Pivotal Software Spring Framework Arbitrary Command Execution Vulnerability

Pivotal Software Spring Framework is the U.S. Pivotal Software's set of open source Java, Java EE application framework. The framework helps developers build high-quality applications . An arbitrary command execution vulnerability exists in Pivotal Software Spring Framework. An attacker can explo...

The vulnerability of the microprogrammed software of the D–Link DSR–500 router allows a malicious individual to execute arbitrary system commands.

The web interface of the router allows for the execution of a limited number of system commands ping, traceroute, dnslookup. However, it is possible to execute any command that is separated by a system separator from the allowed commands...

Vulnerabilities of the Alt Linux SPT operating system, which allow a malicious attacker to disable the device’s functionality

Multiple vulnerabilities in the bash command-line interpreter of the Altron Linux SPT operating system are caused by errors in processing input data during syntax analysis of code. Exploiting these vulnerabilities allows a malicious individual to execute arbitrary commands with the privileges of...

PT-2016-5989 · Bosch Rexroth · Bladecontrol-Webvis

Name of the Vulnerable Software and Affected Versions: Rexroth Bosch BLADEcontrol-WebVIS versions 3.0.2 and earlier Description: The issue allows remote authenticated users to execute arbitrary SQL commands. Recommendations: For Rexroth Bosch BLADEcontrol-WebVIS versions 3.0.2 and earlier, at the...

BMC Server Automation RSCD Agent Weak ACL NSH Arbitrary Command Execution

Binary data bmcrscdnshaclcheck.nbin...

The vulnerability of the Oracle Fusion Middleware software platform allows a malicious individual to execute arbitrary commands, disrupt the logic of the script, and obtain the original script code.

The vulnerability of the Oracle Containers platform’s J2EE component in Oracle Fusion Middleware software relates to an error that occurs due to improper handling of the zero byte during the transmission of a request to another static page or JSP script using functions like pageContext.forward or...

XpoLog Center 6 - Remote Command Execution / Cross-Site Request Forgery

Exploit for jsp platform in category web applications XpoLog Center V6 CSRF Remote Command Execution Vendor: XpoLog LTD Product web page: http://www.xpolog.com Affected version: 6.4469 6.4254 6.4252 6.4250 6.4237 6.4235 5.4018 Summary: Applications Log Analysis and Management Platform. Desc:...

XpoLog Center 6 - Remote Command Execution Cross-Site Request Forgery

XpoLog Center 6 - Remote Command Execution Cross-Site Request Forgery XpoLog Center V6 CSRF Remote Command Execution Vendor: XpoLog LTD Product web page: http://www.xpolog.com Affected version: 6.4469 6.4254 6.4252 6.4250 6.4237 6.4235 5.4018 Summary: Applications Log Analysis and Management...

XpoLog Center 6 - Remote Command Execution / Cross-Site Request Forgery

XpoLog Center V6 CSRF Remote Command Execution Vendor: XpoLog LTD Product web page: http://www.xpolog.com Affected version: 6.4469 6.4254 6.4252 6.4250 6.4237 6.4235 5.4018 Summary: Applications Log Analysis and Management Platform. Desc: XpoLog suffers from arbitrary command execution. Attackers...

CVE-2016-1408

Cisco Prime Infrastructure (PI) versions 1.2–3.1 and EPNM versions 1.2–2.0 expose a web-UI vulnerability that allows an authenticated, remote attacker to upload arbitrary files and execute commands via a crafted HTTP request. The root cause is incomplete input validation in the web interface. Imp...

XpoLog Center 6 Cross Site Request Forgery

XpoLog Center V6 CSRF Remote Command Execution Vendor: XpoLog LTD Product web page: http://www.xpolog.com Affected version: 6.4469 6.4254 6.4252 6.4250 6.4237 6.4235 5.4018 Summary: Applications Log Analysis and Management Platform. Desc: XpoLog suffers from arbitrary command execution. Attackers...

MileSight camera privilege control page unauthorized access vulnerability

MileSight camera is a network camera produced by Xiamen PulseVision Digital Technology Co. An unauthorized access vulnerability exists in the privilege control page of MileSight camera. An unauthorized attacker can use the vulnerability to execute arbitrary commands...

Arbitrary Command Execution Vulnerability in a System of China Soft Technology

Ltd. is a product of the implementation of the pilot project of knowledge innovation by the Institute of Software of the Chinese Academy of Sciences, and is the result of the restructuring of the main body of the Institute's technological research and development. An arbitrary command execution...

PT-2016-6165 · Corega · Corega Cg-Wlbargl

Name of the Vulnerable Software and Affected Versions: Corega CG-WLBARGL devices affected versions not specified Description: The issue allows remote authenticated users to execute arbitrary commands via unspecified vectors. Recommendations: At the moment, there is no information about a newer...

IBM MessageSight Arbitrary Command Execution Vulnerability

IBM MessageSight is an IBM messaging appliance designed for machine-to-machine m2m and mobile environments that supports real-time processing of large numbers of events and provides messaging capabilities inside and outside the enterprise. An arbitrary command execution vulnerability exists in IB...

Meteocontrol WEB'log arbitrary command execution vulnerability

No description provided by source...

Apache Continuum 1.4.2 Arbitrary Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Continuum Arbitrary Command Execution', 'Description' = %q This module exploits a command injection in Apache Continuum 'David Shanahan',...

IBM WebSphere MQ Arbitrary Command Execution Vulnerability

IBM WebSphere MQ is a messaging middleware product. An arbitrary command execution vulnerability exists in IBM WebSphere MQ, which can be exploited by a local attacker to execute arbitrary commands with elevated privileges...

Apache Continuum 1.4.2任意命令执行

No description provided by source...

CVE-2015-7611

Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors...