179 matches found
CVE-2011-2195
A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is enabled in config.php, an attacker can invoke the dl.php script and pass a well formed 'path' argument to execute arbitrary commands against the underlying operating system...
websvn 操作系统命令注入漏洞
websvn is a software application. An online Subversion repository viewer. An operating system command injection vulnerability exists in WebSVN. The vulnerability stems from a flaw found in WebSVN 2.3.2. Without prior authentication, if the "allowDownload" option is enabled in config.php, an...
WebSVN Remote Code Execution (CVE-2021-32305)
A remote code execution vulnerability exists in WebSVN. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
VulnCheck KEV: CVE-2021-32305
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...
WebSVN search command execution
Added: 06/23/2021 Background WebSVN is a web interface for Subversion repositories. Problem A command injection vulnerability allows remote unauthenticated attackers to execute arbitrary commands by sending a specially crafted search request. Resolution Upgrade to WebSVN 2.6.1 or higher. Referenc...
WebSVN search command execution
Added: 06/23/2021 Background WebSVN is a web interface for Subversion repositories. Problem A command injection vulnerability allows remote unauthenticated attackers to execute arbitrary commands by sending a specially crafted search request. Resolution Upgrade to WebSVN 2.6.1 or higher. Referenc...
WebSVN search command execution
Added: 06/23/2021 Background WebSVN is a web interface for Subversion repositories. Problem A command injection vulnerability allows remote unauthenticated attackers to execute arbitrary commands by sending a specially crafted search request. Resolution Upgrade to WebSVN 2.6.1 or higher. Referenc...
Websvn 2.6.0 Remote Code Execution
Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Date: 20/06/2021 Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE :...
Websvn 2.6.0 - Remote Code Execution (Unauthenticated)
Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Date: 20/06/2021 Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE :...
Websvn 2.6.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE : CVE-2021-32305 import...
[ASA-202105-16] websvn: arbitrary command execution
Arch Linux Security Advisory ASA-202105-16 ========================================== Severity: High Date : 2021-05-25 CVE-ID : CVE-2021-32305 Package : websvn Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1969 Summary ======= The package websvn before...
CVE-2021-32305
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...
CVE-2021-32305
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...
CVE-2021-32305
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...
Code injection
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...
CVE-2021-32305
WebSVN (versions prior to 2.6.1) is affected by CVE-2021-32305, a remote code execution vulnerability where an attacker can inject shell metacharacters via the search parameter to execute arbitrary commands on the server. The issue is caused by unsafely handling the search input and is rated high...
CVE-2021-32305
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...
websvn 操作系统命令注入漏洞
websvn is a software application. An online Subversion repository viewer. A security vulnerability exists in WebSVN versions prior to 2.6.1 that allows remote attackers to execute arbitrary commands via shell metacharacters in search parameters...
websvn: cross-site scripting
Multiple cross-site scripting XSS vulnerabilities in revision.php, log.php, listing.php, and comp.php in WebSVN allow context-dependent attackers to inject arbitrary web script or HTML via the name of a file or directory in a repository...
Fedora 22 : websvn (2016-cafcf15357)
Fix for CVE-2016-1236. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenab...