Lucene search
+L

179 matches found

Cvelist
Cvelist
added 2021/10/26 12:10 p.m.34 views

CVE-2011-2195

A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is enabled in config.php, an attacker can invoke the dl.php script and pass a well formed 'path' argument to execute arbitrary commands against the underlying operating system...

9.8AI score0.02579EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/26 12:0 a.m.7 views

websvn 操作系统命令注入漏洞

websvn is a software application. An online Subversion repository viewer. An operating system command injection vulnerability exists in WebSVN. The vulnerability stems from a flaw found in WebSVN 2.3.2. Without prior authentication, if the "allowDownload" option is enabled in config.php, an...

9.8CVSS8.7AI score0.02579EPSS
Exploits1References2
Check Point Advisories
Check Point Advisories
added 2021/08/31 12:0 a.m.37 views

WebSVN Remote Code Execution (CVE-2021-32305)

A remote code execution vulnerability exists in WebSVN. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.6AI score0.86716EPSS
Exploits9
VulnCheck KEV
VulnCheck KEV
added 2021/08/30 12:0 a.m.5 views

VulnCheck KEV: CVE-2021-32305

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...

10CVSS7.6AI score0.86716EPSS
Exploits9References1
Saint
Saint
added 2021/06/23 12:0 a.m.194 views

WebSVN search command execution

Added: 06/23/2021 Background WebSVN is a web interface for Subversion repositories. Problem A command injection vulnerability allows remote unauthenticated attackers to execute arbitrary commands by sending a specially crafted search request. Resolution Upgrade to WebSVN 2.6.1 or higher. Referenc...

10CVSS5AI score0.86716EPSS
Exploits9
Saint
Saint
added 2021/06/23 12:0 a.m.245 views

WebSVN search command execution

Added: 06/23/2021 Background WebSVN is a web interface for Subversion repositories. Problem A command injection vulnerability allows remote unauthenticated attackers to execute arbitrary commands by sending a specially crafted search request. Resolution Upgrade to WebSVN 2.6.1 or higher. Referenc...

10CVSS10AI score0.86716EPSS
Exploits9
Saint
Saint
added 2021/06/23 12:0 a.m.108 views

WebSVN search command execution

Added: 06/23/2021 Background WebSVN is a web interface for Subversion repositories. Problem A command injection vulnerability allows remote unauthenticated attackers to execute arbitrary commands by sending a specially crafted search request. Resolution Upgrade to WebSVN 2.6.1 or higher. Referenc...

10CVSS10AI score0.86716EPSS
Exploits9
Packet Storm
Packet Storm
added 2021/06/22 12:0 a.m.282 views

Websvn 2.6.0 Remote Code Execution

Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Date: 20/06/2021 Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE :...

10CVSS9.6AI score0.86716EPSS
Exploits9
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.528 views

Websvn 2.6.0 - Remote Code Execution (Unauthenticated)

Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Date: 20/06/2021 Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE :...

10CVSS9.8AI score0.86716EPSS
Exploits9
0day.today
0day.today
added 2021/06/21 12:0 a.m.191 views

Websvn 2.6.0 - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE : CVE-2021-32305 import...

10CVSS0.86716EPSS
Exploits9
ArchLinux
ArchLinux
added 2021/05/25 12:0 a.m.199 views

[ASA-202105-16] websvn: arbitrary command execution

Arch Linux Security Advisory ASA-202105-16 ========================================== Severity: High Date : 2021-05-25 CVE-ID : CVE-2021-32305 Package : websvn Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1969 Summary ======= The package websvn before...

10CVSS3.1AI score0.86716EPSS
Exploits9References4
OSV
OSV
added 2021/05/18 5:15 p.m.24 views

CVE-2021-32305

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...

9.8CVSS7.8AI score
Exploits0References2
NVD
NVD
added 2021/05/18 5:15 p.m.13 views

CVE-2021-32305

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...

10CVSS0.86716EPSS
Exploits9References2
ATTACKERKB
ATTACKERKB
added 2021/05/18 5:15 p.m.329 views

CVE-2021-32305

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...

10CVSS7.3AI score0.86716EPSS
In wildExploits9References4
Prion
Prion
added 2021/05/18 5:15 p.m.20 views

Code injection

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...

10CVSS9.7AI score0.86716EPSS
Exploits9References2Affected Software1
CVE
CVE
added 2021/05/18 4:11 p.m.308 views

CVE-2021-32305

WebSVN (versions prior to 2.6.1) is affected by CVE-2021-32305, a remote code execution vulnerability where an attacker can inject shell metacharacters via the search parameter to execute arbitrary commands on the server. The issue is caused by unsafely handling the search input and is rated high...

10CVSS9.6AI score0.86716EPSS
In wildExploits9References2Affected Software1
Cvelist
Cvelist
added 2021/05/18 4:11 p.m.68 views

CVE-2021-32305

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...

10AI score0.86716EPSS
Exploits9References2
CNNVD
CNNVD
added 2021/05/18 12:0 a.m.5 views

websvn 操作系统命令注入漏洞

websvn is a software application. An online Subversion repository viewer. A security vulnerability exists in WebSVN versions prior to 2.6.1 that allows remote attackers to execute arbitrary commands via shell metacharacters in search parameters...

10CVSS8.8AI score0.86716EPSS
Exploits9References5
ArchLinux
ArchLinux
added 2016/08/11 12:0 a.m.43 views

websvn: cross-site scripting

Multiple cross-site scripting XSS vulnerabilities in revision.php, log.php, listing.php, and comp.php in WebSVN allow context-dependent attackers to inject arbitrary web script or HTML via the name of a file or directory in a repository...

4.3CVSS3.2AI score0.00857EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/07/14 12:0 a.m.31 views

Fedora 22 : websvn (2016-cafcf15357)

Fix for CVE-2016-1236. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenab...

6.1CVSS6.1AI score0.00857EPSS
Exploits0References2
Rows per page
Query Builder