1820 matches found
Code injection
Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string...
CVE-2009-4646
CVE-2009-4646 affects the Accellion Secure File Transfer Appliance. The available connected records describe a static code injection vulnerability in the appliance’s administrative web interface that allows remote authenticated administrators to inject arbitrary shell commands by appending them t...
SystemTap 1.0 - stat-server Arbitrary Command Injection
SystemTap 1.0 - stat-server Arbitrary Command Injection source: https://www.securityfocus.com/bid/37842/info SystemTap is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Remote attackers can exploit this issue to execute arbitrar...
FreeBSD Ports: pear-Net_Ping
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
GLSA-200911-06 : PEAR Net_Traceroute: Command injection
The remote host is affected by the vulnerability described in GLSA-200911-06 PEAR NetTraceroute: Command injection Pasquale Imperato reported that the $host parameter to the traceroute function in Traceroute.php is not properly sanitized before being passed to exec. Impact : A remote attacker cou...
CVE-2009-4024
Argument injection vulnerability in the ping function in Ping.php in the NetPing package before 2.4.5 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: this has also been reported as a shell metacharacter problem...
Design/Logic Flaw
Argument injection vulnerability in the ping function in Ping.php in the NetPing package before 2.4.5 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: this has also been reported as a shell metacharacter problem...
CVE-2009-4025
Argument injection vulnerability in the traceroute function in Traceroute.php in the NetTraceroute package before 0.21.2 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: some of these details are obtained from third party information...
CVE-2009-4024
CVE-2009-4024 affects php-net-ping (PEAR Net_Ping). The vulnerability is in Ping.php, where insufficient input sanitising allows remote attackers to inject commands via the host parameter, enabling remote code execution. Affected versions are prior to 2.4.5; multiple advisories (Debian DSA-1949-1...
Design/Logic Flaw
Unspecified vulnerability in the Random Images maagrandomimage extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors...
CVE-2009-3819
Unspecified vulnerability in the Random Images maagrandomimage extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors...
CVE-2009-3819
Unspecified vulnerability in the Random Images maagrandomimage extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors...
Mail Content Firefox Command Line URL Shell Command Injection (CVE-2005-2968)
The Firefox web browser is an application designed for tasks related to browsing the web, such as displaying HTML pages, downloading files, and so on. On Unix-like systems, Firefox is usually invoked through the start-up script firefox, rather than by directly executing the firefox-bin binary. Th...
FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution
No description provided by source. Security Advisory ----------------- FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution Researcher Information ---------------------- Discovered by: Giuseppe Zmax Fuggiano Website: http://www.giusef.net Contact:...
Changetrack 4.3-3 Privilege Escalation
TITLE: Changetrack Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA36756 VERIFY ADVISORY: http://secunia.com/advisories/36756/ DESCRIPTION: A vulnerability has been discovered in Changetrack, which can be exploited by malicious, local users to gain escalated privileges. The application...
Changetrack 4.3-3 Local Privilege Escalation Vulnerability
No description provided by source. TITLE: Changetrack Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA36756 VERIFY ADVISORY: http://secunia.com/advisories/36756/ DESCRIPTION: A vulnerability has been discovered in Changetrack, which can be exploited by malicious, local users to gain...
Changetrack 4.3-3 Local Privilege Escalation Vulnerability
Exploit for linux platform in category local exploits ========================================================== Changetrack 4.3-3 Local Privilege Escalation Vulnerability ========================================================== TITLE: Changetrack Privilege Escalation Vulnerability SECUNIA...
Changetrack 4.3-3 - Local Privilege Escalation
Changetrack 4.3-3 - Local Privilege Escalation TITLE: Changetrack Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA36756 VERIFY ADVISORY: http://secunia.com/advisories/36756/ DESCRIPTION: A vulnerability has been discovered in Changetrack, which can be exploited by malicious, local users...
CVE-2008-7125
Vulnerability CVE-2008-7125 affects Ariadne pphoto before 2.6. Remote authenticated users with certain privileges can execute arbitrary shell commands via vectors related to PINP programs and the annotate command. Root cause involves command execution via those vectors; impact is arbitrary code e...
Cross site request forgery (csrf)
Web Management Console Cross-site request forgery CSRF vulnerability in the web management console in F5 BIG-IP 9.4.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrators and execute shell commands, as demonstrated using...