1765 matches found
vBulletin 5.x Remote Code Execution
!/usr/bin/env python3 vBulletin 5.x pre-auth widgettabbedContainer RCE exploit by @zenofex import argparse import requests import sys def runexploitvbloc, shellcmd: postdata = 'subWidgets0template' : 'widgetphp', 'subWidgets0configcode' : "echo shellexec'%s'; exit;" % shellcmd r =...
Node.js third-party modules: [freespace] Command Injection due to Lack of Sanitization
I would like to report Command Injection in the freespace module. It allows an attacker to inject and execute shell commands on Unix based systems. Module module name: freespace version: 1.0.4 npm page: https://www.npmjs.com/package/freespace Module Description A library that tells you how much...
Node.js third-party modules: [@knutkirkhorn/free-space] - Command Injection through Lack of Sanitization
I would like to report Command Injection in the free-space module. It allows arbitrary shell command execution on Unix-based systems Module module name: free-space version: 1.2.0 npm page: https://www.npmjs.com/package/free-space Module Description Get the amount of free space for a drive Module...
Valve: Shell command injection in https://partner.steamgames.com/admin/game/publish/ via screenshot URL
Shell command injection in https://partner.steamgames.com/admin/game/publish/ via screenshot URL The vulnerability allowed insufficient validation of parameters, which permitted the injection of shell metacharacters into values used to construct a Bash command...
SNMP Trap Translator: Multiple vulnerabilities
Background SNMP Trap Translator SNMPTT is an SNMP trap handler written in Perl. Description It was found that SNMP Trap Translator does not drop privileges as configured and does not properly escape shell commands in certain functions. Impact A remote attacker, by sending a malicious crafted SNMP...
Valve: Shell command injection in https://partner.steamgames.com/bundles/savestore/ via overwriting asset_path_identifier
Shell command injection in https://partner.steamgames.com/bundles/savestore/ via overwriting assetpathidentifier. Insufficient validation of parameters allowed injecting shell metacharacters into values used to construct a Bash command...
CVE-2020-3332 Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Command Shell Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. The vulnerability is due to insufficient input...
Arbitrary shell command execution in logkitty
Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1...
GHSA-V8V8-6859-QXM4 Arbitrary shell command execution in logkitty
Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1...
Input validation
A vulnerability in the implementation of the inter-VM channel of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, adjacent attacker to execute arbitrary shell comman...
MCIR
This is a collection of intentionally vulnerable applications for testing code injection vulnerabilities. The applications are designed to be used in a trusted web environment and should not be published on a production server or exposed to the internet. The applications include: CryptOMG: A...
logkitty npm package code injection vulnerability
The logkitty npm package is a package for displaying Android and iOS logs. A code injection vulnerability in logkitty npm package versions prior to 0.7.1, which stems from the program's lack of output cleanup, can be exploited by an attacker to execute arbitrary shell commands...
CVE-2020-8149
The CVE-2020-8149 issue affects the logkitty npm package prior to version 0.7.1. Root cause: lack of output sanitization leads to code injection where an attacker can cause arbitrary shell commands to be executed. Impact: remote code execution via logkitty when processing log output, enabling att...
CVE-2020-8149
Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1...
CVE-2019-17562
A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all versions prior to 4.13.1. The vulnerability is due to the lack of validation of the mac parameter in baremetal virtual router. If you insert an arbitrary shell command into the mac...
CVE-2019-17562
A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all versions prior to 4.13.1. The vulnerability is due to the lack of validation of the mac parameter in baremetal virtual router. If you insert an arbitrary shell command into the mac...
Buffer overflow
A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all versions prior to 4.13.1. The vulnerability is due to the lack of validation of the mac parameter in baremetal virtual router. If you insert an arbitrary shell command into the mac...
CVE-2020-2014
An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7...
Privilege Escalation
subversion is vulnerable to privilege escalation. The vulnerability exists as a maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicio...
Opmantek Open-AudIT Injection Vulnerability
Opmantek Open-AudIT is an open source network discovery and auditing program from Opmantek USA. The program intelligently scans networks and network devices and provides status reports. Opmantek Open-AudIT suffers from an injection vulnerability. An attacker can exploit this vulnerability to inje...