SkyBlueCanvas CMS - Remote Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def...

Adobe Acrobat Reader (UNIX) 5.0 6,Xpdf 0.9x Hyperlinks Arbitrary Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled within the viewer. Allegedly, by placing a specially...

YaBB 9.11.2000 search.pl Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1921/info YaBB Yet Another Bulletin Board is a popular perl-based bulletin board scripting package. search. pl, one of several perl scripts which comprise YaBB, fails to properly validate user input which arguments a call...

Joe Text Editor 2.8 .joerc Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2437/info Joe is a text editor originally written by Joseph Allen. Joe offers a user-friendly interface, with key binding and configuration familiar to many users of Microsoft Word Processing tools. A problem in the...

AjaXplorer checkInstall.php Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Nagios Remote Plugin Executor Arbitrary Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'zlib' class...

WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (meta)

No description provided by source. Reference: http://www.milw0rm.com/id.php?id=1231 kcope /str0ke Metasploit plugin for: Wzdftpd SITE Command Arbitrary Command Execution 2005 11 26 - David Maciejak package Msf::Exploit::wzdftpdsite; use base Msf::Exploit; use strict; use Pex::Text; my $advanced =...

Symantec System Center Alert Management System (hndlrsvc.exe) Arbitrary Command Execution

No description provided by source. $Id: amshndlrsvc.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

SMBlog 1.2 Arbitrary PHP Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16905/info SMBlog is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitra...

SGI IRIX <= 6.4 rmail Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/460/info A vulnerability exists in the rmail utility, included by SGI with it's Irix operating system. By failing to sanity check the contents of an environment variable, arbitrary commands may be executed with gid mail...

Qualiteam X-Cart 3.x general.php perl_binary Parameter Arbitrary Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/9560/info X-Cart has been reported to be prone to an issue that may allow remote attackers to execute arbitrary commands on the affected system. The issue is caused by a failure of the application to sanitize values...

Novell Identity Manager Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19688/info Novell Identity Manager is prone to an arbitrary command-execution vulnerability. A local attacker can exploit this issue to execute arbitrary commands with superuser privileges. Exploiting this issue allows...

Qualiteam X-Cart 3.x upgrade.php perl_binary Parameter Arbitrary Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/9560/info X-Cart has been reported to be prone to an issue that may allow remote attackers to execute arbitrary commands on the affected system. The issue is caused by a failure of the application to sanitize values...

ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability

No description provided by source. ?php / ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability Vendor: ViArt Software Product web page: http://www.viart.com Affected version: 4.1, 4.0.8, 4.0.5 Summary: Viart Shop is a PHP based e-commerce suite, aiming to provide everything you nee...

Caldera UnixWare 7.1.1 WebTop SCOAdminReg.CGI Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3936/info UnixWare is a commercial Unix implementation distributed originally developed by SCO. It is now maintained and distributed by Caldera. The scoadminreg.cgi program does not properly validate user input when...

Prodder 0.4 Arbitrary Shell Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18068/info Prodder is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute...

JamMail 1.8 Jammail.pl Remote Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13937/info JamMail is prone to a remote arbitrary command execution vulnerability. This vulnerability may allow an attacker to supply arbitrary commands through the 'jammail.pl' script. This can lead to various attacks...

Microsoft Windows XP HCP URI Handler Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9621/info The Microsoft Windows XP HCP URI handler has been reported prone to a vulnerability that may provide for arbitrary command execution. The issue is reported to present itself when a specially formatted HCP URI th...

WebGUI 6.x Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15083/info WebGUI is prone to an arbitrary command execution vulnerability. This is due to insufficient sanitization of user-supplied data. This issue can facilitate unauthorized remote access...

Zeroboard 4.1 PHP Include File Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5028/info Zeroboard is a PHP web board package available for the Linux and Unix platforms. Under some circumstances, it may be possible to include arbitrary PHP files. The head.php file does not sufficiently check or...