45 matches found
Apache Continuum Command Injection Vulnerability
Apache Continuum is a continuous integration server from the Apache Foundation. Apache Continuum suffers from a command injection vulnerability that stems from improper neutralization of special elements in commands, which can be exploited by an attacker to invoke arbitrary commands on the server...
CVE-2016-15057
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the installations REST API can use this to invoke arbitrary commands on the...
GHSA-77P9-W6PJ-RMVG Apache Continuum vulnerable to Command Injection through Installations REST API
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the Installations REST API can use this to invoke arbitrary commands on the...
Apache Continuum vulnerable to Command Injection through Installations REST API
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the Installations REST API can use this to invoke arbitrary commands on the...
Arbitrary Command Injection
Overview org.apache.continuum:continuum is an Apache Continuum is an enterprise-ready continuous integration server with features such as automated builds, release management, role-based security, and integration with popular build tools and source control management systems. Affected versions of...
CVE-2016-15057
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the installations REST API can use this to invoke arbitrary commands on the...
CVE-2016-15057
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the installations REST API can use this to invoke arbitrary commands on the...
CVE-2016-15057
CVE-2016-15057 describes an improper neutralization of special elements in Apache Continuum that enables a Command Injection via the Installations REST API. Affected are all versions of Apache Continuum, and exploitation would allow an attacker to invoke arbitrary commands on the server without u...
CVE-2016-15057
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the installations REST API can use this to invoke arbitrary commands on the...
CVE-2016-15057 Apache Continuum: Command injection leading to RCE
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the installations REST API can use this to invoke arbitrary commands on the...
EUVD-2016-10802
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the installations REST API can use this to invoke arbitrary commands on the...
Apache Continuum 安全漏洞
Apache Continuum is a continuous integration server from the Apache Foundation. Apache Continuum suffers from a command injection vulnerability that stems from improper neutralization of special elements in commands, which can be exploited by an attacker to invoke arbitrary commands on the server...
VulnCheck KEV: CVE-2016-15057
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the installations REST API can use this to invoke arbitrary commands on the...
PT-2026-4763
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the installations REST API can use this to invoke arbitrary commands on the...
EUVD-2010-3447
Malware in sbrugna...
Apache Continuum and Archiva vulnerable to Cross-site Scripting
Cross-site scripting XSS vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta; and Archiva 1.3.0 through 1.3.3 and 1.0 through 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to the autoIncludeParameters setting for the...
GHSA-7382-FV7P-V9V3 Apache Continuum and Archiva vulnerable to Cross-site Scripting
Cross-site scripting XSS vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta; and Archiva 1.3.0 through 1.3.3 and 1.0 through 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to the autoIncludeParameters setting for the...
Remote Code Execution (RCE)
Apache Continuum is vulnerable to remote code execution RCE. A malicious user can inject a command into the system via the varValue POST parameter to get shell access...
Apache Continuum has multiple vulnerabilities
Apache Continuum is the United States Apache Apache Software Foundation, a Java project based on the construction of continuous integration server . Apache Continuum version 1.4.2 suffers from a command injection and reflected cross-site scripting vulnerability, which can be exploited by an...
Apache Continuum 1.4.2 RCE
Remote code execution vulnerability in Apache Continuum Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...