foomatic-gui python-foomatic 0.7.9.4 - 'pysmb.py' Arbitrary Shell Command Execution

source: https://www.securityfocus.com/bid/48982/info foomatic-gui is prone to a remote arbitrary shell-command-execution vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary shell commands in the context of t...

WordPress Plugin (FCKeditor) File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

SGL.cms 0.6.0 FCKeditor Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

SGL.cms v0.6.8 (FCKeditor) Arbitrary Shell Upload

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

CmsFromScratch 1.9.2 (FCKeditor) Arbitrary Shell Upload Exploit

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

klibc 1.5.2 - DHCP Options Processing Remote Shell Command Execution

klibc 1.5.2 - DHCP Options Processing Remote Shell Command Execution source: https://www.securityfocus.com/bid/47924/info klibc is prone to a shell-command-execution vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute...

Vmware vSphere Management Assistant (vMA) - Local Privilege Escalation

======================================================================= Vmware vSphere Management Assistant vMA - Local Privilege Escalation ======================================================================= Affected Software : Vmware vSphere Management Assistant vMA Severity : Medium...

Vmware vSphere Management Assistant (vMA) Privilege Escalation

======================================================================= Vmware vSphere Management Assistant vMA - Local Privilege Escalation ======================================================================= Affected Software : Vmware vSphere Management Assistant vMA Severity : Medium...

Bitweaver 2.x (FCKeditor) Multiple Arbitrary Shell Upload

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

FreeBSD : rubygem-mail -- Remote Arbitrary Shell Command Injection Vulnerability (1cae628c-3569-11e0-8e81-0022190034c0)

Secunia reports : Input passed via an email from address is not properly sanitised in the 'deliver' function lib/mail/network/deliverymethods/sendmail.rb before being used as a command line argument. This can be exploited to inject arbitrary shell commands. %NASLMINLEVEL 70300 C Tenable Network...

Mitel Audio and Web Conferencing (AWC) Remote Arbitrary Shell Command Injection Vulnerability

Mitel Audio and Web Conferencing AWC is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Remote attackers can exploit this issue to execute arbitrary shell commands with the privileges of the user running the application. OpenVAS...

Mitel Audio and Web Conferencing (AWC) - Arbitrary Shell Command Injection

Mitel Audio and Web Conferencing AWC - Arbitrary Shell Command Injection source: https://www.securityfocus.com/bid/45537/info Mitel Audio and Web Conferencing AWC is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Remote attacker...

Mitel Audio and Web Conferencing (AWC) - Arbitrary Shell Command Injection

source: https://www.securityfocus.com/bid/45537/info Mitel Audio and Web Conferencing AWC is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Remote attackers can exploit this issue to execute arbitrary shell commands with the...

DMSEasy 0.9.7 Arbitrary Shell Upload

!/usr/bin/perl use strict; use warnings; use LWP::UserAgent; use HTTP::Request::Common; print ; print "Enter File Pathpath to local file to upload: "; chompmy $file=; my $ua = LWP::UserAgent-new; my $re = $ua-requestPOST $url.'/FCKeditor/editor/filemanager/upload/php/upload.php', ContentType =...

Joomla Camp26 VisitorData Module Shell Command Injection Vulnerability

No description provided by source. A vulnerability has been discovered in the Camp26 VisitorData module for Joomla, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "X-Forwarded-For" HTTP header is not properly sanitised before being used as a...

DSA-2021-2 spamass-milter - regression fix

Bulletin has no description...

OpenSSH X Connections Session Hijacking Vulnerability

OpenSSH is prone to a vulnerability that allows attackers to hijack forwarded X connections. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CP...

DSA-2021-1 spamass-milter - remote command execution

Bulletin has no description...

CVE-2009-4024

Argument injection vulnerability in the ping function in Ping.php in the NetPing package before 2.4.5 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: this has also been reported as a shell metacharacter problem...

Design/Logic Flaw

Argument injection vulnerability in the ping function in Ping.php in the NetPing package before 2.4.5 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: this has also been reported as a shell metacharacter problem...