PT-2025-44480

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.8.7 Description Nagios XI used a temporary directory for Highcharts exports with overly permissive ownership and permissions under the Apache user. This allowed local or co-hosted processes to read or overwrite...

EUVD-2012-2740

Malware in sbrugna...

CVE-2022-46302 Remote Code Execution with Root Privileges via Broad Apache Permissions

Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk = 2.1.0p6, Checkmk = 2.0.0p27, and all versions of Checkmk 1.6.0 EOL allowing an attacker to perform remote code execution wi...

CVE-2022-46302 Remote Code Execution with Root Privileges via Broad Apache Permissions

Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk = 2.1.0p6, Checkmk = 2.0.0p27, and all versions of Checkmk 1.6.0 EOL allowing an attacker to perform remote code execution wi...

CVE-2020-3484

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. The vulnerability is due to incorrect permissions within Apache configuration. An attacke...

Symantec Web Gateway 5.0.3.18 LFI Remote ROOT RCE Exploit

No description provided by source. !/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a different LFI...