1820 matches found
CVE-2024-24576
CVE-2024-24576 affects Rust’s standard library on Windows where Command::arg/args escaping for batch files was not thorough enough. This could allow arbitrary shell commands when untrusted input is passed to batch file invocations via cmd.exe, enabling LPE/RCE scenarios as described in PoC and pu...
CVE-2024-24576 Rusts's `std::process::Command` did not properly escape arguments of batch files on Windows
Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files with the bat and cmd extensions on Windows using the Command. An attacker able to control the arguments...
CVE-2024-22423 yt-dlp `--exec` command injection when using `%q` in yt-dlp on Windows
yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment...
CVE-2024-22423
VULNERABILITY DETAIL: CVE-2024-22423 affects yt-dlp where output template expansion in --exec (previously vulnerable with %q) could lead to remote command execution via environment-variable expansion. Root cause: insufficient escaping of % characters in Windows command lines, despite earlier fixe...
CVE-2024-22423
yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment...
CVE-2024-22423
yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment...
CVE-2024-22423 yt-dlp `--exec` command injection when using `%q` in yt-dlp on Windows
yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment...
Path Traversal
Lektor is vulnerable to Path Traversal. The vulnerability is due to improper sanitization of user-supplied input, allowing an attacker to execute arbitrary shell commands via manipulated files within the templates directory...
PYSEC-2024-49
Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates directory, if the victim's web browser accesses an untrusted website that uses JavaScript to send requests to localhost port 5000, and the web browser is...
CVE-2024-28335
Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates directory, if the victim's web browser accesses an untrusted website that uses JavaScript to send requests to localhost port 5000, and the web browser is...
PYSEC-2024-49
Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates directory, if the victim's web browser accesses an untrusted website that uses JavaScript to send requests to localhost port 5000, and the web browser is...
CVE-2024-28335
CVE-2024-28335 affects Lektor prior to 3.3.11. The issue is an unsanitized DB path traversal that can permit shell commands via a file added to the templates directory when a user’s browser visits an untrusted site that sends requests to localhost:5000, with the browser and the Lektor server runn...
PT-2024-22395 · Lektor · Lektor
Name of the Vulnerable Software and Affected Versions: Lektor versions prior to 3.3.11 Description: The issue concerns the lack of sanitization of database path traversal in Lektor. This allows shell commands to be executed via a file added to the templates directory under specific conditions. Th...
USN-6714-1: Debian Goodies vulnerability
It was discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands...
LoadMaster 安全漏洞
Kemp LoadMaster is a highly secure application from Kemp. A security vulnerability exists in LoadMaster that originates from an operating system command injection that allows an attacker to inject commands into a UI component using shell commands...
Pyradm - Python Remote Administration Tool Via Telegram
Remote administration crossplatfrom tool via telegram\ Coded with ❤️ python3 + aiogram3 \ https://t.me/ptsoft v0.3 X Screenshot from target X Crossplatform X Upload/Download X Fully compatible shell X Process list X Webcam video record or screenshot X Geolocation X Filemanager X Microphone X...
GHSA-8832-4MM5-X2R6 discordrb OS Command Injection vulnerability
discordrb is an implementation of the Discord API using Ruby. In discordrb before commit 91e13043ffa the encoder.rb file unsafely constructs a shell string using the file parameter, which can potentially leave clients of discordrb vulnerable to command injection. The library is not directly...
CVE-2024-22188
TYPO3 before 13.0.1 allows an authenticated admin user with system maintainer privileges to execute arbitrary shell commands with the privileges of the web server via a command injection vulnerability in form fields of the Install Tool. The fixed versions are 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELT...
Command injection
TYPO3 before 13.0.1 allows an authenticated admin user with system maintainer privileges to execute arbitrary shell commands with the privileges of the web server via a command injection vulnerability in form fields of the Install Tool. The fixed versions are 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELT...
CVE-2024-22188
Summary of CVE-2024-22188 : TYPO3 before 13.0.1 allows an authenticated admin (system maintainer) to inject and execute arbitrary shell commands on the web server via a command injection vulnerability in the Install Tool’s form fields. This impacts TYPO3 core prior to 13.0.1 and is fixed in the f...