protected] http://www.debian.org/security/ Martin Schulze January 31st, 2006 http://www.debian.org/security/faq -...
SHOUTcast 1.9.4 - File Request 'Leaked' Format String
/ Shoutcast include include include include include include include include include include include define SHELLPORT 7000 define SHELLCOMMAND "unset HISTFILE; uname -a; id;" if 1 unsigned char shellcode = / bindshell 7000 Unknown /...
DSA-957-2 imagemagick - missing shell meta sanitising
Bulletin has no description...
[SA18579] OpenSSH scp Command Line Shell Command Injection
TITLE: OpenSSH scp Command Line Shell Command Injection SECUNIA ADVISORY ID: SA18579 VERIFY ADVISORY: http://secunia.com/advisories/18579/ CRITICAL: Not critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: OpenSSH 4.x http://secunia.com/product/5653/ OpenSSH 3.x...
[SA18556] Etomite "cij" Shell Command Execution Backdoor Security Issue
TITLE: Etomite "cij" Shell Command Execution Backdoor Security Issue SECUNIA ADVISORY ID: SA18556 VERIFY ADVISORY: http://secunia.com/advisories/18556/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Etomite 0.x http://secunia.com/product/6896/ DESCRIPTION: Luca Ercol...
GLSA-200512-10 : Opera: Command-line URL shell command injection
The remote host is affected by the vulnerability described in GLSA-200512-10 Opera: Command-line URL shell command injection Peter Zelezny discovered that the shell script used to launch Opera parses shell commands that are enclosed within backticks in the URL provided via the command line. Impac...
Shell Command Execution Vulnerability
The remote port seems to be running some form of shell script, with some provided user input. The input is not stripped for such meta characters as SPDX-FileCopyrightText: 2001 SecurITeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...